From 86d0a01f19d65efd1f369288052376e4d3fc87df Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Thu, 3 Oct 2024 01:20:18 +0300 Subject: [PATCH 001/404] synapse-admin: authenticated media and options to delete media and redact events on user removal --- roles/custom/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index 62f8a1602..71b2c0d52 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git" # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin -matrix_synapse_admin_version: v0.10.3-etke17 +matrix_synapse_admin_version: v0.10.3-etke18 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From 7f5f44ed47f48cb378f4f0f1985411f88b8874b7 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 3 Oct 2024 05:33:03 +0000 Subject: [PATCH 002/404] Update nginx Docker tag to v1.27.2 --- .../matrix-synapse-reverse-proxy-companion/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml b/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml index 1220bb0f6..9be2f11a3 100644 --- a/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml +++ b/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml @@ -13,7 +13,7 @@ matrix_synapse_reverse_proxy_companion_enabled: true # renovate: datasource=docker depName=nginx -matrix_synapse_reverse_proxy_companion_version: 1.27.1-alpine +matrix_synapse_reverse_proxy_companion_version: 1.27.2-alpine matrix_synapse_reverse_proxy_companion_base_path: "{{ matrix_synapse_base_path }}/reverse-proxy-companion" matrix_synapse_reverse_proxy_companion_confd_path: "{{ matrix_synapse_reverse_proxy_companion_base_path }}/conf.d" From 3a082457f2e2c9e9c676b595c624052661148dd9 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Oct 2024 09:29:13 +0300 Subject: [PATCH 003/404] Update default OpenAI provider for biabot to use gpt-4o (instead of gpt-4o-2024-08-06) Since 2024-10-02, `gpt-4o` is actually the same as `gpt-4o-2024-08-06`. We previously used `gpt-4o-2024-08-06`, because it was pointing to a much better (longer context) model. Since they're both the same now, we'd better stick to the unpinned model and make it easier for future users to get upgrades. --- docs/configuring-playbook-bot-baibot.md | 2 +- roles/custom/matrix-bot-baibot/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bot-baibot.md b/docs/configuring-playbook-bot-baibot.md index 6397584fe..6024015e5 100644 --- a/docs/configuring-playbook-bot-baibot.md +++ b/docs/configuring-playbook-bot-baibot.md @@ -249,7 +249,7 @@ matrix_bot_baibot_config_agents_static_definitions_openai_config_api_key: "YOUR_ # matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_prompt: "{{ matrix_bot_baibot_config_agents_static_definitions_prompt }}" # If you'd like to use another text-generation agent, uncomment and adjust: -# matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id: gpt-4o-2024-08-06 +# matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id: gpt-4o # See `defaults/main.yml` in the baibot role for more configuration options. ``` diff --git a/roles/custom/matrix-bot-baibot/defaults/main.yml b/roles/custom/matrix-bot-baibot/defaults/main.yml index eab2ed506..6b7fdbc54 100644 --- a/roles/custom/matrix-bot-baibot/defaults/main.yml +++ b/roles/custom/matrix-bot-baibot/defaults/main.yml @@ -356,7 +356,7 @@ matrix_bot_baibot_config_agents_static_definitions_openai_config_api_key: "" matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_enabled: true # For valid model choices, see: https://platform.openai.com/docs/models -matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id: gpt-4o-2024-08-06 +matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id: gpt-4o # The prompt text to use (can be null or empty to not use a prompt). # See: https://huggingface.co/docs/transformers/en/tasks/prompting matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_prompt: "{{ matrix_bot_baibot_config_agents_static_definitions_prompt }}" From f3709f7df45d4c0cca12bfe844b3e19c89e6996f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Oct 2024 12:13:40 +0300 Subject: [PATCH 004/404] Upgrade baibot (v1.2.0 -> v1.3.0) and adjust default static definitions prompt The new prompt makes use of the new `baibot_conversation_start_time_utc` prompt variable, which is not a moving target (like `baibot_now_utc`) and as such allows prompt caching to work. Ref: https://platform.openai.com/docs/guides/prompt-caching --- roles/custom/matrix-bot-baibot/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/custom/matrix-bot-baibot/defaults/main.yml b/roles/custom/matrix-bot-baibot/defaults/main.yml index 6b7fdbc54..ec368e408 100644 --- a/roles/custom/matrix-bot-baibot/defaults/main.yml +++ b/roles/custom/matrix-bot-baibot/defaults/main.yml @@ -11,7 +11,7 @@ matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_versio matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src" # renovate: datasource=docker depName=ghcr.io/etkecc/baibot -matrix_bot_baibot_version: v1.2.0 +matrix_bot_baibot_version: v1.3.0 matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_name_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}" matrix_bot_baibot_container_image_name_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else 'ghcr.io/' }}" matrix_bot_baibot_container_image_force_pull: "{{ matrix_bot_baibot_container_image.endswith(':latest') }}" @@ -155,7 +155,7 @@ matrix_bot_baibot_config_agents_static_definitions_auto: |- }} matrix_bot_baibot_config_agents_static_definitions_custom: [] -matrix_bot_baibot_config_agents_static_definitions_prompt: "{% raw %}You are a brief, but helpful bot called {{ baibot_name }} powered by the {{ baibot_model_id }} model. The date/time now is: {{ baibot_now_utc }}.{% endraw %}" +matrix_bot_baibot_config_agents_static_definitions_prompt: "{% raw %}You are a brief, but helpful bot called {{ baibot_name }} powered by the {{ baibot_model_id }} model. The date/time of this conversation's start is: {{ baibot_conversation_start_time_utc }}.{% endraw %}" ######################################################################################## # # From 7afe6c261a480af7f836506238cce2e5e4a0decd Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Oct 2024 16:31:48 +0300 Subject: [PATCH 005/404] Upgrade baibot (v1.3.0 -> v1.3.1) --- roles/custom/matrix-bot-baibot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bot-baibot/defaults/main.yml b/roles/custom/matrix-bot-baibot/defaults/main.yml index ec368e408..faf4f10e6 100644 --- a/roles/custom/matrix-bot-baibot/defaults/main.yml +++ b/roles/custom/matrix-bot-baibot/defaults/main.yml @@ -11,7 +11,7 @@ matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_versio matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src" # renovate: datasource=docker depName=ghcr.io/etkecc/baibot -matrix_bot_baibot_version: v1.3.0 +matrix_bot_baibot_version: v1.3.1 matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_name_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}" matrix_bot_baibot_container_image_name_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else 'ghcr.io/' }}" matrix_bot_baibot_container_image_force_pull: "{{ matrix_bot_baibot_container_image.endswith(':latest') }}" From e25390328384763a333919caf773adfe05ec882c Mon Sep 17 00:00:00 2001 From: Catalan Lover <48515417+FSG-Cat@users.noreply.github.com> Date: Thu, 3 Oct 2024 19:01:51 +0200 Subject: [PATCH 006/404] Revert Mjolnir version to 1.7.0 due to severe breakage. --- roles/custom/matrix-bot-mjolnir/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bot-mjolnir/defaults/main.yml b/roles/custom/matrix-bot-mjolnir/defaults/main.yml index a15330d9d..d88b06e3e 100644 --- a/roles/custom/matrix-bot-mjolnir/defaults/main.yml +++ b/roles/custom/matrix-bot-mjolnir/defaults/main.yml @@ -5,7 +5,7 @@ matrix_bot_mjolnir_enabled: true # renovate: datasource=docker depName=matrixdotorg/mjolnir -matrix_bot_mjolnir_version: "v1.8.1" +matrix_bot_mjolnir_version: "v1.7.0" matrix_bot_mjolnir_container_image_self_build: false matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git" From 0fe2b06ce4fa3c7f4d69e35c78dee9d342363a12 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 3 Oct 2024 23:16:03 +0300 Subject: [PATCH 007/404] Update matrixdotorg/mjolnir Docker tag to v1.8.3 (#3570) * Update matrixdotorg/mjolnir Docker tag to v1.8.1 * Upgrade Mjolnir to v1.8.3 --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Slavi Pantaleev --- roles/custom/matrix-bot-mjolnir/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bot-mjolnir/defaults/main.yml b/roles/custom/matrix-bot-mjolnir/defaults/main.yml index d88b06e3e..040c6fb75 100644 --- a/roles/custom/matrix-bot-mjolnir/defaults/main.yml +++ b/roles/custom/matrix-bot-mjolnir/defaults/main.yml @@ -5,7 +5,7 @@ matrix_bot_mjolnir_enabled: true # renovate: datasource=docker depName=matrixdotorg/mjolnir -matrix_bot_mjolnir_version: "v1.7.0" +matrix_bot_mjolnir_version: "v1.8.3" matrix_bot_mjolnir_container_image_self_build: false matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git" From cf29bc7511a727d3d8a519f44130e06d405695ae Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 4 Oct 2024 13:06:19 +0000 Subject: [PATCH 008/404] Update matrixdotorg/sygnal Docker tag to v0.15.1 --- roles/custom/matrix-sygnal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-sygnal/defaults/main.yml b/roles/custom/matrix-sygnal/defaults/main.yml index 7782954fc..4dbd8e505 100644 --- a/roles/custom/matrix-sygnal/defaults/main.yml +++ b/roles/custom/matrix-sygnal/defaults/main.yml @@ -13,7 +13,7 @@ matrix_sygnal_hostname: '' matrix_sygnal_path_prefix: / # renovate: datasource=docker depName=matrixdotorg/sygnal -matrix_sygnal_version: v0.15.0 +matrix_sygnal_version: v0.15.1 matrix_sygnal_base_path: "{{ matrix_base_data_path }}/sygnal" matrix_sygnal_config_path: "{{ matrix_sygnal_base_path }}/config" From 195e0a44814dae2e754f1a42c4b0a676d16ea79a Mon Sep 17 00:00:00 2001 From: James Reilly Date: Fri, 4 Oct 2024 20:53:35 +0530 Subject: [PATCH 009/404] Update Cinny nginx.conf.j2 to include service worker rewrite Cinny has added a service worker to support authenticated media and requires /sw,js to resolve to the serviceworker js file --- roles/custom/matrix-client-cinny/templates/nginx.conf.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/custom/matrix-client-cinny/templates/nginx.conf.j2 b/roles/custom/matrix-client-cinny/templates/nginx.conf.j2 index 3ae9cae7d..2b70f32d2 100644 --- a/roles/custom/matrix-client-cinny/templates/nginx.conf.j2 +++ b/roles/custom/matrix-client-cinny/templates/nginx.conf.j2 @@ -59,6 +59,7 @@ http { rewrite ^/manifest.json$ /manifest.json break; rewrite ^.*/olm.wasm$ /olm.wasm break; + rewrite ^/sw.js$ /sw.js break; rewrite ^/pdf.worker.min.js$ /pdf.worker.min.js break; rewrite ^/public/(.*)$ /public/$1 break; From 85d0b442d2dc19d99dd6fa5055d13f19a6313430 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 6 Oct 2024 18:32:34 +0000 Subject: [PATCH 010/404] Update matrixconduit/matrix-conduit Docker tag to v0.9.0 --- roles/custom/matrix-conduit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-conduit/defaults/main.yml b/roles/custom/matrix-conduit/defaults/main.yml index 9e75820d8..3e0132c29 100644 --- a/roles/custom/matrix-conduit/defaults/main.yml +++ b/roles/custom/matrix-conduit/defaults/main.yml @@ -10,7 +10,7 @@ matrix_conduit_hostname: '' matrix_conduit_docker_image: "{{ matrix_conduit_docker_image_name_prefix }}matrixconduit/matrix-conduit:{{ matrix_conduit_docker_image_tag }}" matrix_conduit_docker_image_name_prefix: "docker.io/" # renovate: datasource=docker depName=matrixconduit/matrix-conduit -matrix_conduit_docker_image_tag: "v0.8.0" +matrix_conduit_docker_image_tag: "v0.9.0" matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith(':latest') }}" matrix_conduit_base_path: "{{ matrix_base_data_path }}/conduit" From ec5e379672e118edb2ecbf2e3ef20c5d71d31d0c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 7 Oct 2024 08:46:05 +0300 Subject: [PATCH 011/404] Update old references to com.devture.ansible.role.postgres & com.devture.ansible.role.traefik Provoked by https://github.com/mother-of-all-self-hosting/mash-playbook/pull/280 --- CHANGELOG.md | 12 ++++++------ YEAR-IN-REVIEW.md | 2 +- docs/configuring-playbook-postgres-backup.md | 2 +- docs/configuring-playbook-traefik.md | 2 +- docs/maintenance-postgres.md | 6 +++--- .../matrix-bot-buscarron/tasks/setup_install.yml | 2 +- .../matrix-bot-honoroit/tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../matrix-bot-postmoogle/tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/migrate_nedb_to_postgres.yml | 2 +- .../tasks/migrate_nedb_to_postgres.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/install.yml | 2 +- .../tasks/install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../custom/matrix-dimension/tasks/setup_install.yml | 2 +- roles/custom/matrix-ma1sd/tasks/setup_install.yml | 2 +- .../matrix-registration/tasks/setup_install.yml | 2 +- .../tasks/rust-synapse-compress-state/main.yml | 2 +- .../matrix-synapse/tasks/update_user_password.yml | 2 +- .../tasks/validate_config.yml | 4 ++-- 36 files changed, 44 insertions(+), 44 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 41305969a..8aca87ee7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -723,7 +723,7 @@ Here are **actions you may wish to take** as a result of this change: The playbook has provided some hints about [Tuning PostgreSQL](docs/maintenance-postgres.md#tuning-postgresql) for quite a while now. -From now on, the [Postgres Ansible role](https://github.com/devture/com.devture.ansible.role.postgres) automatically tunes your Postgres configuration with the same [calculation logic](https://github.com/le0pard/pgtune/blob/master/src/features/configuration/configurationSlice.js) that powers https://pgtune.leopard.in.ua/. +From now on, the [Postgres Ansible role](https://github.com/mother-of-all-self-hosting/ansible-role-postgres) automatically tunes your Postgres configuration with the same [calculation logic](https://github.com/le0pard/pgtune/blob/master/src/features/configuration/configurationSlice.js) that powers https://pgtune.leopard.in.ua/. Our [Tuning PostgreSQL](docs/maintenance-postgres.md#tuning-postgresql) documentation page has details about how you can turn auto-tuning off or adjust the automatically-determined Postgres configuration parameters manually. @@ -1244,20 +1244,20 @@ See our [Setting up matrix-bot-chatgpt](docs/configuring-playbook-bot-chatgpt.md # 2022-11-30 -## matrix-postgres-backup has been replaced by the com.devture.ansible.role.postgres_backup external role +## matrix-postgres-backup has been replaced by the ansible-role-postgres-backup external role -Just like we've [replaced Postgres with an external role](#matrix-postgres-has-been-replaced-by-the-comdevtureansiblerolepostgres-external-role) on 2022-11-28, we're now replacing `matrix-postgres-backup` with an external role - [com.devture.ansible.role.postgres_backup](https://github.com/devture/com.devture.ansible.role.postgres_backup). +Just like we've [replaced Postgres with an external role](#matrix-postgres-has-been-replaced-by-the-comdevtureansiblerolepostgres-external-role) on 2022-11-28, we're now replacing `matrix-postgres-backup` with an external role - [com.devture.ansible.role.postgres_backup](https://github.com/mother-of-all-self-hosting/ansible-role-postgres_backup). You'll need to rename your `matrix_postgres_backup`-prefixed variables such that they use a `postgres_backup` prefix. # 2022-11-28 -## matrix-postgres has been replaced by the com.devture.ansible.role.postgres external role +## matrix-postgres has been replaced by the ansible-role-postgres external role -**TLDR**: the tasks that install the integrated Postgres server now live in an external role - [com.devture.ansible.role.postgres](https://github.com/devture/com.devture.ansible.role.postgres). You'll need to run `make roles` to install it, and to also rename your `matrix_postgres`-prefixed variables to use a `devture_postgres` prefix (e.g. `matrix_postgres_connection_password` -> `postgres_connection_password`). All your data will still be there! Some scripts have moved (`/usr/local/bin/matrix-postgres-cli` -> `/matrix/postgres/bin/cli`). +**TLDR**: the tasks that install the integrated Postgres server now live in an external role - [ansible-role-postgres](https://github.com/mother-of-all-self-hosting/ansible-role-postgres). You'll need to run `make roles` to install it, and to also rename your `matrix_postgres`-prefixed variables to use a `devture_postgres` prefix (e.g. `matrix_postgres_connection_password` -> `postgres_connection_password`). All your data will still be there! Some scripts have moved (`/usr/local/bin/matrix-postgres-cli` -> `/matrix/postgres/bin/cli`). -The `matrix-postgres` role that has been part of the playbook for a long time has been replaced with the [com.devture.ansible.role.postgres](https://github.com/devture/com.devture.ansible.role.postgres) role. This was done as part of our work to [use external roles for some things](#the-playbook-now-uses-external-roles-for-some-things) for better code re-use and maintainability. +The `matrix-postgres` role that has been part of the playbook for a long time has been replaced with the [ansible-role-postgres](https://github.com/mother-of-all-self-hosting/ansible-role-postgres) role. This was done as part of our work to [use external roles for some things](#the-playbook-now-uses-external-roles-for-some-things) for better code re-use and maintainability. The new role is an upgraded version of the old `matrix-postgres` role with these notable differences: diff --git a/YEAR-IN-REVIEW.md b/YEAR-IN-REVIEW.md index d51d1ba3d..ab689b9d3 100644 --- a/YEAR-IN-REVIEW.md +++ b/YEAR-IN-REVIEW.md @@ -96,7 +96,7 @@ Besides these major user-visible changes, a lot of work also happened **under th * we made [major improvements to Synapse workers](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/ba09705f7fbaf0108652ecbe209793b1d935eba7/CHANGELOG.md#potential-backward-compatibility-break-major-improvements-to-synapse-workers) - adding support for stream writers and for running multiple workers of various kinds (federation senders, pushers, background task processing workers, etc.) * we [improved the compatibility of (Synapse + workers) with the rest of the playbook](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/ba09705f7fbaf0108652ecbe209793b1d935eba7/CHANGELOG.md#backward-compatibility-break-changing-how-reverse-proxying-to-synapse-works---now-via-a-matrix-synapse-reverse-proxy-companion-service) by introducing a new `matrix-synapse-reverse-proxy-companion-service` service -* we started [splitting various Ansible roles out of the Matrix playbook and into independent roles](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/ba09705f7fbaf0108652ecbe209793b1d935eba7/CHANGELOG.md#the-playbook-now-uses-external-roles-for-some-things) (e.g. `matrix-postgres` -> [com.devture.ansible.role.postgres](https://github.com/devture/com.devture.ansible.role.postgres)), which could be included in other Ansible playbooks. In fact, these roles already power a few **interesting other sibling playbooks**: +* we started [splitting various Ansible roles out of the Matrix playbook and into independent roles](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/ba09705f7fbaf0108652ecbe209793b1d935eba7/CHANGELOG.md#the-playbook-now-uses-external-roles-for-some-things) (e.g. `matrix-postgres` -> [ansible-role-postgres](https://github.com/mother-of-all-self-hosting/ansible-role-postgres)), which could be included in other Ansible playbooks. In fact, these roles already power a few **interesting other sibling playbooks**: * [gitea-docker-ansible-deploy](https://github.com/spantaleev/gitea-docker-ansible-deploy), for deploying a [Gitea](https://gitea.io/) (self-hosted [Git](https://git-scm.com/) service) server * [nextcloud-docker-ansible-deploy](https://github.com/spantaleev/nextcloud-docker-ansible-deploy), for deploying a [Nextcloud](https://nextcloud.com/) groupware server * [vaultwarden-docker-ansible-deploy](https://github.com/spantaleev/vaultwarden-docker-ansible-deploy), for deploying a [Vaultwarden](https://github.com/dani-garcia/vaultwarden) password manager server (unofficial [Bitwarden](https://bitwarden.com/) compatible server) diff --git a/docs/configuring-playbook-postgres-backup.md b/docs/configuring-playbook-postgres-backup.md index 097d8d7ce..becdd123d 100644 --- a/docs/configuring-playbook-postgres-backup.md +++ b/docs/configuring-playbook-postgres-backup.md @@ -1,6 +1,6 @@ # Setting up postgres backup (optional) -The playbook can install and configure [docker-postgres-backup-local](https://github.com/prodrigestivill/docker-postgres-backup-local) for you via the [com.devture.ansible.role.postgres_backup](https://github.com/devture/com.devture.ansible.role.postgres_backup) Ansible role. +The playbook can install and configure [docker-postgres-backup-local](https://github.com/prodrigestivill/docker-postgres-backup-local) for you via the [ansible-role-postgres-backup](https://github.com/mother-of-all-self-hosting/ansible-role-postgres-backup) Ansible role. For a more complete backup solution (one that includes not only Postgres, but also other configuration/data files), you may wish to look into [borg backup](configuring-playbook-backup-borg.md) instead. diff --git a/docs/configuring-playbook-traefik.md b/docs/configuring-playbook-traefik.md index eaee8bf52..0a3c534eb 100644 --- a/docs/configuring-playbook-traefik.md +++ b/docs/configuring-playbook-traefik.md @@ -1,6 +1,6 @@ # Configure Traefik (optional, advanced) -By default, this playbook installs and manages a [Traefik](https://doc.traefik.io/traefik/) reverse-proxy server, powered by the [com.devture.ansible.role.traefik](https://github.com/devture/com.devture.ansible.role.traefik) Ansible role. +By default, this playbook installs and manages a [Traefik](https://doc.traefik.io/traefik/) reverse-proxy server, powered by the [ansible-role-traefik](https://github.com/mother-of-all-self-hosting/ansible-role-traefik) Ansible role. This Ansible role support various configuration options. Feel free to consult its `default/main.yml` variables file. diff --git a/docs/maintenance-postgres.md b/docs/maintenance-postgres.md index ccb6629c1..7469e7111 100644 --- a/docs/maintenance-postgres.md +++ b/docs/maintenance-postgres.md @@ -106,13 +106,13 @@ Example: `--extra-vars="postgres_dump_name=matrix-postgres-dump.sql"` PostgreSQL can be [tuned](https://wiki.postgresql.org/wiki/Tuning_Your_PostgreSQL_Server) to make it run faster. This is done by passing extra arguments to the Postgres process. -The [Postgres Ansible role](https://github.com/devture/com.devture.ansible.role.postgres) **already does some tuning by default**, which matches the [tuning logic](https://github.com/le0pard/pgtune/blob/master/src/features/configuration/configurationSlice.js) done by websites like https://pgtune.leopard.in.ua/. +The [Postgres Ansible role](https://github.com/mother-of-all-self-hosting/ansible-role-postgres) **already does some tuning by default**, which matches the [tuning logic](https://github.com/le0pard/pgtune/blob/master/src/features/configuration/configurationSlice.js) done by websites like https://pgtune.leopard.in.ua/. You can manually influence some of the tuning variables . These parameters (variables) are injected via the `postgres_postgres_process_extra_arguments_auto` variable. Most users should be fine with the automatically-done tuning. However, you may wish to: -- **adjust the automatically-determined tuning parameters manually**: change the values for the tuning variables defined in the Postgres role's [default configuration file](https://github.com/devture/com.devture.ansible.role.postgres/blob/main/defaults/main.yml) (see `postgres_max_connections`, `postgres_data_storage` etc). These variables are ultimately passed to Postgres via a `postgres_postgres_process_extra_arguments_auto` variable +- **adjust the automatically-determined tuning parameters manually**: change the values for the tuning variables defined in the Postgres role's [default configuration file](https://github.com/mother-of-all-self-hosting/ansible-role-postgres/blob/main/defaults/main.yml) (see `postgres_max_connections`, `postgres_data_storage` etc). These variables are ultimately passed to Postgres via a `postgres_postgres_process_extra_arguments_auto` variable - **turn automatically-performed tuning off**: override it like this: `postgres_postgres_process_extra_arguments_auto: []` -- **add additional tuning parameters**: define your additional Postgres configuration parameters in `postgres_postgres_process_extra_arguments_custom`. See `postgres_postgres_process_extra_arguments_auto` defined in the Postgres role's [default configuration file](https://github.com/devture/com.devture.ansible.role.postgres/blob/main/defaults/main.yml) for inspiration +- **add additional tuning parameters**: define your additional Postgres configuration parameters in `postgres_postgres_process_extra_arguments_custom`. See `postgres_postgres_process_extra_arguments_auto` defined in the Postgres role's [default configuration file](https://github.com/mother-of-all-self-hosting/ansible-role-postgres/blob/main/defaults/main.yml) for inspiration diff --git a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml index 57681484e..7742ab726 100644 --- a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml @@ -12,7 +12,7 @@ - when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml index b2a57a56e..8dd647d1b 100644 --- a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml @@ -12,7 +12,7 @@ - when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 28e53ad8e..4db0372f9 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml index 026f1e4f6..1ef5b22d7 100644 --- a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml @@ -9,7 +9,7 @@ - when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml index 623a91852..f847c743a 100644 --- a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml index 70e561e30..c7c4415db 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml @@ -2,7 +2,7 @@ - name: Fail if Postgres not enabled ansible.builtin.fail: - msg: "Postgres via the com.devture.ansible.role.postgres role is not enabled (`postgres_enabled`). Cannot migrate." + msg: "Postgres via ansible-role-postgres role is not enabled (`postgres_enabled`). Cannot migrate." when: "not postgres_enabled | bool" # Defaults diff --git a/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml index dac2a6c28..58d08ee0d 100644 --- a/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml @@ -2,7 +2,7 @@ - name: Fail if Postgres not enabled ansible.builtin.fail: - msg: "Postgres via the com.devture.ansible.role.postgres role is not enabled (`postgres_enabled`). Cannot migrate." + msg: "Postgres via ansible-role-postgres role is not enabled (`postgres_enabled`). Cannot migrate." when: "not postgres_enabled | bool" # Defaults diff --git a/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index ba4984287..d2ac0307c 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_go_skype_bridge_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml index 93b34a219..4775b5fee 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index d89f0be33..02dd8e511 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mautrix-gmessages/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-gmessages/tasks/setup_install.yml index 5c9841793..f85a790ed 100644 --- a/roles/custom/matrix-bridge-mautrix-gmessages/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-gmessages/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_mautrix_gmessages_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index 17eb3d756..6d8adebf4 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index 97fb4824e..49bdb5ab2 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mautrix-meta-instagram/tasks/install.yml b/roles/custom/matrix-bridge-mautrix-meta-instagram/tasks/install.yml index a46b1e9ac..3debb493e 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-instagram/tasks/install.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/tasks/install.yml @@ -13,7 +13,7 @@ - when: "matrix_mautrix_meta_instagram_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mautrix-meta-messenger/tasks/install.yml b/roles/custom/matrix-bridge-mautrix-meta-messenger/tasks/install.yml index 1010fbaf0..438682d2b 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-messenger/tasks/install.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/tasks/install.yml @@ -13,7 +13,7 @@ - when: "matrix_mautrix_meta_messenger_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml index 474893f4e..de20e8351 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_mautrix_signal_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mautrix-slack/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-slack/tasks/setup_install.yml index 7e9851024..be5e11d80 100644 --- a/roles/custom/matrix-bridge-mautrix-slack/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-slack/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_mautrix_slack_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 117fdaf16..c73468bb8 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index 0bc2394e5..7aff56b39 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml index 216e06262..5922c59c3 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml @@ -47,7 +47,7 @@ - when: "matrix_mx_puppet_discord_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml index 1285ccb39..44dc72e47 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml @@ -48,7 +48,7 @@ - when: "matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml index 5d2648059..47ec55ef7 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index 9d931d7ae..c46a25bd1 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -41,7 +41,7 @@ - when: "matrix_mx_puppet_slack_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml index f280bc579..a29c5e44f 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml @@ -48,7 +48,7 @@ - when: "matrix_mx_puppet_steam_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml index c683fc388..8d385dd14 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml @@ -48,7 +48,7 @@ - when: "matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-dimension/tasks/setup_install.yml b/roles/custom/matrix-dimension/tasks/setup_install.yml index 573db94c5..ce7080c52 100644 --- a/roles/custom/matrix-dimension/tasks/setup_install.yml +++ b/roles/custom/matrix-dimension/tasks/setup_install.yml @@ -52,7 +52,7 @@ - {'table': 'dimension_bridges', 'column': 'isPublic', 'default': ''} - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-ma1sd/tasks/setup_install.yml b/roles/custom/matrix-ma1sd/tasks/setup_install.yml index d5ff4ddcd..e77f2d689 100644 --- a/roles/custom/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/custom/matrix-ma1sd/tasks/setup_install.yml @@ -28,7 +28,7 @@ - when: "matrix_ma1sd_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-registration/tasks/setup_install.yml b/roles/custom/matrix-registration/tasks/setup_install.yml index a1bb0da22..2358da0c4 100644 --- a/roles/custom/matrix-registration/tasks/setup_install.yml +++ b/roles/custom/matrix-registration/tasks/setup_install.yml @@ -13,7 +13,7 @@ - when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool" block: - ansible.builtin.include_role: - name: galaxy/com.devture.ansible.role.postgres + name: galaxy/postgres tasks_from: migrate_db_to_postgres vars: postgres_db_migration_request: diff --git a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index ebde9d106..efebe6e92 100644 --- a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -3,7 +3,7 @@ - name: Fail if Postgres not enabled ansible.builtin.fail: - msg: "Postgres via the com.devture.ansible.role.postgres role is not enabled (`postgres_enabled`). Cannot use rust-synapse-compress-state." + msg: "Postgres via ansible-role-postgres role is not enabled (`postgres_enabled`). Cannot use rust-synapse-compress-state." when: "not postgres_enabled | bool" diff --git a/roles/custom/matrix-synapse/tasks/update_user_password.yml b/roles/custom/matrix-synapse/tasks/update_user_password.yml index cfa611a45..32d24a154 100644 --- a/roles/custom/matrix-synapse/tasks/update_user_password.yml +++ b/roles/custom/matrix-synapse/tasks/update_user_password.yml @@ -12,7 +12,7 @@ - name: Fail if not using integrated Postgres database ansible.builtin.fail: - msg: "This command is working only when Postgres is installed via the the integrated com.devture.ansible.role.postgres role" + msg: "This command is working only when Postgres is installed via the the integrated ansible-role-postgres role" when: "not postgres_enabled | bool" - name: Ensure Postgres is started diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index 7f0affa1e..dccc83816 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -66,10 +66,10 @@ - name: (Deprecation) Catch and report matrix_postgres variables ansible.builtin.fail: msg: |- - The matrix-postgres role in the playbook has been replaced with the com.devture.ansible.role.postgres role (https://github.com/devture/com.devture.ansible.role.postgres). + The matrix-postgres role in the playbook has been replaced with the ansible-role-postgres role (https://github.com/mother-of-all-self-hosting/ansible-role-postgres). The new role is pretty much the same, but uses differently named variables. - The matrix-postgres-backup role in the playbook has been replaced with the com.devture.ansible.role.postgres_backup role (https://github.com/devture/com.devture.ansible.role.postgres_backup). + The matrix-postgres-backup role in the playbook has been replaced with the ansible-role-postgres-backup role (https://github.com/mother-of-all-self-hosting/ansible-role-postgres-backup). The new role is pretty much the same, but uses differently named variables. Please change your configuration (vars.yml) to rename all `matrix_postgres`-prefixed variables (`matrix_postgres_*` -> `postgres_*`). From 29c7841cdd97817409dfe151e195050cfb262222 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 8 Oct 2024 15:53:26 +0000 Subject: [PATCH 012/404] Update vectorim/element-web Docker tag to v1.11.80 --- roles/custom/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index b70354625..617559388 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -11,7 +11,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" # renovate: datasource=docker depName=vectorim/element-web -matrix_client_element_version: v1.11.79 +matrix_client_element_version: v1.11.80 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" From 427d02c926ac5c24c1fbfcf2a2b518a2a71fa9fd Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Thu, 10 Oct 2024 00:55:03 +0300 Subject: [PATCH 013/404] synapse-admin v0.10.3-etke19 --- roles/custom/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index 71b2c0d52..be19ada16 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git" # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin -matrix_synapse_admin_version: v0.10.3-etke18 +matrix_synapse_admin_version: v0.10.3-etke19 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From 3a993e43eb14e604c3ff21af504a91d8683e6db4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?U=C4=9Fur=20=C4=B0LTER?= <2822708+ilterugur@users.noreply.github.com> Date: Thu, 10 Oct 2024 01:42:00 +0300 Subject: [PATCH 014/404] Update faq.md Fixed typo --- docs/faq.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/faq.md b/docs/faq.md index 427d2d25c..d0cc9d8c1 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -51,7 +51,7 @@ Besides setting up your own bridges (preferable), you can also use some [public One of [Matrix](https://matrix.org/)'s distinguishing strengths (compared to other chat networks) is its decentralized nature. There's not just one entity (company, organization) controlling the servers. Rather there's thousands of servers operated by different people - one server being insecure, slow or disrespective toward its users does not affect the rest of the network. To participate in that decentralization in its fullest, consider hosting your own server or using some public server other than the largest/default one (`matrix.org`). -There are 3 ways to get into Martix, depending on your technical ability and needs: +There are 3 ways to get into Matrix, depending on your technical ability and needs: - **using the existing default server** - the easiest way is to use an existing server. The largest public Matrix server is `matrix.org` and it's configured as a default server in clients such as [Element](https://element.io) and many others. Just use Element on the browser via that link (or download the Element app on a smartphone), create an account and start chatting. From a0bf5a076c3b20b19e688630ee047958104ef411 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 11 Oct 2024 04:25:20 +0900 Subject: [PATCH 015/404] Update configuring-playbook-client-schildichat.md --- docs/configuring-playbook-client-schildichat.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat.md index 2892fa592..0a4c37fe9 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat.md @@ -2,7 +2,7 @@ By default, this playbook does not install the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) Matrix client web application. -**WARNING**: SchildiChat is based on Element-web, but its releases are lagging behind. As an example (from 2024-02-26), SchildiChat is 22 releases behind (it being based on element-web `v1.11.36`, while element-web is now on `v1.11.58`). Element-web frequently suffers from security issues, so running something based on an ancient Element-web release is **dangerous**. Use SchildiChat at your own risk! +**WARNING**: SchildiChat Web is based on Element-web, but its releases are lagging behind. As an example (from 2024-02-26), SchildiChat Web is 22 releases behind (it being based on element-web `v1.11.36`, while element-web is now on `v1.11.58`). Element-web frequently suffers from security issues, so running something based on an ancient Element-web release is **dangerous**. Use SchildiChat Web at your own risk! ## Enabling SchildiChat From cf0793bd9f5dac65dab7ee330780b552be7365cb Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 11 Oct 2024 15:03:25 +0300 Subject: [PATCH 016/404] Move Gmessages encryption.pickle_key to a variable Closes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3538 See: https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3538#issuecomment-2405780285 --- roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml | 2 ++ .../matrix-bridge-mautrix-gmessages/templates/config.yaml.j2 | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml index 0cea11e08..b694c82a3 100644 --- a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml @@ -148,6 +148,8 @@ matrix_mautrix_gmessages_bridge_encryption_default: "{{ matrix_bridges_encryptio matrix_mautrix_gmessages_bridge_encryption_require: false matrix_mautrix_gmessages_bridge_encryption_appservice: false matrix_mautrix_gmessages_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_gmessages_bridge_encryption_allow }}" +# For compatibility with the older Gmessages bridge, you may wish to set the pickle key to: "go.mau.fi/mautrix-gmessages" +matrix_mautrix_gmessages_bridge_encryption_pickle_key: mautrix.bridge.e2ee matrix_mautrix_gmessages_network_displayname_template: "{% raw %}{{or .FullName .PhoneNumber}}{% endraw %}" matrix_mautrix_gmessages_appservice_username_template: "{% raw %}gmessages_{{.}}{% endraw %}" diff --git a/roles/custom/matrix-bridge-mautrix-gmessages/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-gmessages/templates/config.yaml.j2 index a645d6d0f..3fd39a78a 100644 --- a/roles/custom/matrix-bridge-mautrix-gmessages/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-gmessages/templates/config.yaml.j2 @@ -359,7 +359,7 @@ encryption: allow_key_sharing: {{ matrix_mautrix_gmessages_bridge_encryption_key_sharing_allow | to_json }} # Pickle key for encrypting encryption keys in the bridge database. # If set to generate, a random key will be generated. - pickle_key: mautrix.bridge.e2ee + pickle_key: {{ matrix_mautrix_gmessages_bridge_encryption_pickle_key | to_json }} # Options for deleting megolm sessions from the bridge. delete_keys: # Beeper-specific: delete outbound sessions when hungryserv confirms From 982c790db1fbb1681b90f29369d7f3b425cf868a Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 10 Oct 2024 14:30:26 +0900 Subject: [PATCH 017/404] Fix typos: it self -> itself Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-draupnir.md | 2 +- docs/configuring-playbook-bot-mjolnir.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bot-draupnir.md b/docs/configuring-playbook-bot-draupnir.md index cc4790962..5c333661e 100644 --- a/docs/configuring-playbook-bot-draupnir.md +++ b/docs/configuring-playbook-bot-draupnir.md @@ -37,7 +37,7 @@ You will need to prevent Synapse from rate limiting the bot's account. This is n If your Synapse Admin API is exposed to the internet for some reason like running the Synapse Admin Role [Link](/docs/configuring-playbook-synapse-admin.md) or running `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true` in your playbook config. If your API is not externally exposed you should still be able to on the local host for your synapse run these commands. -The following command works on semi up to date Windows 10 installs and All Windows 11 installations and other systems that ship curl. `curl --header "Authorization: Bearer " -X POST https://matrix.example.com/_synapse/admin/v1/users/@example:example.com/override_ratelimit` Replace `@example:example.com` with the MXID of your Draupnir and example.com with your homeserver domain. You can easily obtain an access token for a homeserver admin account the same way you can obtain an access token for Draupnir it self. If you made Draupnir Admin you can just use the Draupnir token. +The following command works on semi up to date Windows 10 installs and All Windows 11 installations and other systems that ship curl. `curl --header "Authorization: Bearer " -X POST https://matrix.example.com/_synapse/admin/v1/users/@example:example.com/override_ratelimit` Replace `@example:example.com` with the MXID of your Draupnir and example.com with your homeserver domain. You can easily obtain an access token for a homeserver admin account the same way you can obtain an access token for Draupnir itself. If you made Draupnir Admin you can just use the Draupnir token. diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 69a89ac8e..82bee8a6a 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -33,7 +33,7 @@ You will need to prevent Synapse from rate limiting the bot's account. This is n If your Synapse Admin API is exposed to the internet for some reason like running the Synapse Admin Role [Link](/docs/configuring-playbook-synapse-admin.md) or running `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true` in your playbook config. If your API is not externally exposed you should still be able to on the local host for your synapse run these commands. -The following command works on semi up to date Windows 10 installs and All Windows 11 installations and other systems that ship curl. `curl --header "Authorization: Bearer " -X POST https://matrix.example.com/_synapse/admin/v1/users/@example:example.com/override_ratelimit` Replace `@example:example.com` with the MXID of your Mjolnir and example.com with your homeserver domain. You can easily obtain an access token for a homeserver admin account the same way you can obtain an access token for Mjolnir it self. If you made Mjolnir Admin you can just use the Mjolnir token. +The following command works on semi up to date Windows 10 installs and All Windows 11 installations and other systems that ship curl. `curl --header "Authorization: Bearer " -X POST https://matrix.example.com/_synapse/admin/v1/users/@example:example.com/override_ratelimit` Replace `@example:example.com` with the MXID of your Mjolnir and example.com with your homeserver domain. You can easily obtain an access token for a homeserver admin account the same way you can obtain an access token for Mjolnir itself. If you made Mjolnir Admin you can just use the Mjolnir token. ## 4. Create a management room From 0925317e159a358a1492e2b786f5f179effad785 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 10 Oct 2024 15:11:53 +0900 Subject: [PATCH 018/404] Fix typos: coping -> copying Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-draupnir.md | 2 +- docs/configuring-playbook-bot-mjolnir.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bot-draupnir.md b/docs/configuring-playbook-bot-draupnir.md index 5c333661e..314fba5bb 100644 --- a/docs/configuring-playbook-bot-draupnir.md +++ b/docs/configuring-playbook-bot-draupnir.md @@ -47,7 +47,7 @@ Using your own account, create a new invite only room that you will use to manag If you make the management room encrypted (E2EE), then you MUST enable and use Pantalaimon (see below). -Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then coping the internal room ID. The room ID will look something like `!QvgVuKq0ha8glOLGMG:DOMAIN`. +Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!QvgVuKq0ha8glOLGMG:DOMAIN`. Finally invite the `@bot.draupnir:DOMAIN` account you created earlier into the room. diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 82bee8a6a..5c32ec2fe 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -41,7 +41,7 @@ Using your own account, create a new invite only room that you will use to manag If you make the management room encrypted (E2EE), then you MUST enable and use Pantalaimon (see below). -Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then coping the internal room ID. The room ID will look something like `!QvgVuKq0ha8glOLGMG:DOMAIN`. +Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!QvgVuKq0ha8glOLGMG:DOMAIN`. Finally invite the `@bot.mjolnir:DOMAIN` account you created earlier into the room. From 09d6bf3673fdc52aab418eadc36ede1ce172eebc Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 12 Oct 2024 15:23:21 +0900 Subject: [PATCH 019/404] Replace reference to nginx container image with one to Traefik container image on docs/container-images.md Signed-off-by: Suguru Hirahara --- docs/container-images.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/container-images.md b/docs/container-images.md index 11c278d23..027bfb2a2 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -19,7 +19,7 @@ These services are enabled and used by default, but you can turn them off, if yo - [devture/exim-relay](https://hub.docker.com/r/devture/exim-relay/) - the [Exim](https://www.exim.org/) email server (optional) -- [nginx](https://hub.docker.com/_/nginx/) - the [nginx](http://nginx.org/) web server (optional) +- [Traefik](https://hub.docker.com/_/traefik/) - the [Traefik](https://traefik.io/) web server (optional) - [certbot/certbot](https://hub.docker.com/r/certbot/certbot/) - the [certbot](https://certbot.eff.org/) tool for obtaining SSL certificates from [Let's Encrypt](https://letsencrypt.org/) (optional) From c5a6862f700594ff5983f4a19c005b4d773998b3 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 12 Oct 2024 16:16:44 +0900 Subject: [PATCH 020/404] Fixes indentation on prerequisites.md Signed-off-by: Suguru Hirahara --- docs/prerequisites.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index e60464949..1db7338df 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -8,11 +8,11 @@ To install Matrix services using this Ansible playbook, you need: - **Debian** (10/Buster or newer) - **Ubuntu** (18.04 or newer, although [20.04 may be problematic](ansible.md#supported-ansible-versions) if you run the Ansible playbook on it) -Generally, newer is better. We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there. + Generally, newer is better. We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there. -This playbook somewhat supports running on non-`amd64` architectures like ARM. See [Alternative Architectures](alternative-architectures.md). + This playbook somewhat supports running on non-`amd64` architectures like ARM. See [Alternative Architectures](alternative-architectures.md). -If your distro runs within an [LXC container](https://linuxcontainers.org/), you may hit [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/703). It can be worked around, if absolutely necessary, but we suggest that you avoid running from within an LXC container. + If your distro runs within an [LXC container](https://linuxcontainers.org/), you may hit [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/703). It can be worked around, if absolutely necessary, but we suggest that you avoid running from within an LXC container. - `root` access to your server (or a user capable of elevating to `root` via `sudo`). From dca619ba766db3599e66cd16fe8b9f8e31656fdc Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 10 Oct 2024 18:18:07 +0900 Subject: [PATCH 021/404] =?UTF-8?q?Fixes=20capitalization:=20mjolnir=20?= =?UTF-8?q?=E2=86=92=20Mjolnir?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-draupnir.md | 2 +- docs/configuring-playbook-bot-mjolnir.md | 6 +++--- docs/container-images.md | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/configuring-playbook-bot-draupnir.md b/docs/configuring-playbook-bot-draupnir.md index 314fba5bb..95540ffe9 100644 --- a/docs/configuring-playbook-bot-draupnir.md +++ b/docs/configuring-playbook-bot-draupnir.md @@ -109,7 +109,7 @@ matrix_bot_draupnir_management_room: "ROOM_ID_FROM_STEP_4_GOES_HERE" ### 5c. Migrating from Mjolnir (Only required if migrating.) -Replace your `matrix_bot_mjolnir` config with `matrix_bot_draupnir` config. Also disable mjolnir if you're doing migration. +Replace your `matrix_bot_mjolnir` config with `matrix_bot_draupnir` config. Also disable Mjolnir if you're doing migration. That is all you need to do due to that Draupnir can complete migration on its own. ## 6. Installing diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 5c32ec2fe..dd7681d06 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -101,7 +101,7 @@ matrix_bot_mjolnir_access_token: "ACCESS_TOKEN_FROM_STEP_2_GOES_HERE" matrix_bot_mjolnir_management_room: "ROOM_ID_FROM_STEP_4_GOES_HERE" ``` -## 6. Adding mjolnir synapse antispam module (optional) +## 6. Adding Mjolnir synapse antispam module (optional) Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): @@ -126,11 +126,11 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -You can refer to the upstream [documentation](https://github.com/matrix-org/mjolnir) for additional ways to use and configure mjolnir. Check out their [quickstart guide](https://github.com/matrix-org/mjolnir#quickstart-guide) for some basic commands you can give to the bot. +You can refer to the upstream [documentation](https://github.com/matrix-org/mjolnir) for additional ways to use and configure Mjolnir. Check out their [quickstart guide](https://github.com/matrix-org/mjolnir#quickstart-guide) for some basic commands you can give to the bot. You can configure additional options by adding the `matrix_bot_mjolnir_configuration_extension_yaml` variable to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file. -For example to change mjolnir's `recordIgnoredInvites` option to `true` you would add the following to your `vars.yml` file. +For example to change Mjolnir's `recordIgnoredInvites` option to `true` you would add the following to your `vars.yml` file. ```yaml matrix_bot_mjolnir_configuration_extension_yaml: | diff --git a/docs/container-images.md b/docs/container-images.md index 027bfb2a2..4638a0893 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -106,7 +106,7 @@ These services are not part of our default installation, but can be enabled by [ - [matrixdotorg/go-neb](https://hub.docker.com/r/matrixdotorg/go-neb) - the [Go-NEB](https://github.com/matrix-org/go-neb) bot (optional) -- [matrixdotorg/mjolnir](https://hub.docker.com/r/matrixdotorg/mjolnir) - the [mjolnir](https://github.com/matrix-org/mjolnir) moderation bot (optional) +- [matrixdotorg/mjolnir](https://hub.docker.com/r/matrixdotorg/mjolnir) - the [Mjolnir](https://github.com/matrix-org/mjolnir) moderation bot (optional) - [gnuxie/draupnir](https://hub.docker.com/r/gnuxie/draupnir) - the [Draupnir](https://github.com/the-draupnir-project/Draupnir/) moderation bot (optional) From 1047cb0d4270e8d469ee8f5aaa5b705b9d325cdd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?U=C4=9Fur=20=C4=B0LTER?= <2822708+ilterugur@users.noreply.github.com> Date: Sat, 12 Oct 2024 12:32:27 +0300 Subject: [PATCH 022/404] Update configuring-playbook-synapse-admin.md Fixed compatibility misinformation --- docs/configuring-playbook-synapse-admin.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-synapse-admin.md b/docs/configuring-playbook-synapse-admin.md index 43d3c74b9..4fb1a34de 100644 --- a/docs/configuring-playbook-synapse-admin.md +++ b/docs/configuring-playbook-synapse-admin.md @@ -2,7 +2,7 @@ The playbook can install and configure [etkecc/synapse-admin](https://github.com/etkecc/synapse-admin) (a [feature-rich](https://github.com/etkecc/synapse-admin#fork-differences) fork of [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologies/synapse-admin)) for you. -synapse-admin is a web UI tool you can use to **administrate users, rooms, media, etc. on your Matrix server**. It's designed to work with the Synapse homeserver implementation, but to some extent may work with [Dendrite](./configuring-playbook-dendrite.md) as well. +synapse-admin is a web UI tool you can use to **administrate users, rooms, media, etc. on your Matrix server**. It's designed to work with the Synapse homeserver implementation and WON'T work with Dendrite because [Dendrite Admin API](https://matrix-org.github.io/dendrite/administration/adminapi) differs from [Synapse Admin API](https://element-hq.github.io/synapse/latest/usage/administration/admin_api/). See the project's [documentation](https://github.com/etkecc/synapse-admin) to learn what it does and why it might be useful to you. From 45e1f6c8fbb8ad6c3d25d93fb05622b763a2f504 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 10 Oct 2024 23:21:51 +0900 Subject: [PATCH 023/404] Remove line breaks from docs/configuring-playbook-bot-maubot.md for consistency Make the paragraph consistent with files such as: - docs/configuring-playbook-bot-baibot.md - docs/configuring-playbook-bot-buscarron.md - docs/configuring-playbook-bot-honoroit.md Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-maubot.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index dd5f13445..25d19cc6e 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -34,9 +34,7 @@ After configuring the playbook, run the [installation](installing.md) command ag **Notes**: -- if you change the bot password (`matrix_bot_maubot_initial_password` in your `vars.yml` file) subsequently, - the bot user's credentials on the homeserver won't be updated automatically. - If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it. +- if you change the bot password (`matrix_bot_maubot_initial_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it. ## Usage @@ -45,7 +43,7 @@ You can visit `matrix./_matrix/maubot/` to manage your available pl You should start in the following order 1. **Create one or more clients:** A client is a matrix account which the bot will use to message. By default, the playbook creates a `bot.maubot` account (as per the configuration above). You only need to [obtain an access token](#obtaining-an-access-token) for it 2. **Upload some Plugins:** Plugins can be obtained from [here](https://github.com/maubot/maubot#plugins) or any other source. -3. **Create an instance:** An instance is the actual bot. You have to specify a client which the bot instance will use +3. **Create an instance:** An instance is the actual bot. You have to specify a client which the bot instance will use and the plugin (how the bot will behave) ## Obtaining an access token From ab9f03f171bb079daea601fe6b7d8c229db96255 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 12 Oct 2024 19:05:42 +0900 Subject: [PATCH 024/404] Update docs/configuring-playbook-bot-maubot.md for consistency - consistent expression for installing Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-maubot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index 25d19cc6e..b735ff61b 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -34,7 +34,7 @@ After configuring the playbook, run the [installation](installing.md) command ag **Notes**: -- if you change the bot password (`matrix_bot_maubot_initial_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it. +- if you change the bot password (`matrix_bot_maubot_initial_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_maubot_initial_password` to let the bot know its new password ## Usage From 7161bf5cb445aca1d56bf0f6413a1b4b05f9e822 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 11 Oct 2024 03:15:07 +0900 Subject: [PATCH 025/404] =?UTF-8?q?Fix=20strings:=20Cactus=20Chat=20?= =?UTF-8?q?=E2=86=92=20Cactus=20Comments?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-cactus-comments.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index 8b3cfdd1a..5fa4f36a3 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -21,7 +21,7 @@ Add the following block to your `vars.yaml` and make sure to exchange the tokens ```yaml ################# -## Cactus Chat ## +## Cactus Comments ## ################# # This enables the backend (appservice) From 08cd782b298fa268fa6fba9633cf1cbdfae81ecc Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 11 Oct 2024 03:40:17 +0900 Subject: [PATCH 026/404] Fix capitalization: cinny -> Cinny Signed-off-by: Suguru Hirahara --- docs/configuring-dns.md | 2 +- docs/configuring-playbook-client-cinny.md | 10 +++++----- roles/custom/matrix-client-cinny/defaults/main.yml | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index b4416917a..016aa99a1 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -75,7 +75,7 @@ The `etherpad.` subdomain may be necessary, because this playbook c The `hydrogen.` subdomain may be necessary, because this playbook could install the [Hydrogen](https://github.com/element-hq/hydrogen-web) web client. The installation of Hydrogen is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Hydrogen guide](configuring-playbook-client-hydrogen.md). If you do not wish to set up Hydrogen, feel free to skip the `hydrogen.` DNS record. -The `cinny.` subdomain may be necessary, because this playbook could install the [Cinny](https://github.com/ajbura/cinny) web client. The installation of cinny is disabled by default, it is not a core required component. To learn how to install it, see our [configuring cinny guide](configuring-playbook-client-cinny.md). If you do not wish to set up cinny, feel free to skip the `cinny.` DNS record. +The `cinny.` subdomain may be necessary, because this playbook could install the [Cinny](https://github.com/ajbura/cinny) web client. The installation of Cinny is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Cinny guide](configuring-playbook-client-cinny.md). If you do not wish to set up Cinny, feel free to skip the `cinny.` DNS record. The `wsproxy.` subdomain may be necessary, because this playbook could install the [wsproxy](https://github.com/mautrix/wsproxy) web client. The installation of wsproxy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring wsproxy guide](configuring-playbook-bridge-mautrix-wsproxy.md). If you do not wish to set up wsproxy, feel free to skip the `wsproxy.` DNS record. diff --git a/docs/configuring-playbook-client-cinny.md b/docs/configuring-playbook-client-cinny.md index 73a8bbeee..da2175311 100644 --- a/docs/configuring-playbook-client-cinny.md +++ b/docs/configuring-playbook-client-cinny.md @@ -1,17 +1,17 @@ # Configuring Cinny (optional) This playbook can install the [cinny](https://github.com/ajbura/cinny) Matrix web client for you. -cinny is a web client focusing primarily on simple, elegant and secure interface. -cinny can be installed alongside or instead of Element. +Cinny is a web client focusing primarily on simple, elegant and secure interface. +Cinny can be installed alongside or instead of Element. -If you'd like cinny to be installed, add the following to your configuration file (`inventory/host_vars/matrix./vars.yml`): +If you'd like Cinny to be installed, add the following to your configuration file (`inventory/host_vars/matrix./vars.yml`): ```yaml matrix_client_cinny_enabled: true ``` -You will also need to add a DNS record so that cinny can be accessed. -By default cinny will use https://cinny.DOMAIN so you will need to create an CNAME record +You will also need to add a DNS record so that Cinny can be accessed. +By default Cinny will use https://cinny.DOMAIN so you will need to create an CNAME record for `cinny`. See [Configuring DNS](configuring-dns.md). If you would like to use a different domain, add the following to your configuration file (changing it to use your preferred domain): diff --git a/roles/custom/matrix-client-cinny/defaults/main.yml b/roles/custom/matrix-client-cinny/defaults/main.yml index 1a067e14b..302ed47e5 100644 --- a/roles/custom/matrix-client-cinny/defaults/main.yml +++ b/roles/custom/matrix-client-cinny/defaults/main.yml @@ -141,7 +141,7 @@ matrix_client_cinny_self_check_validate_certificates: true # config.json matrix_client_cinny_default_hs_url: "" -# Default cinny configuration template which covers the generic use case. +# Default Cinny configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # # For a more advanced customization, you can extend the default (see `matrix_client_cinny_configuration_extension_json`) @@ -151,7 +151,7 @@ matrix_client_cinny_default_hs_url: "" # This is unlike what it does when looking up YAML template files (no automatic parsing there). matrix_client_cinny_configuration_default: "{{ lookup('template', 'templates/config.json.j2') }}" -# Your custom JSON configuration for cinny should go to `matrix_client_cinny_configuration_extension_json`. +# Your custom JSON configuration for Cinny should go to `matrix_client_cinny_configuration_extension_json`. # This configuration extends the default starting configuration (`matrix_client_cinny_configuration_default`). # # You can override individual variables from the default configuration, or introduce new ones. @@ -162,6 +162,6 @@ matrix_client_cinny_configuration_extension_json: '{}' matrix_client_cinny_configuration_extension: "{{ matrix_client_cinny_configuration_extension_json | from_json if matrix_client_cinny_configuration_extension_json | from_json is mapping else {} }}" -# Holds the final cinny configuration (a combination of the default and its extension). +# Holds the final Cinny configuration (a combination of the default and its extension). # You most likely don't need to touch this variable. Instead, see `matrix_client_cinny_configuration_default`. matrix_client_cinny_configuration: "{{ matrix_client_cinny_configuration_default | combine(matrix_client_cinny_configuration_extension, recursive=True) }}" From a4bfb9611ec7b0f3636116fc65ebd0cc85e16bbf Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 11 Oct 2024 15:48:08 +0900 Subject: [PATCH 027/404] Fix capitalization: conduit -> Conduit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-conduit.md | 4 ++-- group_vars/matrix_servers | 2 +- roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-conduit.md b/docs/configuring-playbook-conduit.md index 79964dcd9..632d2e150 100644 --- a/docs/configuring-playbook-conduit.md +++ b/docs/configuring-playbook-conduit.md @@ -29,11 +29,11 @@ However, since Conduit is difficult (see [famedly/conduit#276](https://gitlab.co ## Configuring bridges / appservices -Automatic appservice setup is currently unsupported when using conduit. After setting up the service as usual you may notice that it is unable to start. +Automatic appservice setup is currently unsupported when using Conduit. After setting up the service as usual you may notice that it is unable to start. You will have to manually register appservices using the the [register-appservice](https://gitlab.com/famedly/conduit/-/blob/next/APPSERVICES.md) command. -Find the `registration.yaml` in the `/matrix` directory, for example `/matrix/mautrix-signal/bridge/registration.yaml`, then pass the content to conduit: +Find the `registration.yaml` in the `/matrix` directory, for example `/matrix/mautrix-signal/bridge/registration.yaml`, then pass the content to Conduit: @conduit:your.server.name: register-appservice diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 4a3c67c28..3108ba107 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -228,7 +228,7 @@ matrix_addons_homeserver_container_network: "{{ matrix_playbook_reverse_proxy_co matrix_addons_homeserver_client_api_url: "{{ ('http://' + matrix_playbook_reverse_proxy_hostname + ':' + matrix_playbook_internal_matrix_client_api_traefik_entrypoint_port | string) if matrix_playbook_internal_matrix_client_api_traefik_entrypoint_enabled else matrix_homeserver_container_url }}" matrix_addons_homeserver_systemd_services_list: "{{ ([traefik_identifier + '.service'] if matrix_playbook_reverse_proxy_type == 'playbook-managed-traefik' else []) if matrix_playbook_internal_matrix_client_api_traefik_entrypoint_enabled else matrix_homeserver_systemd_services_list }}" -# Starting from version `0.6.0` conduit natively supports some sync v3 (sliding-sync) features. +# Starting from version `0.6.0` Conduit natively supports some sync v3 (sliding-sync) features. matrix_homeserver_sliding_sync_url: "{{ matrix_sliding_sync_base_url if matrix_sliding_sync_enabled else (matrix_homeserver_url if matrix_homeserver_implementation in ['conduit'] else '') }}" ######################################################################## diff --git a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml index eece1fab9..6e691c163 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml @@ -153,6 +153,6 @@ matrix_mautrix_discord_bridge_encryption_allow: "{{ matrix_bridges_encryption_en matrix_mautrix_discord_bridge_encryption_default: "{{ matrix_bridges_encryption_default }}" matrix_mautrix_discord_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_discord_bridge_encryption_allow }}" -# On conduit versions before 0.5.0 this option prevented users from joining spaces created by the bridge. +# On Conduit versions before 0.5.0 this option prevented users from joining spaces created by the bridge. # Setting this to false fixed the issue. matrix_mautrix_discord_bridge_restricted_rooms: true From bf5373479b769128d0b17dbd024bd67a02849d5a Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 12 Oct 2024 20:48:24 +0900 Subject: [PATCH 028/404] Use common expression on documentation regarding playbook configuration Overall the playbook uses the expression "Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:" with the heading "Adjusting the playbook configuration" for sections to explain what to be added as variables Signed-off-by: Suguru Hirahara --- docs/configuring-captcha.md | 2 +- ...figuring-playbook-alertmanager-receiver.md | 3 +- ...uring-playbook-appservice-double-puppet.md | 4 +- ...onfiguring-playbook-base-domain-serving.md | 2 +- ...figuring-playbook-bridge-appservice-irc.md | 4 +- ...ng-playbook-bridge-appservice-kakaotalk.md | 2 +- ...iguring-playbook-bridge-beeper-linkedin.md | 4 ++ ...iguring-playbook-bridge-go-skype-bridge.md | 4 +- ...uring-playbook-bridge-matrix-bridge-sms.md | 6 +-- ...iguring-playbook-bridge-mautrix-discord.md | 4 +- ...guring-playbook-bridge-mautrix-facebook.md | 4 ++ ...uring-playbook-bridge-mautrix-gmessages.md | 4 +- ...ring-playbook-bridge-mautrix-googlechat.md | 4 +- ...guring-playbook-bridge-mautrix-hangouts.md | 6 +-- ...uring-playbook-bridge-mautrix-instagram.md | 5 +++ ...-playbook-bridge-mautrix-meta-instagram.md | 4 +- ...-playbook-bridge-mautrix-meta-messenger.md | 5 +-- ...figuring-playbook-bridge-mautrix-signal.md | 4 +- ...nfiguring-playbook-bridge-mautrix-slack.md | 4 +- ...guring-playbook-bridge-mautrix-telegram.md | 6 ++- ...iguring-playbook-bridge-mautrix-twitter.md | 4 ++ ...guring-playbook-bridge-mautrix-whatsapp.md | 5 ++- ...iguring-playbook-bridge-mautrix-wsproxy.md | 5 +-- ...uring-playbook-bridge-mx-puppet-discord.md | 4 +- ...uring-playbook-bridge-mx-puppet-groupme.md | 4 +- ...ing-playbook-bridge-mx-puppet-instagram.md | 5 +-- ...iguring-playbook-bridge-mx-puppet-slack.md | 37 ++++++++++--------- ...iguring-playbook-bridge-mx-puppet-steam.md | 4 +- ...uring-playbook-bridge-mx-puppet-twitter.md | 9 ++++- docs/configuring-playbook-bridge-wechat.md | 4 +- docs/configuring-playbook-email.md | 3 +- docs/configuring-playbook-email2matrix.md | 4 +- docs/configuring-playbook-etherpad.md | 4 +- .../configuring-playbook-external-postgres.md | 2 +- docs/configuring-playbook-federation.md | 2 +- docs/configuring-playbook-jitsi.md | 2 +- docs/configuring-playbook-ldap-auth.md | 4 +- docs/configuring-playbook-ma1sd.md | 10 ++--- docs/configuring-playbook-matrix-corporal.md | 4 +- docs/configuring-playbook-mautrix-bridges.md | 13 +++---- docs/configuring-playbook-own-webserver.md | 2 +- docs/configuring-playbook-postgres-backup.md | 2 +- ...onfiguring-playbook-prometheus-nginxlog.md | 4 +- ...onfiguring-playbook-prometheus-postgres.md | 4 +- docs/configuring-playbook-rest-auth.md | 5 ++- docs/configuring-playbook-s3-goofys.md | 5 +-- ...configuring-playbook-shared-secret-auth.md | 4 +- docs/configuring-playbook-ssl-certificates.md | 4 +- ...ing-playbook-synapse-auto-accept-invite.md | 2 +- ...guring-playbook-synapse-simple-antispam.md | 4 +- docs/configuring-playbook-synapse.md | 2 +- docs/configuring-playbook-telemetry.md | 2 +- docs/configuring-playbook-turn.md | 2 +- ...ring-playbook-user-verification-service.md | 10 ++--- 54 files changed, 150 insertions(+), 112 deletions(-) diff --git a/docs/configuring-captcha.md b/docs/configuring-captcha.md index 9406c6471..1989d66ee 100644 --- a/docs/configuring-captcha.md +++ b/docs/configuring-captcha.md @@ -16,7 +16,7 @@ Must be a reCAPTCHA **v2** key using the "I'm not a robot" Checkbox option ### Setting ReCaptcha keys -Once registered as above, set the following values: +Once registered as above, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml # for Synapse diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index 3fd90643c..adfd98a4b 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -8,8 +8,9 @@ At the moment, **setting up this service's bot requires some manual actions** as This service is meant to be used with an external [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) instance. It's **not** meant to be integrated with the [Prometheus & Grafana stack](./configuring-playbook-prometheus-grafana.md) installed by this playbook, because the Alertmanager component is not installed by it. +## Adjusting the playbook configuration -## Configuration +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yml matrix_alertmanager_receiver_enabled: true diff --git a/docs/configuring-playbook-appservice-double-puppet.md b/docs/configuring-playbook-appservice-double-puppet.md index 8f7d077ab..1ae89a276 100644 --- a/docs/configuring-playbook-appservice-double-puppet.md +++ b/docs/configuring-playbook-appservice-double-puppet.md @@ -6,7 +6,9 @@ This is useful for performing [double-puppeting](https://docs.mau.fi/bridges/gen Previously, bridges supported performing [double-puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) with the help of the [Shared Secret Auth password provider module](./configuring-playbook-shared-secret-auth.md), but this old and hacky solution has been superseded by this Appservice Double Puppet method. -To enable the Appservice Double Puppet service, adjust your `vars.yml` configuration like this and [re-run the playbook](./installing.md) (`just install-all`): +## Adjusting the playbook configuration + +To enable the Appservice Double Puppet service, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yml matrix_appservice_double_puppet_enabled: true diff --git a/docs/configuring-playbook-base-domain-serving.md b/docs/configuring-playbook-base-domain-serving.md index 95f7547a3..e294a672c 100644 --- a/docs/configuring-playbook-base-domain-serving.md +++ b/docs/configuring-playbook-base-domain-serving.md @@ -14,7 +14,7 @@ Usually, there are 2 options: This documentation page tells you how to do the latter. With some easy changes, we make it possible to serve the base domain from the Matrix server via the integrated webserver. -Just **adjust your DNS records**, so that your base domain is pointed to the Matrix server's IP address (using a DNS `A` record) **and then use the following configuration**: +Just **adjust your DNS records**, so that your base domain is pointed to the Matrix server's IP address (using a DNS `A` record) **and then add the following configuration** to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_static_files_container_labels_base_domain_enabled: true diff --git a/docs/configuring-playbook-bridge-appservice-irc.md b/docs/configuring-playbook-bridge-appservice-irc.md index 93e0fb360..e6be8e130 100644 --- a/docs/configuring-playbook-bridge-appservice-irc.md +++ b/docs/configuring-playbook-bridge-appservice-irc.md @@ -6,7 +6,9 @@ The playbook can install and configure the [matrix-appservice-irc](https://githu See the project's [documentation](https://github.com/matrix-org/matrix-appservice-irc/blob/master/HOWTO.md) to learn what it does and why it might be useful to you. -You'll need to use the following playbook configuration: +## Adjusting the playbook configuration + +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_appservice_irc_enabled: true diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index 99ddafe83..6d4d33c9d 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -9,7 +9,7 @@ See the project's [documentation](https://src.miscworks.net/fair/matrix-appservi ## Installing -To enable the bridge, add this to your `vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_appservice_kakaotalk_enabled: true diff --git a/docs/configuring-playbook-bridge-beeper-linkedin.md b/docs/configuring-playbook-bridge-beeper-linkedin.md index cfd0ec227..d943cb6f1 100644 --- a/docs/configuring-playbook-bridge-beeper-linkedin.md +++ b/docs/configuring-playbook-bridge-beeper-linkedin.md @@ -4,6 +4,10 @@ The playbook can install and configure [beeper-linkedin](https://github.com/beep See the project's [documentation](https://github.com/beeper/linkedin/blob/master/README.md) to learn what it does and why it might be useful to you. +## Adjusting the playbook configuration + +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: + ```yaml matrix_beeper_linkedin_enabled: true ``` diff --git a/docs/configuring-playbook-bridge-go-skype-bridge.md b/docs/configuring-playbook-bridge-go-skype-bridge.md index a7a4fbc80..6b968f290 100644 --- a/docs/configuring-playbook-bridge-go-skype-bridge.md +++ b/docs/configuring-playbook-bridge-go-skype-bridge.md @@ -5,9 +5,9 @@ The playbook can install and configure See the project page to learn what it does and why it might be useful to you. -To enable the [Skype](https://www.skype.com/) bridge just use the following -playbook configuration: +## Adjusting the playbook configuration +To enable the [Skype](https://www.skype.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_go_skype_bridge_enabled: true diff --git a/docs/configuring-playbook-bridge-matrix-bridge-sms.md b/docs/configuring-playbook-bridge-matrix-bridge-sms.md index 86a95ab2a..63b749068 100644 --- a/docs/configuring-playbook-bridge-matrix-bridge-sms.md +++ b/docs/configuring-playbook-bridge-matrix-bridge-sms.md @@ -6,15 +6,15 @@ See the project page to learn what it does and why it might be useful to you. **The bridge uses [android-sms-gateway-server](https://github.com/RebekkaMa/android-sms-gateway-server). You need to configure it first.** -To enable the bridge just use the following -playbook configuration: +## Adjusting the playbook configuration +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_sms_bridge_enabled: true # (optional but recommended) a room id to a default room -matrix_sms_bridge_default_room: "" +matrix_sms_bridge_default_room: "" # (optional but recommended) configure your server location matrix_sms_bridge_default_region: DE diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 6654c8d2a..4a399c42e 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -15,9 +15,9 @@ There are 2 ways to login to discord using this bridge, either by [scanning a QR If this is a dealbreaker for you, consider using one of the other Discord bridges supported by the playbook: [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) or [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md). These come with their own complexity and limitations, however, so we recommend that you proceed with this one if possible. -## Installing +## Adjusting the playbook configuration -To enable the bridge, add this to your `vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mautrix_discord_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index ffb326beb..8b69638c3 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -6,6 +6,10 @@ The playbook can install and configure [mautrix-facebook](https://github.com/mau See the project's [documentation](https://github.com/mautrix/facebook/blob/master/ROADMAP.md) to learn what it does and why it might be useful to you. +## Adjusting the playbook configuration + +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: + ```yaml matrix_mautrix_facebook_enabled: true ``` diff --git a/docs/configuring-playbook-bridge-mautrix-gmessages.md b/docs/configuring-playbook-bridge-mautrix-gmessages.md index e8dbfeade..c171cb893 100644 --- a/docs/configuring-playbook-bridge-mautrix-gmessages.md +++ b/docs/configuring-playbook-bridge-mautrix-gmessages.md @@ -4,7 +4,9 @@ The playbook can install and configure [mautrix-gmessages](https://github.com/ma See the project's [documentation](https://docs.mau.fi/bridges/go/gmessages/index.html) to learn what it does and why it might be useful to you. -Use the following playbook configuration: +## Adjusting the playbook configuration + +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mautrix_gmessages_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-googlechat.md b/docs/configuring-playbook-bridge-mautrix-googlechat.md index bd3b14e7d..e3e7d279f 100644 --- a/docs/configuring-playbook-bridge-mautrix-googlechat.md +++ b/docs/configuring-playbook-bridge-mautrix-googlechat.md @@ -4,8 +4,9 @@ The playbook can install and configure [mautrix-googlechat](https://github.com/m See the project's [documentation](https://docs.mau.fi/bridges/python/googlechat/index.html) to learn what it does and why it might be useful to you. -To enable the [Google Chat](https://chat.google.com/) bridge just use the following playbook configuration: +## Adjusting the playbook configuration +To enable the [Google Chat](https://chat.google.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mautrix_googlechat_enabled: true @@ -51,4 +52,3 @@ Once logged in, recent chats should show up as new conversations automatically. You can learn more about authentication from the bridge's [official documentation on Authentication](https://docs.mau.fi/bridges/python/googlechat/authentication.html). After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting), if you haven't already done so. - diff --git a/docs/configuring-playbook-bridge-mautrix-hangouts.md b/docs/configuring-playbook-bridge-mautrix-hangouts.md index 49dad0279..442c77622 100644 --- a/docs/configuring-playbook-bridge-mautrix-hangouts.md +++ b/docs/configuring-playbook-bridge-mautrix-hangouts.md @@ -1,4 +1,4 @@ -# The [Mautrix Hangouts Bridge](https://mau.dev/mautrix/hangouts) is no longer maintained. It has changed to a [Google Chat Bridge](https://github.com/mautrix/googlechat). Setup instructions for the Google Chat Bridge can be [found here](configuring-playbook-bridge-mautrix-googlechat.md). +# The [Mautrix Hangouts Bridge](https://mau.dev/mautrix/hangouts) is no longer maintained. It has changed to a [Google Chat Bridge](https://github.com/mautrix/googlechat). Setup instructions for the Google Chat Bridge can be [found here](configuring-playbook-bridge-mautrix-googlechat.md). # Setting up Mautrix Hangouts (optional) @@ -6,8 +6,9 @@ The playbook can install and configure [mautrix-hangouts](https://github.com/mau See the project's [documentation](https://docs.mau.fi/bridges/python/hangouts/index.html) to learn what it does and why it might be useful to you. -To enable the [Google Hangouts](https://hangouts.google.com/) bridge just use the following playbook configuration: +## Adjusting the playbook configuration +To enable the [Google Hangouts](https://hangouts.google.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mautrix_hangouts_enabled: true @@ -51,4 +52,3 @@ Once logged in, recent chats should show up as new conversations automatically. You can learn more about authentication from the bridge's [official documentation on Authentication](https://docs.mau.fi/bridges/python/hangouts/authentication.html). After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting), if you haven't already done so. - diff --git a/docs/configuring-playbook-bridge-mautrix-instagram.md b/docs/configuring-playbook-bridge-mautrix-instagram.md index 90458a028..a1e7620d6 100644 --- a/docs/configuring-playbook-bridge-mautrix-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-instagram.md @@ -6,9 +6,14 @@ The playbook can install and configure [mautrix-instagram](https://github.com/ma See the project's [documentation](https://docs.mau.fi/bridges/python/instagram/index.html) to learn what it does and why it might be useful to you. +## Adjusting the playbook configuration + +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: + ```yaml matrix_mautrix_instagram_enabled: true ``` + There are some additional things you may wish to configure about the bridge before you continue. Encryption support is off by default. If you would like to enable encryption, add the following to your `vars.yml` file: diff --git a/docs/configuring-playbook-bridge-mautrix-meta-instagram.md b/docs/configuring-playbook-bridge-mautrix-meta-instagram.md index efcdf2281..19fd7953b 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-instagram.md @@ -21,9 +21,9 @@ This would give you a list of portals and groups of portals you may purge. Proce Then, consider disabling the old bridge in your configuration, so it won't recreate the portals when you receive new messages. -## Configuration +## Adjusting the playbook configuration -Most simply, you can enable the bridge with the following playbook configuration: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mautrix_meta_instagram_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md index ceb8def91..4da2f3aca 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md @@ -17,10 +17,9 @@ This would give you a list of portals and groups of portals you may purge. Proce Then, consider disabling the old bridge in your configuration, so it won't recreate the portals when you receive new messages. +## Adjusting the playbook configuration -## Configuration - -Most simply, you can enable the bridge with the following playbook configuration: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mautrix_meta_messenger_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index 7e2229ad8..e01cf603a 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -8,7 +8,9 @@ See the project's [documentation](https://docs.mau.fi/bridges/python/signal/inde **Note**: This revamped version of the [mautrix-signal (legacy)](configuring-playbook-bridge-mautrix-signal.md) may increase the CPU usage of your homeserver. -Use the following playbook configuration: +## Adjusting the playbook configuration + +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mautrix_signal_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-slack.md b/docs/configuring-playbook-bridge-mautrix-slack.md index 808aca299..889384a80 100644 --- a/docs/configuring-playbook-bridge-mautrix-slack.md +++ b/docs/configuring-playbook-bridge-mautrix-slack.md @@ -18,9 +18,9 @@ For using this bridge, you would need to authenticate by **providing your userna Note that neither of these methods are officially supported by Slack. [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) uses a Slack bot account which is the only officially supported method for bridging a Slack channel. -## Installing +## Adjusting the playbook configuration -To enable the bridge, add this to your `vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mautrix_slack_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index 9bd6d50a3..b4a0e5f75 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -4,7 +4,9 @@ The playbook can install and configure [mautrix-telegram](https://github.com/mau See the project's [documentation](https://docs.mau.fi/bridges/python/telegram/index.html) to learn what it does and why it might be useful to you. -You'll need to obtain API keys from [https://my.telegram.org/apps](https://my.telegram.org/apps) and then use the following playbook configuration: +## Adjusting the playbook configuration + +You'll need to obtain API keys from [https://my.telegram.org/apps](https://my.telegram.org/apps) and then add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mautrix_telegram_enabled: true @@ -41,7 +43,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee You then need to start a chat with `@telegrambot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). -If you want to use the relay-bot feature ([relay bot documentation](https://docs.mau.fi/bridges/python/telegram/relay-bot.html)), which allows anonymous user to chat with telegram users, use the following additional playbook configuration: +If you want to use the relay-bot feature ([relay bot documentation](https://docs.mau.fi/bridges/python/telegram/relay-bot.html)), which allows anonymous user to chat with telegram users, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mautrix_telegram_bot_token: YOUR_TELEGRAM_BOT_TOKEN diff --git a/docs/configuring-playbook-bridge-mautrix-twitter.md b/docs/configuring-playbook-bridge-mautrix-twitter.md index 5dc282f09..b54e555b9 100644 --- a/docs/configuring-playbook-bridge-mautrix-twitter.md +++ b/docs/configuring-playbook-bridge-mautrix-twitter.md @@ -6,6 +6,10 @@ The playbook can install and configure [mautrix-twitter](https://github.com/maut See the project's [documentation](https://github.com/mautrix/twitter) to learn what it does and why it might be useful to you. +## Adjusting the playbook configuration + +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: + ```yaml matrix_mautrix_twitter_enabled: true ``` diff --git a/docs/configuring-playbook-bridge-mautrix-whatsapp.md b/docs/configuring-playbook-bridge-mautrix-whatsapp.md index d6c1ff455..e405ce204 100644 --- a/docs/configuring-playbook-bridge-mautrix-whatsapp.md +++ b/docs/configuring-playbook-bridge-mautrix-whatsapp.md @@ -4,11 +4,14 @@ The playbook can install and configure [mautrix-whatsapp](https://github.com/mau See the project's [documentation](https://docs.mau.fi/bridges/go/whatsapp/index.html) to learn what it does and why it might be useful to you. -Use the following playbook configuration: +## Adjusting the playbook configuration + +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mautrix_whatsapp_enabled: true ``` + Whatsapp multidevice beta is required, now it is enough if Whatsapp is connected to the Internet every 2 weeks. The relay bot functionality is off by default. If you would like to enable the relay bot, add the following to your `vars.yml` file: diff --git a/docs/configuring-playbook-bridge-mautrix-wsproxy.md b/docs/configuring-playbook-bridge-mautrix-wsproxy.md index 8e3bc2c48..eaed4a8c2 100644 --- a/docs/configuring-playbook-bridge-mautrix-wsproxy.md +++ b/docs/configuring-playbook-bridge-mautrix-wsproxy.md @@ -10,10 +10,9 @@ See the project's [documentation](https://github.com/mautrix/wsproxy#readme) to You need to create a `wsproxy.DOMAIN` DNS record pointing to your Matrix server (a `CNAME` pointing to `matrix.DOMAIN`) to use wsproxy. The hostname is configurable via a `matrix_mautrix_wsproxy_hostname` variable. +## Adjusting the playbook configuration -## Configuration - -Use the following playbook configuration: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mautrix_wsproxy_enabled: true diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index c266f8433..bc39d75bb 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -11,9 +11,9 @@ See the project page to learn what it does and why it might be useful to you. **Note**: we actually use the [Beeper](https://www.beeper.com/)-maintained [fork of mx-puppet-discord](https://gitlab.com/beeper/mx-puppet-monorepo), because `matrix-discord/mx-puppet-discord` is a low-quality and poorly maintained project. -To enable the [Discord](https://discordapp.com/) bridge just use the following -playbook configuration: +## Adjusting the playbook configuration +To enable the [Discord](https://discordapp.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mx_puppet_discord_enabled: true diff --git a/docs/configuring-playbook-bridge-mx-puppet-groupme.md b/docs/configuring-playbook-bridge-mx-puppet-groupme.md index 4d03d5d96..073f7c678 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-groupme.md +++ b/docs/configuring-playbook-bridge-mx-puppet-groupme.md @@ -5,9 +5,9 @@ The playbook can install and configure See the project page to learn what it does and why it might be useful to you. -To enable the [GroupMe](https://groupme.com/) bridge just use the following -playbook configuration: +## Adjusting the playbook configuration +To enable the [GroupMe](https://groupme.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mx_puppet_groupme_enabled: true diff --git a/docs/configuring-playbook-bridge-mx-puppet-instagram.md b/docs/configuring-playbook-bridge-mx-puppet-instagram.md index 3dad98449..0157d16e3 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-instagram.md +++ b/docs/configuring-playbook-bridge-mx-puppet-instagram.md @@ -5,9 +5,9 @@ The playbook can install and configure This allows you to bridge Instagram DirectMessages into Matrix. -To enable the [Instagram](https://www.instagram.com/) bridge just use the following -playbook configuration: +## Adjusting the playbook configuration +To enable the [Instagram](https://www.instagram.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mx_puppet_instagram_enabled: true @@ -33,4 +33,3 @@ For double-puppeting, you probably want to issue these commands: If you are linking only one Instagram account, your `$puppetId` is probably 1, but use the `list` command find out. The `help` command shows which commands are available, though at the time of writing, not every command is fully implemented. - diff --git a/docs/configuring-playbook-bridge-mx-puppet-slack.md b/docs/configuring-playbook-bridge-mx-puppet-slack.md index c195b8b50..3f0607513 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-slack.md +++ b/docs/configuring-playbook-bridge-mx-puppet-slack.md @@ -8,25 +8,28 @@ The playbook can install and configure [Beeper](https://www.beeper.com/)-maintai See the project page to learn what it does and why it might be useful to you. -## Setup +## Prerequisite -To enable the [Slack](https://slack.com/) bridge: +Follow the [OAuth credentials](https://github.com/Sorunome/mx-puppet-slack#option-2-oauth) instructions to create a new Slack app, setting the redirect URL to `https://matrix.DOMAIN/slack/oauth`. -1. Follow the - [OAuth credentials](https://github.com/Sorunome/mx-puppet-slack#option-2-oauth) - instructions to create a new Slack app, setting the redirect URL to - `https://matrix.YOUR_DOMAIN/slack/oauth`. -2. Update your `vars.yml` with the following: - ```yaml - matrix_mx_puppet_slack_enabled: true - # Client ID must be quoted so YAML does not parse it as a float. - matrix_mx_puppet_slack_oauth_client_id: "" - matrix_mx_puppet_slack_oauth_client_secret: "" - ``` -3. Run playbooks with `setup-all` and `start` tags: - ``` - ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start - ``` +## Adjusting the playbook configuration + +To enable the [Slack](https://slack.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: + +```yaml +matrix_mx_puppet_slack_enabled: true +# Client ID must be quoted so YAML does not parse it as a float. +matrix_mx_puppet_slack_oauth_client_id: "" +matrix_mx_puppet_slack_oauth_client_secret: "" +``` + +## Installing + +After configuring the playbook, run the [installation](installing.md) command: + +``` +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +``` ## Usage diff --git a/docs/configuring-playbook-bridge-mx-puppet-steam.md b/docs/configuring-playbook-bridge-mx-puppet-steam.md index 5681c3d12..7c3c0807b 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-steam.md +++ b/docs/configuring-playbook-bridge-mx-puppet-steam.md @@ -5,9 +5,9 @@ The playbook can install and configure See the project page to learn what it does and why it might be useful to you. -To enable the [Steam](https://steampowered.com/) bridge just use the following -playbook configuration: +## Adjusting the playbook configuration +To enable the [Steam](https://steampowered.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mx_puppet_steam_enabled: true diff --git a/docs/configuring-playbook-bridge-mx-puppet-twitter.md b/docs/configuring-playbook-bridge-mx-puppet-twitter.md index cd3dd39ca..fd14056a2 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-twitter.md +++ b/docs/configuring-playbook-bridge-mx-puppet-twitter.md @@ -7,8 +7,13 @@ The playbook can install and configure See the project page to learn what it does and why it might be useful to you. -To enable the [Twitter](https://twitter.com) bridge, make an app on [developer.twitter.com](https://developer.twitter.com/en/apps) -and fill out the following playbook configuration. +## Prerequisite + +Make an app on [developer.twitter.com](https://developer.twitter.com/en/apps). + +## Adjusting the playbook configuration + +To enable the [Twitter](https://twitter.com) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_mx_puppet_twitter_enabled: true diff --git a/docs/configuring-playbook-bridge-wechat.md b/docs/configuring-playbook-bridge-wechat.md index fe4a3b6b2..58f5fd08a 100644 --- a/docs/configuring-playbook-bridge-wechat.md +++ b/docs/configuring-playbook-bridge-wechat.md @@ -4,7 +4,9 @@ The playbook can install and configure the [matrix-wechat](https://github.com/du See the project page to learn what it does and why it might be useful to you. -To enable the bridge, use the following playbook configuration and re-run the playbook's [installation](./installing.md) procedure: +## Adjusting the playbook configuration + +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_wechat_enabled: true diff --git a/docs/configuring-playbook-email.md b/docs/configuring-playbook-email.md index ae479bc98..a7c500250 100644 --- a/docs/configuring-playbook-email.md +++ b/docs/configuring-playbook-email.md @@ -17,8 +17,7 @@ No matter whether you send email directly (the default) or you relay email throu ## Relaying email through another SMTP server -If you'd like to relay email through another SMTP server, feel free to redefine a few playbook variables. -Example: +If you'd like to relay email through another SMTP server, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): ```yaml exim_relay_sender_address: "another.sender@example.com" diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 345909d9c..6db339b43 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -43,9 +43,9 @@ You'll need the room id when doing [Configuration](#configuration) below. In order for the sender user created above to be able to send messages to the room, we'll need to obtain an access token for it. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). -## Configuration +## Adjusting the playbook configuration -After doing the preparation steps above, adjust your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration like this: +After doing the preparation steps above, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): ```yaml matrix_email2matrix_enabled: true diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 8932f7692..f7076bfba 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -28,9 +28,9 @@ Once you've decided on the domain and path, **you may need to adjust your DNS** If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. -## Installing +## Adjusting the playbook configuration -[Etherpad](https://etherpad.org) installation is disabled by default. You can enable it in your configuration file (`inventory/host_vars/matrix./vars.yml`): +[Etherpad](https://etherpad.org) installation is disabled by default. To enable Etherpad, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml etherpad_enabled: true diff --git a/docs/configuring-playbook-external-postgres.md b/docs/configuring-playbook-external-postgres.md index 952b474b7..f78113b73 100644 --- a/docs/configuring-playbook-external-postgres.md +++ b/docs/configuring-playbook-external-postgres.md @@ -7,7 +7,7 @@ If you'd like to use an external PostgreSQL server that you manage, you can edit **NOTE**: using **an external Postgres server is currently [not very seamless](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1682#issuecomment-1061461683) when it comes to enabling various other playbook services** - you will need to create a new database/credentials for each service and to point each service to its corresponding database using custom `vars.yml` configuration. **For the best experience with the playbook, stick to using the integrated Postgres server**. -If you'd like to use an external Postgres server, use a custom `vars.yml` configuration like this: +If you'd like to use an external Postgres server, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): ```yaml postgres_enabled: false diff --git a/docs/configuring-playbook-federation.md b/docs/configuring-playbook-federation.md index fe8cfc40b..548c55bef 100644 --- a/docs/configuring-playbook-federation.md +++ b/docs/configuring-playbook-federation.md @@ -6,7 +6,7 @@ That is, people on your server can communicate with people on any other Matrix s ## Federating only with select servers -To make your server only federate with servers of your choosing, add this to your configuration file (`inventory/host_vars/matrix./vars.yml`): +To make your server only federate with servers of your choosing, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): ```yaml matrix_synapse_federation_domain_whitelist: diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index df923c467..2affbb6aa 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -19,7 +19,7 @@ You may also need to open the following ports to your server: ## Installation -Add this to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration: +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml jitsi_enabled: true diff --git a/docs/configuring-playbook-ldap-auth.md b/docs/configuring-playbook-ldap-auth.md index dabc25219..8a9898e05 100644 --- a/docs/configuring-playbook-ldap-auth.md +++ b/docs/configuring-playbook-ldap-auth.md @@ -4,11 +4,11 @@ The playbook can install and configure the [matrix-synapse-ldap3](https://github See that project's documentation to learn what it does and why it might be useful to you. -If you decide that you'd like to let this playbook install it for you, you need some configuration like this: +If you decide that you'd like to let this playbook install it for you, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): ```yaml matrix_synapse_ext_password_provider_ldap_enabled: true -matrix_synapse_ext_password_provider_ldap_uri: +matrix_synapse_ext_password_provider_ldap_uri: - "ldap://ldap-01.mydomain.tld:389" - "ldap://ldap-02.mydomain.tld:389" matrix_synapse_ext_password_provider_ldap_start_tls: true diff --git a/docs/configuring-playbook-ma1sd.md b/docs/configuring-playbook-ma1sd.md index d49c74770..a7e12f605 100644 --- a/docs/configuring-playbook-ma1sd.md +++ b/docs/configuring-playbook-ma1sd.md @@ -10,14 +10,15 @@ This server is private by default, potentially at the expense of user discoverab **Note**: enabling ma1sd, means that the `openid` API endpoints will be exposed on the Matrix Federation port (usually `8448`), even if [federation](configuring-playbook-federation.md) is disabled. It's something to be aware of, especially in terms of firewall whitelisting (make sure port `8448` is accessible). -To enable ma1sd, use the following additional configuration in your `vars.yml` file: +## Adjusting the playbook configuration + +To enable ma1sd, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_ma1sd_enabled: true ``` - -## Matrix.org lookup forwarding +### Matrix.org lookup forwarding To ensure maximum discovery, you can make your identity server also forward lookups to the central matrix.org Identity server (at the cost of potentially leaking all your contacts information). @@ -29,8 +30,7 @@ Enabling matrix.org forwarding can happen with the following configuration: matrix_ma1sd_matrixorg_forwarding_enabled: true ``` - -## Customizing email templates +### Customizing email templates If you'd like to change the default email templates used by ma1sd, take a look at the `matrix_ma1sd_threepid_medium_email_custom_` variables (in the `roles/custom/matrix-ma1sd/defaults/main.yml` file. diff --git a/docs/configuring-playbook-matrix-corporal.md b/docs/configuring-playbook-matrix-corporal.md index 2000cfd99..7fb0bd3b5 100644 --- a/docs/configuring-playbook-matrix-corporal.md +++ b/docs/configuring-playbook-matrix-corporal.md @@ -16,9 +16,9 @@ If you decide that you'd like to let this playbook install it for you, you'd nee - (optional, but encouraged) [set up the REST authentication password provider module](configuring-playbook-rest-auth.md) -## Playbook configuration +## Adjusting the playbook configuration -You would then need some configuration like this: +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): ```yaml # The Shared Secret Auth password provider module is required for Corporal to work. diff --git a/docs/configuring-playbook-mautrix-bridges.md b/docs/configuring-playbook-mautrix-bridges.md index 482e25b7f..5cddf5c42 100644 --- a/docs/configuring-playbook-mautrix-bridges.md +++ b/docs/configuring-playbook-mautrix-bridges.md @@ -5,24 +5,23 @@ This is a common guide for configuring mautrix bridges. You can see each bridge's features at in the `ROADMAP.md` file in its corresponding [mautrix](https://github.com/mautrix) repository. -To enable a bridge add: +## Adjusting the playbook configuration +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml # Replace SERVICENAME with one of: twitter, facebook, instagram, .. matrix_mautrix_SERVICENAME_enabled: true ``` -to your `vars.yml` - There are some additional things you may wish to configure about the bridge before you continue. Each bridge may have additional requirements besides `_enabled: true`. For example, the mautrix-telegram bridge (our documentation page about it is [here](configuring-playbook-bridge-mautrix-telegram.md)) requires the `matrix_mautrix_telegram_api_id` and `matrix_mautrix_telegram_api_hash` variables to be defined. Refer to each bridge's individual documentation page for details about enabling bridges. -You can add +To **configure a user as an administrator for all bridges**, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_admin: "@YOUR_USERNAME:{{ matrix_domain }}" ``` -to `vars.yml` to **configure a user as an administrator for all bridges**. + **Alternatively** (more verbose, but allows multiple admins to be configured), you can do the same on a per-bridge basis with: ```yaml @@ -34,7 +33,7 @@ matrix_mautrix_SERVICENAME_configuration_extension_yaml: | ## encryption -Encryption support is off by default. If you would like to enable encryption, add the following to your `vars.yml` file: +Encryption support is off by default. If you would like to enable encryption, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: **for all bridges with encryption support**: @@ -52,7 +51,7 @@ matrix_mautrix_SERVICENAME_bridge_encryption_default: true ## relay mode -Relay mode is off by default. If you would like to enable relay mode, add the following to your `vars.yml` file: +Relay mode is off by default. If you would like to enable relay mode, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: **for all bridges with relay mode support**: diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 98a89ba1d..a02693608 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -16,7 +16,7 @@ There are 2 ways to use Traefik with this playbook, as described below. ### Traefik managed by the playbook -To have the playbook install and use Traefik, use configuration like this (as seen in `examples/vars.yml`): +To have the playbook install and use Traefik, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_playbook_reverse_proxy_type: playbook-managed-traefik diff --git a/docs/configuring-playbook-postgres-backup.md b/docs/configuring-playbook-postgres-backup.md index becdd123d..e61ab19d6 100644 --- a/docs/configuring-playbook-postgres-backup.md +++ b/docs/configuring-playbook-postgres-backup.md @@ -7,7 +7,7 @@ For a more complete backup solution (one that includes not only Postgres, but al ## Adjusting the playbook configuration -Minimal working configuration (`inventory/host_vars/matrix.DOMAIN/vars.yml`) to enable Postgres backup: +To enable Postgres backup, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml postgres_backup_enabled: true diff --git a/docs/configuring-playbook-prometheus-nginxlog.md b/docs/configuring-playbook-prometheus-nginxlog.md index ebd2fc9a3..97f2093c6 100644 --- a/docs/configuring-playbook-prometheus-nginxlog.md +++ b/docs/configuring-playbook-prometheus-nginxlog.md @@ -14,7 +14,7 @@ If your setup includes [Grafana](./configuring-playbook-prometheus-grafana.md), ## Configuration -You can enable this role by adding the following settings in your configuration file (`inventory/host_vars/matrix./vars.yml`): +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_prometheus_nginxlog_exporter_enabled: true @@ -50,5 +50,3 @@ You can either use `matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled Whichever way you go with, this service will expose its metrics endpoint **without password-protection** at `https://matrix.DOMAIN/metrics/nginxlog` by default. For password-protection, use (`matrix_metrics_exposure_http_basic_auth_enabled` and `matrix_metrics_exposure_http_basic_auth_users`) or (`matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_enabled` and `matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_users`). - - diff --git a/docs/configuring-playbook-prometheus-postgres.md b/docs/configuring-playbook-prometheus-postgres.md index 58f97b893..a514f1445 100644 --- a/docs/configuring-playbook-prometheus-postgres.md +++ b/docs/configuring-playbook-prometheus-postgres.md @@ -2,8 +2,9 @@ Expanding on the metrics exposed by the [synapse exporter and the node exporter](configuring-playbook-prometheus-grafana.md), the playbook enables the [postgres exporter](https://github.com/prometheus-community/postgres_exporter) that exposes more detailed information about what's happening on your postgres database. -You can enable this with the following settings in your configuration file (`inventory/host_vars/matrix./vars.yml`): +## Adjusting the playbook configuration +To enable the postgres exporter, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml prometheus_postgres_exporter_enabled: true @@ -22,4 +23,3 @@ Name | Description ## More information - [The PostgresSQL dashboard](https://grafana.com/grafana/dashboards/9628) (generic postgres dashboard) - diff --git a/docs/configuring-playbook-rest-auth.md b/docs/configuring-playbook-rest-auth.md index 23644c9eb..a64355197 100644 --- a/docs/configuring-playbook-rest-auth.md +++ b/docs/configuring-playbook-rest-auth.md @@ -4,7 +4,9 @@ The playbook can install and configure [matrix-synapse-rest-auth](https://github See that project's documentation to learn what it does and why it might be useful to you. -If you decide that you'd like to let this playbook install it for you, you need some configuration like this: +## Adjusting the playbook configuration + +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): ```yaml matrix_synapse_ext_password_provider_rest_auth_enabled: true @@ -14,7 +16,6 @@ matrix_synapse_ext_password_provider_rest_auth_registration_profile_name_autofil matrix_synapse_ext_password_provider_rest_auth_login_profile_name_autofill: false ``` - ## Authenticating only using a password provider If you wish for users to **authenticate only against configured password providers** (like this one), **without consulting Synapse's local database**, feel free to disable it: diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md index ef8f20c2c..4181cecea 100644 --- a/docs/configuring-playbook-s3-goofys.md +++ b/docs/configuring-playbook-s3-goofys.md @@ -9,10 +9,9 @@ Using a Goofys-backed media store works, but performance may not be ideal. If po If you'd like to move your locally-stored media store data to Amazon S3 (or another S3-compatible object store), we also provide some migration instructions below. +## Adjusting the playbook configuration -## Usage - -After [creating the S3 bucket and configuring it](configuring-playbook-s3.md#bucket-creation-and-security-configuration), you can proceed to configure Goofys in your configuration file (`inventory/host_vars/matrix./vars.yml`): +After [creating the S3 bucket and configuring it](configuring-playbook-s3.md#bucket-creation-and-security-configuration), add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): ```yaml matrix_s3_media_store_enabled: true diff --git a/docs/configuring-playbook-shared-secret-auth.md b/docs/configuring-playbook-shared-secret-auth.md index 21d1c332a..2c89bb2ad 100644 --- a/docs/configuring-playbook-shared-secret-auth.md +++ b/docs/configuring-playbook-shared-secret-auth.md @@ -4,7 +4,9 @@ The playbook can install and configure [matrix-synapse-shared-secret-auth](https See that project's documentation to learn what it does and why it might be useful to you. -If you decide that you'd like to let this playbook install it for you, you need some configuration (`inventory/host_vars/matrix./vars.yml`) like this: +## Adjusting the playbook configuration + +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_synapse_ext_password_provider_shared_secret_auth_enabled: true diff --git a/docs/configuring-playbook-ssl-certificates.md b/docs/configuring-playbook-ssl-certificates.md index 935af7d51..0f1b9e509 100644 --- a/docs/configuring-playbook-ssl-certificates.md +++ b/docs/configuring-playbook-ssl-certificates.md @@ -9,7 +9,7 @@ This guide is about using the integrated Traefik server and doesn't apply if you For testing purposes, you may wish to use staging certificates provide by Let's Encrypt. -You can do this with the following configuration: +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml traefik_config_certificatesResolvers_acme_use_staging: true @@ -20,7 +20,7 @@ traefik_config_certificatesResolvers_acme_use_staging: true For testing or other purposes, you may wish to install services without SSL termination and have services exposed to `http://` instead of `https://`. -You can do this with the following configuration: +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml traefik_config_entrypoint_web_secure_enabled: false diff --git a/docs/configuring-playbook-synapse-auto-accept-invite.md b/docs/configuring-playbook-synapse-auto-accept-invite.md index e380d4f93..db819fb7e 100644 --- a/docs/configuring-playbook-synapse-auto-accept-invite.md +++ b/docs/configuring-playbook-synapse-auto-accept-invite.md @@ -10,7 +10,7 @@ In short, it automatically accepts room invites. You can specify that only 1:1 r ## Configuration -If you decide that you'd like to let this playbook install the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite module for you, you need a configuration like this: +If you decide that you'd like to let this playbook install the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite module for you, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_synapse_ext_synapse_auto_accept_invite_enabled: true diff --git a/docs/configuring-playbook-synapse-simple-antispam.md b/docs/configuring-playbook-synapse-simple-antispam.md index 4c365a567..a5ba1033d 100644 --- a/docs/configuring-playbook-synapse-simple-antispam.md +++ b/docs/configuring-playbook-synapse-simple-antispam.md @@ -5,7 +5,9 @@ The playbook can install and configure [synapse-simple-antispam](https://github. See that project's documentation to learn what it does and why it might be useful to you. In short, it lets you fight invite-spam by automatically blocking invitiations from a list of servers specified by you (blacklisting). -If you decide that you'd like to let this playbook install it for you, you need some configuration like this: +## Adjusting the playbook configuration + +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): ```yaml matrix_synapse_ext_spam_checker_synapse_simple_antispam_enabled: true diff --git a/docs/configuring-playbook-synapse.md b/docs/configuring-playbook-synapse.md index 41470cd5d..9802fc093 100644 --- a/docs/configuring-playbook-synapse.md +++ b/docs/configuring-playbook-synapse.md @@ -22,7 +22,7 @@ Alternatively, **if there is no pre-defined variable** for a Synapse setting you To have Synapse gracefully handle thousands of users, worker support should be enabled. It factors out some homeserver tasks and spreads the load of incoming client and server-to-server traffic between multiple processes. More information can be found in the [official Synapse workers documentation](https://github.com/element-hq/synapse/blob/master/docs/workers.md) and [Tom Foster](https://github.com/tcpipuk)'s [Synapse homeserver guide](https://tcpipuk.github.io/synapse/index.html). -To enable Synapse worker support, update your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable Synapse worker support, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_synapse_workers_enabled: true diff --git a/docs/configuring-playbook-telemetry.md b/docs/configuring-playbook-telemetry.md index 8183fa5b8..3d2efde68 100644 --- a/docs/configuring-playbook-telemetry.md +++ b/docs/configuring-playbook-telemetry.md @@ -9,7 +9,7 @@ growth of the Matrix community, and helps to make Matrix a success. ## Enabling Telemetry -If you'd like to **help by enabling submission of general usage statistics** for your homeserver, add this to your configuration file (`inventory/host_vars/matrix./vars.yml`): +If you'd like to **help by enabling submission of general usage statistics** for your homeserver, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_synapse_report_stats: true # for synapse diff --git a/docs/configuring-playbook-turn.md b/docs/configuring-playbook-turn.md index 4e02dddb5..d41ead932 100644 --- a/docs/configuring-playbook-turn.md +++ b/docs/configuring-playbook-turn.md @@ -7,7 +7,7 @@ By default, the Synapse chat server is configured, so that it points to the Cotu ## Disabling Coturn -If, for some reason, you'd like to prevent the playbook from installing Coturn, you can use the following configuration: +If, for some reason, you'd like to prevent the playbook from installing Coturn, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_coturn_enabled: false diff --git a/docs/configuring-playbook-user-verification-service.md b/docs/configuring-playbook-user-verification-service.md index d33c7147d..cefe39a87 100644 --- a/docs/configuring-playbook-user-verification-service.md +++ b/docs/configuring-playbook-user-verification-service.md @@ -11,7 +11,7 @@ If the Jitsi server is also configured by this playbook, all plugging of variabl __Some general concepts of UVS may be helpful to understand the rest, so here they are:__ -UVS can be used to verify two claims: +UVS can be used to verify two claims: * (A) Whether a given OpenID token is valid for a given server and * (B) whether a user is member of a given room and the corresponding PowerLevel @@ -31,7 +31,7 @@ In order to use UVS, an admin token for the configured homeserver must be suppli ## Enable [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) installation is disabled by default. -You can enable it in your configuration file (`inventory/host_vars/matrix./vars.yml`): +To enable it, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_user_verification_service_enabled: true @@ -95,12 +95,12 @@ matrix_user_verification_service_uvs_pin_openid_verify_server_name: false in your host_vars. -This will instruct UVS to verify the OpenID token against any domain given in a request. +This will instruct UVS to verify the OpenID token against any domain given in a request. Homeserver discovery is done via '.well-known/matrix/server' of the given domain. ## Installation -After these variables have been set, please run the following command to re-run setup and to restart UVS: +After these variables have been set, run the [installation](installing.md) command to restart UVS: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-matrix-user-verification-service,start @@ -108,7 +108,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-matrix-user-verificat ## Logging -The configuration variable `UVS_LOG_LEVEL` can be set to: +The configuration variable `UVS_LOG_LEVEL` can be set to: - warning - info - debug From 282e8be07daf13670aac0df5e49d82814d8e65b3 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 13 Oct 2024 03:03:46 +0900 Subject: [PATCH 029/404] Use common sentences on documentation regarding installation Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-alertmanager-receiver.md | 2 +- docs/configuring-playbook-appservice-double-puppet.md | 6 ++++++ docs/configuring-playbook-bot-matrix-registration-bot.md | 2 +- docs/configuring-playbook-bot-maubot.md | 2 +- docs/configuring-playbook-bridge-appservice-irc.md | 6 ++++++ docs/configuring-playbook-bridge-appservice-kakaotalk.md | 8 +++++++- docs/configuring-playbook-bridge-beeper-linkedin.md | 3 +++ docs/configuring-playbook-bridge-go-skype-bridge.md | 3 +++ docs/configuring-playbook-bridge-heisenbridge.md | 4 ++++ docs/configuring-playbook-bridge-matrix-bridge-sms.md | 3 +++ docs/configuring-playbook-bridge-mautrix-discord.md | 8 +++++++- docs/configuring-playbook-bridge-mautrix-facebook.md | 3 +++ docs/configuring-playbook-bridge-mautrix-gmessages.md | 4 ++++ docs/configuring-playbook-bridge-mautrix-googlechat.md | 3 +++ docs/configuring-playbook-bridge-mautrix-hangouts.md | 3 +++ docs/configuring-playbook-bridge-mautrix-instagram.md | 3 +++ ...configuring-playbook-bridge-mautrix-meta-instagram.md | 4 ++++ ...configuring-playbook-bridge-mautrix-meta-messenger.md | 4 ++++ docs/configuring-playbook-bridge-mautrix-signal.md | 4 ++++ docs/configuring-playbook-bridge-mautrix-slack.md | 8 +++++++- docs/configuring-playbook-bridge-mautrix-telegram.md | 4 ++++ docs/configuring-playbook-bridge-mautrix-twitter.md | 3 +++ docs/configuring-playbook-bridge-mautrix-whatsapp.md | 4 ++++ docs/configuring-playbook-bridge-mautrix-wsproxy.md | 3 +++ docs/configuring-playbook-bridge-mx-puppet-discord.md | 3 +++ docs/configuring-playbook-bridge-mx-puppet-groupme.md | 3 +++ docs/configuring-playbook-bridge-mx-puppet-instagram.md | 3 +++ docs/configuring-playbook-bridge-mx-puppet-steam.md | 3 +++ docs/configuring-playbook-bridge-mx-puppet-twitter.md | 3 +++ docs/configuring-playbook-bridge-wechat.md | 4 ++++ docs/configuring-playbook-cactus-comments.md | 3 +-- docs/configuring-playbook-etherpad.md | 3 ++- docs/configuring-playbook-jitsi.md | 9 ++++++--- docs/configuring-playbook-ma1sd.md | 3 +++ docs/configuring-playbook-matrix-corporal.md | 4 +++- ...onfiguring-playbook-matrix-ldap-registration-proxy.md | 3 +++ docs/configuring-playbook-matrix-registration.md | 8 +++++--- docs/configuring-playbook-mautrix-bridges.md | 3 +++ docs/configuring-playbook-ntfy.md | 2 +- docs/configuring-playbook-pantalaimon.md | 2 +- docs/configuring-playbook-postgres-backup.md | 2 +- docs/configuring-playbook-prometheus-nginxlog.md | 4 +++- docs/configuring-playbook-prometheus-postgres.md | 4 ++++ docs/configuring-playbook-rest-auth.md | 4 ++++ docs/configuring-playbook-riot-web.md | 3 +-- docs/configuring-playbook-shared-secret-auth.md | 4 ++++ docs/configuring-playbook-synapse-admin.md | 2 +- 47 files changed, 156 insertions(+), 23 deletions(-) diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index adfd98a4b..0b07dd0c2 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -63,7 +63,7 @@ Steps 3 and 4 need to be done for each new room you'd like the bot to deliver al ## Installation -Now that you've [prepared the bot account and room](#account-and-room-preparation) and have [configured the playbook](#configuration), you can re-run the [installation](./installing.md) process (`just install-all`). +Now that you've [prepared the bot account and room](#account-and-room-preparation) and have [configured the playbook](#configuration), you can run the [installation](installing.md) command: `just install-all` Then, you can proceed to [Usage](#usage). diff --git a/docs/configuring-playbook-appservice-double-puppet.md b/docs/configuring-playbook-appservice-double-puppet.md index 1ae89a276..5e0886a30 100644 --- a/docs/configuring-playbook-appservice-double-puppet.md +++ b/docs/configuring-playbook-appservice-double-puppet.md @@ -14,4 +14,10 @@ To enable the Appservice Double Puppet service, add the following configuration matrix_appservice_double_puppet_enabled: true ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` + +## Usage + When enabled, double puppeting will automatically be enabled for all bridges that support double puppeting via the appservice method. diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index 703714836..78532f40e 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -34,7 +34,7 @@ The bot account will be created automatically. ## Installing -After configuring the playbook, re-run the [installation](installing.md) command again: `just install-all` or `just setup-all` +After configuring the playbook, re-run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index b735ff61b..d1ce8bd02 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -30,7 +30,7 @@ You can add multiple admins. The admin accounts are only used to access the maub ## Installing -After configuring the playbook, run the [installation](installing.md) command again (`just install-all`): +After configuring the playbook, run the [installation](installing.md) command again: `just install-all` **Notes**: diff --git a/docs/configuring-playbook-bridge-appservice-irc.md b/docs/configuring-playbook-bridge-appservice-irc.md index e6be8e130..2dddbf16d 100644 --- a/docs/configuring-playbook-bridge-appservice-irc.md +++ b/docs/configuring-playbook-bridge-appservice-irc.md @@ -60,4 +60,10 @@ matrix_appservice_irc_ircService_servers: lineLimit: 3 ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` + +## Usage + You then need to start a chat with `@irc_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index 6d4d33c9d..a8da0c2de 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -17,7 +17,13 @@ matrix_appservice_kakaotalk_enabled: true You may optionally wish to add some [Additional configuration](#additional-configuration), or to [prepare for double-puppeting](#set-up-double-puppeting) before the initial installation. -After adjusting your `vars.yml` file, re-run the playbook and restart all services: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: + +``` +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +``` To make use of the Kakaotalk bridge, see [Usage](#usage) below. diff --git a/docs/configuring-playbook-bridge-beeper-linkedin.md b/docs/configuring-playbook-bridge-beeper-linkedin.md index d943cb6f1..cb3a5266c 100644 --- a/docs/configuring-playbook-bridge-beeper-linkedin.md +++ b/docs/configuring-playbook-bridge-beeper-linkedin.md @@ -33,6 +33,9 @@ matrix_beeper_linkedin_configuration_extension_yaml: | You may wish to look at `roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2` to find other things you would like to configure. +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Set up Double Puppeting by enabling Appservice Double Puppet or Shared Secret Auth diff --git a/docs/configuring-playbook-bridge-go-skype-bridge.md b/docs/configuring-playbook-bridge-go-skype-bridge.md index 6b968f290..799a1dd4d 100644 --- a/docs/configuring-playbook-bridge-go-skype-bridge.md +++ b/docs/configuring-playbook-bridge-go-skype-bridge.md @@ -13,6 +13,9 @@ To enable the [Skype](https://www.skype.com/) bridge, add the following configur matrix_go_skype_bridge_enabled: true ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-bridge-heisenbridge.md b/docs/configuring-playbook-bridge-heisenbridge.md index 4ea8606c2..4feed3e43 100644 --- a/docs/configuring-playbook-bridge-heisenbridge.md +++ b/docs/configuring-playbook-bridge-heisenbridge.md @@ -29,6 +29,10 @@ That's it! A registration file is automatically generated during the setup phase Setting the owner is optional as the first local user to DM `@heisenbridge:your-homeserver` will be made the owner. If you are not using a local user you must set it as otherwise you can't DM it at all. +## Installing + +After configuring the playbook, re-run the [installation](installing.md) command: `just install-all` or `just setup-all` + ## Usage After the bridge is successfully running just DM `@heisenbridge:your-homeserver` to start setting it up. diff --git a/docs/configuring-playbook-bridge-matrix-bridge-sms.md b/docs/configuring-playbook-bridge-matrix-bridge-sms.md index 63b749068..e5efece53 100644 --- a/docs/configuring-playbook-bridge-matrix-bridge-sms.md +++ b/docs/configuring-playbook-bridge-matrix-bridge-sms.md @@ -31,6 +31,9 @@ matrix_sms_bridge_provider_android_truststore_password: 123 ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 4a399c42e..6c25b8652 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -25,7 +25,13 @@ matrix_mautrix_discord_enabled: true You may optionally wish to add some [Additional configuration](#additional-configuration), or to [prepare for double-puppeting](#set-up-double-puppeting) before the initial installation. -After adjusting your `vars.yml` file, re-run the playbook and restart all services: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: + +``` +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +``` To make use of the bridge, see [Usage](#usage) below. diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index 8b69638c3..0b3ef7928 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -47,6 +47,9 @@ matrix_mautrix_facebook_configuration_extension_yaml: | You may wish to look at `roles/custom/matrix-bridge-mautrix-facebook/templates/config.yaml.j2` and `roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml` to find other things you would like to configure. +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Set up Double Puppeting diff --git a/docs/configuring-playbook-bridge-mautrix-gmessages.md b/docs/configuring-playbook-bridge-mautrix-gmessages.md index c171cb893..ffad8b0b3 100644 --- a/docs/configuring-playbook-bridge-mautrix-gmessages.md +++ b/docs/configuring-playbook-bridge-mautrix-gmessages.md @@ -12,6 +12,10 @@ To enable the bridge, add the following configuration to your `inventory/host_va matrix_mautrix_gmessages_enabled: true ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` + ## Set up Double Puppeting If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. diff --git a/docs/configuring-playbook-bridge-mautrix-googlechat.md b/docs/configuring-playbook-bridge-mautrix-googlechat.md index e3e7d279f..f326763ed 100644 --- a/docs/configuring-playbook-bridge-mautrix-googlechat.md +++ b/docs/configuring-playbook-bridge-mautrix-googlechat.md @@ -12,6 +12,9 @@ To enable the [Google Chat](https://chat.google.com/) bridge, add the following matrix_mautrix_googlechat_enabled: true ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Set up Double Puppeting diff --git a/docs/configuring-playbook-bridge-mautrix-hangouts.md b/docs/configuring-playbook-bridge-mautrix-hangouts.md index 442c77622..6cd88746c 100644 --- a/docs/configuring-playbook-bridge-mautrix-hangouts.md +++ b/docs/configuring-playbook-bridge-mautrix-hangouts.md @@ -14,6 +14,9 @@ To enable the [Google Hangouts](https://hangouts.google.com/) bridge, add the fo matrix_mautrix_hangouts_enabled: true ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Set up Double Puppeting diff --git a/docs/configuring-playbook-bridge-mautrix-instagram.md b/docs/configuring-playbook-bridge-mautrix-instagram.md index a1e7620d6..34ae70b12 100644 --- a/docs/configuring-playbook-bridge-mautrix-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-instagram.md @@ -40,6 +40,9 @@ matrix_mautrix_instagram_configuration_extension_yaml: | You may wish to look at `roles/custom/matrix-bridge-mautrix-instagram/templates/config.yaml.j2` and `roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml` to find other things you would like to configure. +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-bridge-mautrix-meta-instagram.md b/docs/configuring-playbook-bridge-mautrix-meta-instagram.md index 19fd7953b..aa0160858 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-instagram.md @@ -62,6 +62,10 @@ matrix_mautrix_meta_instagram_bridge_permissions_custom: You may wish to look at `roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` + ## Set up Double Puppeting If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. diff --git a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md index 4da2f3aca..952a7d6f8 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md @@ -72,6 +72,10 @@ matrix_mautrix_meta_messenger_bridge_permissions_custom: You may wish to look at `roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` + ## Set up Double Puppeting If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index e01cf603a..dacdce37f 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -54,6 +54,10 @@ matrix_mautrix_signal_bridge_permissions: You may wish to look at `roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` + ## Set up Double Puppeting If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. diff --git a/docs/configuring-playbook-bridge-mautrix-slack.md b/docs/configuring-playbook-bridge-mautrix-slack.md index 889384a80..5ce1bdcaa 100644 --- a/docs/configuring-playbook-bridge-mautrix-slack.md +++ b/docs/configuring-playbook-bridge-mautrix-slack.md @@ -28,7 +28,13 @@ matrix_mautrix_slack_enabled: true You may optionally wish to add some [Additional configuration](#additional-configuration), or to [prepare for double-puppeting](#set-up-double-puppeting) before the initial installation. -After adjusting your `vars.yml` file, re-run the playbook and restart all services: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: + +``` +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +``` To make use of the bridge, see [Usage](#usage) below. diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index b4a0e5f75..82eb6ba52 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -14,6 +14,10 @@ matrix_mautrix_telegram_api_id: YOUR_TELEGRAM_APP_ID matrix_mautrix_telegram_api_hash: YOUR_TELEGRAM_API_HASH ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` + ## Set up Double Puppeting If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. diff --git a/docs/configuring-playbook-bridge-mautrix-twitter.md b/docs/configuring-playbook-bridge-mautrix-twitter.md index b54e555b9..0925cf1b2 100644 --- a/docs/configuring-playbook-bridge-mautrix-twitter.md +++ b/docs/configuring-playbook-bridge-mautrix-twitter.md @@ -14,6 +14,9 @@ To enable the bridge, add the following configuration to your `inventory/host_va matrix_mautrix_twitter_enabled: true ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Set up Double Puppeting diff --git a/docs/configuring-playbook-bridge-mautrix-whatsapp.md b/docs/configuring-playbook-bridge-mautrix-whatsapp.md index e405ce204..d9cabaa27 100644 --- a/docs/configuring-playbook-bridge-mautrix-whatsapp.md +++ b/docs/configuring-playbook-bridge-mautrix-whatsapp.md @@ -27,6 +27,10 @@ matrix_mautrix_whatsapp_bridge_relay_admin_only: false If you want to activate the relay bot in a room, use `!wa set-relay`. Use `!wa unset-relay` to deactivate. +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` + ## Set up Double Puppeting If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. diff --git a/docs/configuring-playbook-bridge-mautrix-wsproxy.md b/docs/configuring-playbook-bridge-mautrix-wsproxy.md index eaed4a8c2..93ed9a5ad 100644 --- a/docs/configuring-playbook-bridge-mautrix-wsproxy.md +++ b/docs/configuring-playbook-bridge-mautrix-wsproxy.md @@ -26,6 +26,9 @@ matrix_mautrix_wsproxy_syncproxy_shared_secret: 'secret token from bridge' Note that the tokens must match what is compiled into the [mautrix-imessage](https://github.com/mautrix/imessage) bridge running on your Mac or Android device. +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index bc39d75bb..d56bf89fb 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -19,6 +19,9 @@ To enable the [Discord](https://discordapp.com/) bridge, add the following confi matrix_mx_puppet_discord_enabled: true ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-bridge-mx-puppet-groupme.md b/docs/configuring-playbook-bridge-mx-puppet-groupme.md index 073f7c678..37e22ead2 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-groupme.md +++ b/docs/configuring-playbook-bridge-mx-puppet-groupme.md @@ -13,6 +13,9 @@ To enable the [GroupMe](https://groupme.com/) bridge, add the following configur matrix_mx_puppet_groupme_enabled: true ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-bridge-mx-puppet-instagram.md b/docs/configuring-playbook-bridge-mx-puppet-instagram.md index 0157d16e3..dba9b27df 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-instagram.md +++ b/docs/configuring-playbook-bridge-mx-puppet-instagram.md @@ -13,6 +13,9 @@ To enable the [Instagram](https://www.instagram.com/) bridge, add the following matrix_mx_puppet_instagram_enabled: true ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-bridge-mx-puppet-steam.md b/docs/configuring-playbook-bridge-mx-puppet-steam.md index 7c3c0807b..e5338b1c7 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-steam.md +++ b/docs/configuring-playbook-bridge-mx-puppet-steam.md @@ -13,6 +13,9 @@ To enable the [Steam](https://steampowered.com/) bridge, add the following confi matrix_mx_puppet_steam_enabled: true ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-bridge-mx-puppet-twitter.md b/docs/configuring-playbook-bridge-mx-puppet-twitter.md index fd14056a2..74b35092d 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-twitter.md +++ b/docs/configuring-playbook-bridge-mx-puppet-twitter.md @@ -24,6 +24,9 @@ matrix_mx_puppet_twitter_access_token_secret: '' matrix_mx_puppet_twitter_environment: '' ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-bridge-wechat.md b/docs/configuring-playbook-bridge-wechat.md index 58f5fd08a..c6891de15 100644 --- a/docs/configuring-playbook-bridge-wechat.md +++ b/docs/configuring-playbook-bridge-wechat.md @@ -12,6 +12,10 @@ To enable the bridge, add the following configuration to your `inventory/host_va matrix_wechat_enabled: true ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` + ## Usage Once the bridge is installed, start a chat with `@wechatbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index 5fa4f36a3..f81003fc6 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -46,8 +46,7 @@ matrix_cactus_comments_client_enabled: true ## Installing -After configuring the playbook, run the [installation](installing.md) command again. - +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index f7076bfba..34d16fd92 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -40,8 +40,9 @@ etherpad_enabled: true # etherpad_admin_password: some-password ``` -Then, [run the installation process](installing.md) again (e.g. `just install-all`). +## Installing +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 2affbb6aa..c640a7f1b 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -17,7 +17,7 @@ You may also need to open the following ports to your server: - `10000/udp` - RTP media over UDP. Depending on your firewall/NAT setup, incoming RTP packets on port `10000` may have the external IP of your firewall as destination address, due to the usage of STUN in JVB (see [`jitsi_jvb_stun_servers`](https://github.com/mother-of-all-self-hosting/ansible-role-jitsi/blob/main/defaults/main.yml)). -## Installation +## Adjusting the playbook configuration Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: @@ -271,10 +271,13 @@ jitsi_disable_gravatar: false **Beware:** This leaks information to a third party, namely the Gravatar-Service (unless configured otherwise: gravatar.com). Besides metadata, this includes the matrix user_id and possibly the room identifier (via `referrer` header). -## Apply changes +## Installing -Then re-run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` +After configuring the playbook, run the [installation](installing.md) command: +``` +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +``` ## Usage diff --git a/docs/configuring-playbook-ma1sd.md b/docs/configuring-playbook-ma1sd.md index a7e12f605..c7d163dca 100644 --- a/docs/configuring-playbook-ma1sd.md +++ b/docs/configuring-playbook-ma1sd.md @@ -35,6 +35,9 @@ matrix_ma1sd_matrixorg_forwarding_enabled: true If you'd like to change the default email templates used by ma1sd, take a look at the `matrix_ma1sd_threepid_medium_email_custom_` variables (in the `roles/custom/matrix-ma1sd/defaults/main.yml` file. +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## ma1sd-controlled Registration diff --git a/docs/configuring-playbook-matrix-corporal.md b/docs/configuring-playbook-matrix-corporal.md index 7fb0bd3b5..2e669606b 100644 --- a/docs/configuring-playbook-matrix-corporal.md +++ b/docs/configuring-playbook-matrix-corporal.md @@ -115,7 +115,9 @@ aux_file_definitions: To learn more about what the policy configuration, see the matrix-corporal documentation on [policy](https://github.com/devture/matrix-corporal/blob/master/docs/policy.md). -Each time you update the policy in your `vars.yml` file, you'd need to re-run the playbook and restart matrix-corporal (`--tags=setup-all,start` or `--tags=setup-aux-files,setup-corporal,start`). +## Installing + +After configuring the playbook, re-run the [installation](installing.md) command again (`--tags=setup-all,start` or `--tags=setup-aux-files,setup-corporal,start`). ## Matrix Corporal files diff --git a/docs/configuring-playbook-matrix-ldap-registration-proxy.md b/docs/configuring-playbook-matrix-ldap-registration-proxy.md index 5b247060c..d72e82ab2 100644 --- a/docs/configuring-playbook-matrix-ldap-registration-proxy.md +++ b/docs/configuring-playbook-matrix-ldap-registration-proxy.md @@ -34,3 +34,6 @@ matrix_ldap_registration_proxy_systemd_wanted_services_list_custom: - matrix-synapse.service ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-matrix-registration.md b/docs/configuring-playbook-matrix-registration.md index 491d94e23..f708dc4d2 100644 --- a/docs/configuring-playbook-matrix-registration.md +++ b/docs/configuring-playbook-matrix-registration.md @@ -17,9 +17,9 @@ Use matrix-registration to **create unique registration links**, which people ca - **a user registration page**, where people can use these registration tokens. By default, exposed at `https://matrix.DOMAIN/matrix-registration` -## Installing +## Adjusting the playbook configuration -Adjust your playbook configuration (your `inventory/host_vars/matrix.DOMAIN/vars.yml` file): +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_registration_enabled: true @@ -28,7 +28,9 @@ matrix_registration_enabled: true matrix_registration_admin_secret: "ENTER_SOME_SECRET_HERE" ``` -Then, run the [installation](installing.md) command again: +## Installing + +After configuring the playbook, run the [installation](installing.md) command: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start diff --git a/docs/configuring-playbook-mautrix-bridges.md b/docs/configuring-playbook-mautrix-bridges.md index 5cddf5c42..bffeeff8d 100644 --- a/docs/configuring-playbook-mautrix-bridges.md +++ b/docs/configuring-playbook-mautrix-bridges.md @@ -92,6 +92,9 @@ Can be used to set the username for the bridge. You may wish to look at `roles/custom/matrix-bridge-mautrix-SERVICENAME/templates/config.yaml.j2` and `roles/custom/matrix-bridge-mautrix-SERVICENAME/defaults/main.yml` to find other things you would like to configure. +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Set up Double Puppeting diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index 219ecc7e5..e0f629efd 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -38,7 +38,7 @@ For a complete list of ntfy config options that you could put in `ntfy_configura Don't forget to add `ntfy.` to DNS as described in [Configuring DNS](configuring-dns.md) before running the playbook. -After configuring the playbook, run the [installation](installing.md) command again: +After configuring the playbook, run the [installation](installing.md) command: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start diff --git a/docs/configuring-playbook-pantalaimon.md b/docs/configuring-playbook-pantalaimon.md index 6f6146e1e..2663e2e27 100644 --- a/docs/configuring-playbook-pantalaimon.md +++ b/docs/configuring-playbook-pantalaimon.md @@ -18,4 +18,4 @@ The default configuration should suffice. For advanced configuration, you can ov ## 2. Installing -After configuring the playbook, run the [installation](installing.md) command. +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-postgres-backup.md b/docs/configuring-playbook-postgres-backup.md index e61ab19d6..c40e4d0c5 100644 --- a/docs/configuring-playbook-postgres-backup.md +++ b/docs/configuring-playbook-postgres-backup.md @@ -29,7 +29,7 @@ Refer to the table below for additional configuration variables and their defaul ## Installing -After configuring the playbook, run the [installation](installing.md) command again: +After configuring the playbook, run the [installation](installing.md) command: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start diff --git a/docs/configuring-playbook-prometheus-nginxlog.md b/docs/configuring-playbook-prometheus-nginxlog.md index 97f2093c6..77f42c5fb 100644 --- a/docs/configuring-playbook-prometheus-nginxlog.md +++ b/docs/configuring-playbook-prometheus-nginxlog.md @@ -20,7 +20,9 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. matrix_prometheus_nginxlog_exporter_enabled: true ``` -Then, re-run the playbook. See [installation](./installing.md). +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Docker Image Compatibility diff --git a/docs/configuring-playbook-prometheus-postgres.md b/docs/configuring-playbook-prometheus-postgres.md index a514f1445..51ed9bbd1 100644 --- a/docs/configuring-playbook-prometheus-postgres.md +++ b/docs/configuring-playbook-prometheus-postgres.md @@ -10,6 +10,10 @@ To enable the postgres exporter, add the following configuration to your `invent prometheus_postgres_exporter_enabled: true ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` + ## What does it do? Name | Description diff --git a/docs/configuring-playbook-rest-auth.md b/docs/configuring-playbook-rest-auth.md index a64355197..d1dce0e51 100644 --- a/docs/configuring-playbook-rest-auth.md +++ b/docs/configuring-playbook-rest-auth.md @@ -23,3 +23,7 @@ If you wish for users to **authenticate only against configured password provide ```yaml matrix_synapse_password_config_localdb_enabled: false ``` + +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-riot-web.md b/docs/configuring-playbook-riot-web.md index ff424d0ad..5ce3a7a2b 100644 --- a/docs/configuring-playbook-riot-web.md +++ b/docs/configuring-playbook-riot-web.md @@ -30,5 +30,4 @@ There are a few options for handling this: ### Re-running the playbook -As always, after making the necessary DNS and configuration adjustments, [re-run the playbook](./installing.md) to apply the changes. -``` +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-shared-secret-auth.md b/docs/configuring-playbook-shared-secret-auth.md index 2c89bb2ad..b0b0e99d9 100644 --- a/docs/configuring-playbook-shared-secret-auth.md +++ b/docs/configuring-playbook-shared-secret-auth.md @@ -23,3 +23,7 @@ If you wish for users to **authenticate only against configured password provide ```yaml matrix_synapse_password_config_localdb_enabled: false ``` + +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-synapse-admin.md b/docs/configuring-playbook-synapse-admin.md index 43d3c74b9..036c4eae5 100644 --- a/docs/configuring-playbook-synapse-admin.md +++ b/docs/configuring-playbook-synapse-admin.md @@ -25,7 +25,7 @@ By default, synapse-admin installation will be [restricted to only work with one ## Installing -After configuring the playbook, run the [installation](installing.md) command again (`just install-all`). +After configuring the playbook, run the [installation](installing.md) command again: `just install-all` ## Usage From 913675c0a2cf56ce24db0e6006c7e67baa7fd6fb Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 13 Oct 2024 03:18:59 +0900 Subject: [PATCH 030/404] Update documentation for Cinny and Hydrogen Add "DNS", "Adjusting the playbook configuration", and "Installing" sections Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-client-cinny.md | 26 +++++++++++++------- docs/configuring-playbook-client-hydrogen.md | 26 +++++++++++++------- 2 files changed, 34 insertions(+), 18 deletions(-) diff --git a/docs/configuring-playbook-client-cinny.md b/docs/configuring-playbook-client-cinny.md index da2175311..a3db9bc4c 100644 --- a/docs/configuring-playbook-client-cinny.md +++ b/docs/configuring-playbook-client-cinny.md @@ -4,18 +4,26 @@ This playbook can install the [cinny](https://github.com/ajbura/cinny) Matrix we Cinny is a web client focusing primarily on simple, elegant and secure interface. Cinny can be installed alongside or instead of Element. -If you'd like Cinny to be installed, add the following to your configuration file (`inventory/host_vars/matrix./vars.yml`): +## DNS + +You need to add a `cinny.DOMAIN` DNS record so that Cinny can be accessed. +By default Cinny will use https://cinny.DOMAIN so you will need to create an CNAME record +for `cinny`. See [Configuring DNS](configuring-dns.md). + +If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (changing it to use your preferred domain): + +```yaml + matrix_server_fqn_cinny: "app.{{ matrix_domain }}" +``` + +## Adjusting the playbook configuration + +To enable Cinny, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_client_cinny_enabled: true ``` -You will also need to add a DNS record so that Cinny can be accessed. -By default Cinny will use https://cinny.DOMAIN so you will need to create an CNAME record -for `cinny`. See [Configuring DNS](configuring-dns.md). +## Installing -If you would like to use a different domain, add the following to your configuration file (changing it to use your preferred domain): - -```yaml - matrix_server_fqn_cinny: "app.{{ matrix_domain }}" -``` +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-client-hydrogen.md b/docs/configuring-playbook-client-hydrogen.md index 3ed4be44a..c840efad9 100644 --- a/docs/configuring-playbook-client-hydrogen.md +++ b/docs/configuring-playbook-client-hydrogen.md @@ -4,18 +4,26 @@ This playbook can install the [Hydrogen](https://github.com/element-hq/hydrogen- Hydrogen is a lightweight web client that supports mobile and legacy web browsers. Hydrogen can be installed alongside or instead of Element. -If you'd like Hydrogen to be installed, add the following to your configuration file (`inventory/host_vars/matrix./vars.yml`): +## DNS + +You need to add a `hydrogen.DOMAIN` DNS record so that Hydrogen can be accessed. +By default Hydrogen will use https://hydrogen.DOMAIN so you will need to create an CNAME record +for `hydrogen`. See [Configuring DNS](configuring-dns.md). + +If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (changing it to use your preferred domain): + +```yaml + matrix_server_fqn_hydrogen: "helium.{{ matrix_domain }}" +``` + +## Adjusting the playbook configuration + +To enable Hydrogen, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_client_hydrogen_enabled: true ``` -You will also need to add a DNS record so that Hydrogen can be accessed. -By default Hydrogen will use https://hydrogen.DOMAIN so you will need to create an CNAME record -for `hydrogen`. See [Configuring DNS](configuring-dns.md). +## Installing -If you would like to use a different domain, add the following to your configuration file (changing it to use your preferred domain): - -```yaml - matrix_server_fqn_hydrogen: "helium.{{ matrix_domain }}" -``` +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` From 117d2ad7e86a1778c1a7706371103db9ea164060 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 11 Oct 2024 14:14:19 +0900 Subject: [PATCH 031/404] Use common text pattern for web clients introduction Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-client-element.md | 2 +- docs/configuring-playbook-client-schildichat.md | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-client-element.md b/docs/configuring-playbook-client-element.md index b1cc4c5cb..01fb06ba7 100644 --- a/docs/configuring-playbook-client-element.md +++ b/docs/configuring-playbook-client-element.md @@ -1,6 +1,6 @@ # Configuring Element (optional) -By default, this playbook installs the [Element](https://github.com/element-hq/element-web) Matrix client web application. +By default, this playbook installs the [Element](https://github.com/element-hq/element-web) Matrix web client for you. If that's okay, you can skip this document. diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat.md index 0a4c37fe9..f832097ca 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat.md @@ -1,6 +1,7 @@ # Configuring SchildiChat (optional) -By default, this playbook does not install the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) Matrix client web application. +This playbook can install the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) Matrix web client for you. +SchildiChat can be installed alongside or instead of Element. **WARNING**: SchildiChat Web is based on Element-web, but its releases are lagging behind. As an example (from 2024-02-26), SchildiChat Web is 22 releases behind (it being based on element-web `v1.11.36`, while element-web is now on `v1.11.58`). Element-web frequently suffers from security issues, so running something based on an ancient Element-web release is **dangerous**. Use SchildiChat Web at your own risk! From 1eb9bdd8b1d5c9dc092415c26b94f8a41b7af03f Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 11 Oct 2024 17:22:13 +0900 Subject: [PATCH 032/404] Update docs/configuring-playbook-client-schildichat: add a simple explanation Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-client-schildichat.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat.md index f832097ca..b059d78f4 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat.md @@ -1,6 +1,7 @@ # Configuring SchildiChat (optional) This playbook can install the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) Matrix web client for you. +SchildiChat is a feature-rich messenger for Matrix based on Element with some extras and tweaks. SchildiChat can be installed alongside or instead of Element. **WARNING**: SchildiChat Web is based on Element-web, but its releases are lagging behind. As an example (from 2024-02-26), SchildiChat Web is 22 releases behind (it being based on element-web `v1.11.36`, while element-web is now on `v1.11.58`). Element-web frequently suffers from security issues, so running something based on an ancient Element-web release is **dangerous**. Use SchildiChat Web at your own risk! From 97889d8c339541ed5b135a359e81ae1cbc2f7f28 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 13 Oct 2024 03:29:34 +0900 Subject: [PATCH 033/404] Update documentation for SchildiChat Add "DNS", "Adjusting the playbook configuration", and "Installing" Signed-off-by: Suguru Hirahara --- ...configuring-playbook-client-schildichat.md | 25 +++++++++++++------ 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat.md index b059d78f4..733901920 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat.md @@ -6,18 +6,26 @@ SchildiChat can be installed alongside or instead of Element. **WARNING**: SchildiChat Web is based on Element-web, but its releases are lagging behind. As an example (from 2024-02-26), SchildiChat Web is 22 releases behind (it being based on element-web `v1.11.36`, while element-web is now on `v1.11.58`). Element-web frequently suffers from security issues, so running something based on an ancient Element-web release is **dangerous**. Use SchildiChat Web at your own risk! +## DNS -## Enabling SchildiChat +You need to add a `schildichat.DOMAIN` DNS record so that SchildiChat can be accessed. +By default SchildiChat will use https://schildichat.DOMAIN so you will need to create an CNAME record +for `schildichat`. See [Configuring DNS](configuring-dns.md). -If you'd like for the playbook to install SchildiChat, you can enable it in your configuration file (`inventory/host_vars/matrix./vars.yml`): +If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (changing it to use your preferred domain): + +```yaml + matrix_server_fqn_schildichat: "sc.{{ matrix_domain }}" +``` + +## Adjusting the playbook configuration + +To enable SchildiChat, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_client_schildichat_enabled: true ``` - -## Configuring SchildiChat settings - The playbook provides some customization variables you could use to change schildichat's settings. Their defaults are defined in [`roles/custom/matrix-client-schildichat/defaults/main.yml`](../roles/custom/matrix-client-schildichat/defaults/main.yml) and they ultimately end up in the generated `/matrix/schildichat/config.json` file (on the server). This file is generated from the [`roles/custom/matrix-client-schildichat/templates/config.json.j2`](../roles/custom/matrix-client-schildichat/templates/config.json.j2) template. @@ -32,8 +40,7 @@ Alternatively, **if there is no pre-defined variable** for an schildichat settin - or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_client_schildichat_configuration_default` (or `matrix_client_schildichat_configuration`). You can find information about this in [`roles/custom/matrix-client-schildichat/defaults/main.yml`](../roles/custom/matrix-client-schildichat/defaults/main.yml). - -## Themes +### Themes To change the look of schildichat, you can define your own themes manually by using the `matrix_client_schildichat_setting_defaults_custom_themes` setting. @@ -42,3 +49,7 @@ Or better yet, you can automatically pull it all themes provided by the [aaronra If you make your own theme, we encourage you to submit it to the **aaronraimist/element-themes** project, so that the whole community could easily enjoy it. Note that for a custom theme to work well, all schildichat instances that you use must have the same theme installed. + +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` From 435da333a9f7f261fb85f95d61775aadaf20b9db Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 13 Oct 2024 11:50:04 +0900 Subject: [PATCH 034/404] Remove 'again' Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-backup-borg.md | 2 +- docs/configuring-playbook-bot-baibot.md | 2 +- docs/configuring-playbook-bot-buscarron.md | 2 +- docs/configuring-playbook-bot-chatgpt.md | 2 +- docs/configuring-playbook-bot-honoroit.md | 2 +- docs/configuring-playbook-bot-matrix-registration-bot.md | 2 +- docs/configuring-playbook-bot-matrix-reminder-bot.md | 2 +- docs/configuring-playbook-bot-maubot.md | 2 +- docs/configuring-playbook-bot-postmoogle.md | 2 +- docs/configuring-playbook-bridge-heisenbridge.md | 2 +- docs/configuring-playbook-matrix-corporal.md | 2 +- docs/configuring-playbook-rageshake.md | 2 +- docs/configuring-playbook-synapse-admin.md | 2 +- docs/configuring-playbook-synapse-auto-compressor.md | 2 +- 14 files changed, 14 insertions(+), 14 deletions(-) diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 40c1be626..a1158b5e5 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -68,7 +68,7 @@ Check the [backup_borg role](https://github.com/mother-of-all-self-hosting/ansib ## Installing -After configuring the playbook, run the [installation](installing.md) command again: +After configuring the playbook, run the [installation](installing.md) command: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start diff --git a/docs/configuring-playbook-bot-baibot.md b/docs/configuring-playbook-bot-baibot.md index 6024015e5..b47d1a233 100644 --- a/docs/configuring-playbook-bot-baibot.md +++ b/docs/configuring-playbook-bot-baibot.md @@ -376,7 +376,7 @@ matrix_bot_baibot_config_initial_global_config_handler_image_generation: null ## Installing -After configuring the playbook, run the [installation](installing.md) command again: +After configuring the playbook, run the [installation](installing.md) command: ```sh just run-tags install-all,ensure-matrix-users-created,start diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index d1fe7b21a..11db6fc32 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -56,7 +56,7 @@ matrix_bot_buscarron_spamlist: [] # (optional) list of emails/domains/hosts (wit ## Installing -After configuring the playbook, run the [installation](installing.md) command again: +After configuring the playbook, run the [installation](installing.md) command: ```sh ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start diff --git a/docs/configuring-playbook-bot-chatgpt.md b/docs/configuring-playbook-bot-chatgpt.md index 3c1e613c1..eace08d66 100644 --- a/docs/configuring-playbook-bot-chatgpt.md +++ b/docs/configuring-playbook-bot-chatgpt.md @@ -57,7 +57,7 @@ You will need to get tokens for ChatGPT. ## 4. Installing -After configuring the playbook, run the [installation](installing.md) command again: +After configuring the playbook, run the [installation](installing.md) command: ```sh ansible-playbook -i inventory/hosts setup.yml --tags=install-all,start diff --git a/docs/configuring-playbook-bot-honoroit.md b/docs/configuring-playbook-bot-honoroit.md index 4b7ab836b..b64144ab5 100644 --- a/docs/configuring-playbook-bot-honoroit.md +++ b/docs/configuring-playbook-bot-honoroit.md @@ -31,7 +31,7 @@ matrix_bot_honoroit_roomid: "!yourRoomID:DOMAIN" ## Installing -After configuring the playbook, run the [installation](installing.md) command again: +After configuring the playbook, run the [installation](installing.md) command: ```sh ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index 78532f40e..fd98354fa 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -34,7 +34,7 @@ The bot account will be created automatically. ## Installing -After configuring the playbook, re-run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-bot-matrix-reminder-bot.md b/docs/configuring-playbook-bot-matrix-reminder-bot.md index da73e5dbe..7f5bbf1f1 100644 --- a/docs/configuring-playbook-bot-matrix-reminder-bot.md +++ b/docs/configuring-playbook-bot-matrix-reminder-bot.md @@ -27,7 +27,7 @@ matrix_bot_matrix_reminder_bot_reminders_timezone: Europe/London ## Installing -After configuring the playbook, run the [installation](installing.md) command again: +After configuring the playbook, run the [installation](installing.md) command: ```sh ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index d1ce8bd02..a35bc739d 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -30,7 +30,7 @@ You can add multiple admins. The admin accounts are only used to access the maub ## Installing -After configuring the playbook, run the [installation](installing.md) command again: `just install-all` +After configuring the playbook, run the [installation](installing.md) command: `just install-all` **Notes**: diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 135e3438a..870325f25 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -54,7 +54,7 @@ See [Configuring DNS](configuring-dns.md). ## Installing -After configuring the playbook, run the [installation](installing.md) command again: +After configuring the playbook, run the [installation](installing.md) command: ```sh ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start diff --git a/docs/configuring-playbook-bridge-heisenbridge.md b/docs/configuring-playbook-bridge-heisenbridge.md index 4feed3e43..b6eb23634 100644 --- a/docs/configuring-playbook-bridge-heisenbridge.md +++ b/docs/configuring-playbook-bridge-heisenbridge.md @@ -31,7 +31,7 @@ If you are not using a local user you must set it as otherwise you can't DM it a ## Installing -After configuring the playbook, re-run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-matrix-corporal.md b/docs/configuring-playbook-matrix-corporal.md index 2e669606b..c0e8b38be 100644 --- a/docs/configuring-playbook-matrix-corporal.md +++ b/docs/configuring-playbook-matrix-corporal.md @@ -117,7 +117,7 @@ To learn more about what the policy configuration, see the matrix-corporal docum ## Installing -After configuring the playbook, re-run the [installation](installing.md) command again (`--tags=setup-all,start` or `--tags=setup-aux-files,setup-corporal,start`). +After configuring the playbook, run the [installation](installing.md) command (`--tags=setup-all,start` or `--tags=setup-aux-files,setup-corporal,start`). ## Matrix Corporal files diff --git a/docs/configuring-playbook-rageshake.md b/docs/configuring-playbook-rageshake.md index 782e0e978..ae33a0817 100644 --- a/docs/configuring-playbook-rageshake.md +++ b/docs/configuring-playbook-rageshake.md @@ -51,7 +51,7 @@ matrix_rageshake_configuration_extension_yaml: | ## Installing -After configuring the playbook, run the [installation](installing.md) command again: +After configuring the playbook, run the [installation](installing.md) command: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start diff --git a/docs/configuring-playbook-synapse-admin.md b/docs/configuring-playbook-synapse-admin.md index 036c4eae5..1371ea93a 100644 --- a/docs/configuring-playbook-synapse-admin.md +++ b/docs/configuring-playbook-synapse-admin.md @@ -25,7 +25,7 @@ By default, synapse-admin installation will be [restricted to only work with one ## Installing -After configuring the playbook, run the [installation](installing.md) command again: `just install-all` +After configuring the playbook, run the [installation](installing.md) command: `just install-all` ## Usage diff --git a/docs/configuring-playbook-synapse-auto-compressor.md b/docs/configuring-playbook-synapse-auto-compressor.md index 108b6a114..1d22aa535 100644 --- a/docs/configuring-playbook-synapse-auto-compressor.md +++ b/docs/configuring-playbook-synapse-auto-compressor.md @@ -18,7 +18,7 @@ matrix_synapse_auto_compressor_enabled: true ## Installing -After configuring the playbook, run the [installation](installing.md) command again: +After configuring the playbook, run the [installation](installing.md) command: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start From 036c949577a3456509ce2b7c4fa08925c6bcd389 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 11 Oct 2024 01:11:38 +0900 Subject: [PATCH 035/404] Update docs/configuring-playbook-bot-matrix-registration-bot.md - Use a common expression for a comment - Use a common expression for usage instruction - Fix typos Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-matrix-registration-bot.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index fd98354fa..5ce317ed6 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -17,7 +17,7 @@ To enable the bot, add the following configuration to your `inventory/host_vars/ matrix_bot_matrix_registration_bot_enabled: true # By default, the playbook will set use the bot with a username like this: `@bot.matrix-registration-bot:DOMAIN`. -# To use a different username, uncomment & adjust the variable below: +# Uncomment and adjust this part if you'd like to use a username different than the default # matrix_bot_matrix_registration_bot_matrix_user_id_localpart: bot.matrix-registration-bot # Generate a strong password here. Consider generating it with `pwgen -s 64 1` @@ -38,7 +38,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -To use the bot, message `@bot.matrix-registration-bot:DOMAIN` (where `DOMAIN` is your base domain, not the `matrix.` domain). +To use the bot, start a chat with `@bot.matrix-registration-bot:DOMAIN` (where `DOMAIN` is your base domain, not the `matrix.` domain). In this room send `help` and the bot will reply with all options. @@ -46,7 +46,7 @@ You can also refer to the upstream [Usage documentation](https://github.com/moan If you have any questions, or if you need help setting it up, read the [troublshooting guide](https://github.com/moan0s/matrix-registration-bot/blob/main/docs/troubleshooting.md) or join [#matrix-registration-bot:hyteck.de](https://matrix.to/#/#matrix-registration-bot:hyteck.de). -To clean the cache (session&encryption data) after you changed the bot's username, changed the login methon form access_token to password etc.. you can use +To clean the cache (session & encryption data) after you changed the bot's username, changed the login method from access_token to password etc... you can use: ```bash just run-tags bot-matrix-registration-bot-clean-cache From 2a443046c89f5ac50a0f60a9d5f8824d3ac09395 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 11 Oct 2024 17:47:12 +0900 Subject: [PATCH 036/404] =?UTF-8?q?Fix=20capitalization:=20schildichat=20?= =?UTF-8?q?=E2=86=92=20SchildiChat?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- ...configuring-playbook-client-schildichat.md | 10 +++--- roles/custom/matrix-base/defaults/main.yml | 2 +- .../defaults/main.yml | 32 +++++++++---------- .../tasks/prepare_themes.yml | 14 ++++---- .../tasks/self_check.yml | 10 +++--- .../tasks/setup_install.yml | 18 +++++------ .../tasks/setup_uninstall.yml | 2 +- .../tasks/validate_config.yml | 6 ++-- .../matrix-client-schildichat.service.j2 | 2 +- 9 files changed, 48 insertions(+), 48 deletions(-) diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat.md index 733901920..856e71c13 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat.md @@ -26,15 +26,15 @@ To enable SchildiChat, add the following configuration to your `inventory/host_v matrix_client_schildichat_enabled: true ``` -The playbook provides some customization variables you could use to change schildichat's settings. +The playbook provides some customization variables you could use to change SchildiChat's settings. Their defaults are defined in [`roles/custom/matrix-client-schildichat/defaults/main.yml`](../roles/custom/matrix-client-schildichat/defaults/main.yml) and they ultimately end up in the generated `/matrix/schildichat/config.json` file (on the server). This file is generated from the [`roles/custom/matrix-client-schildichat/templates/config.json.j2`](../roles/custom/matrix-client-schildichat/templates/config.json.j2) template. **If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix./vars.yml`) and [re-run the playbook](installing.md) to apply the changes. -Alternatively, **if there is no pre-defined variable** for an schildichat setting you wish to change: +Alternatively, **if there is no pre-defined variable** for a SchildiChat setting you wish to change: -- you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of schildichat's various settings that rarely get used. +- you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of SchildiChat's various settings that rarely get used. - or, you can **extend and override the default configuration** ([`config.json.j2`](../roles/custom/matrix-client-schildichat/templates/config.json.j2)) by making use of the `matrix_client_schildichat_configuration_extension_json_` variable. You can find information about this in [`roles/custom/matrix-client-schildichat/defaults/main.yml`](../roles/custom/matrix-client-schildichat/defaults/main.yml). @@ -42,13 +42,13 @@ Alternatively, **if there is no pre-defined variable** for an schildichat settin ### Themes -To change the look of schildichat, you can define your own themes manually by using the `matrix_client_schildichat_setting_defaults_custom_themes` setting. +To change the look of SchildiChat, you can define your own themes manually by using the `matrix_client_schildichat_setting_defaults_custom_themes` setting. Or better yet, you can automatically pull it all themes provided by the [aaronraimist/element-themes](https://github.com/aaronraimist/element-themes) project by simply flipping a flag (`matrix_client_schildichat_themes_enabled: true`). If you make your own theme, we encourage you to submit it to the **aaronraimist/element-themes** project, so that the whole community could easily enjoy it. -Note that for a custom theme to work well, all schildichat instances that you use must have the same theme installed. +Note that for a custom theme to work well, all SchildiChat instances that you use must have the same theme installed. ## Installing diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 7d34808e7..850fe1a53 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -77,7 +77,7 @@ matrix_server_fqn_hydrogen: "hydrogen.{{ matrix_domain }}" # This is where you access the Cinny web client from (if enabled via matrix_client_cinny_enabled; disabled by default). matrix_server_fqn_cinny: "cinny.{{ matrix_domain }}" -# This is where you access the schildichat web client from (if enabled via matrix_client_schildichat_enabled; disabled by default). +# This is where you access the SchildiChat web client from (if enabled via matrix_client_schildichat_enabled; disabled by default). matrix_server_fqn_schildichat: "schildichat.{{ matrix_domain }}" # This is where you access the buscarron bot from (if enabled via matrix_bot_buscarron_enabled; disabled by default). diff --git a/roles/custom/matrix-client-schildichat/defaults/main.yml b/roles/custom/matrix-client-schildichat/defaults/main.yml index c7c616b03..83145dc4c 100644 --- a/roles/custom/matrix-client-schildichat/defaults/main.yml +++ b/roles/custom/matrix-client-schildichat/defaults/main.yml @@ -124,14 +124,14 @@ matrix_client_schildichat_floc_optout_enabled: true matrix_client_schildichat_hsts_preload_enabled: false matrix_client_schildichat_scheme: https -# The hostname at which schildichat is served. +# The hostname at which SchildiChat is served. matrix_client_schildichat_hostname: "{{ matrix_server_fqn_schildichat }}" -# The path at which schildichat is exposed. +# The path at which SchildiChat is exposed. # This value must either be `/` or not end with a slash (e.g. `/schildichat`). matrix_client_schildichat_path_prefix: / -# schildichat config.json customizations +# SchildiChat config.json customizations matrix_client_schildichat_default_server_name: "{{ matrix_domain }}" matrix_client_schildichat_default_hs_url: "" matrix_client_schildichat_default_is_url: ~ @@ -145,9 +145,9 @@ matrix_client_schildichat_integrations_jitsi_widget_url: "https://scalar.vector. matrix_client_schildichat_permalink_prefix: "https://matrix.to" # noqa var-naming matrix_client_schildichat_bug_report_endpoint_url: "https://element.io/bugreports/submit" matrix_client_schildichat_show_lab_settings: true # noqa var-naming -# schildichat public room directory server(s) +# SchildiChat public room directory server(s) matrix_client_schildichat_room_directory_servers: ['matrix.org'] -# Branding of schildichat +# Branding of SchildiChat matrix_client_schildichat_brand: "schildichat" # URL to Logo on welcome page @@ -171,7 +171,7 @@ matrix_client_schildichat_branding_welcome_background_url: ~ # noqa var-naming matrix_client_schildichat_page_template_welcome_path: "{{ role_path }}/templates/welcome.html.j2" -# By default, there's no schildichat homepage (when logged in). If you wish to have one, +# By default, there's no SchildiChat homepage (when logged in). If you wish to have one, # point this to a `home.html` template file on your local filesystem. matrix_client_schildichat_embedded_pages_home_path: ~ @@ -189,7 +189,7 @@ matrix_client_schildichat_default_country_code: "GB" # Controls whether presence will be enabled matrix_client_schildichat_enable_presence_by_hs_url: ~ -# Controls whether custom schildichat themes will be installed. +# Controls whether custom SchildiChat themes will be installed. # When enabled, all themes found in the `matrix_client_schildichat_themes_repository_url` repository # will be installed and enabled automatically. matrix_client_schildichat_themes_enabled: false @@ -199,16 +199,16 @@ matrix_client_schildichat_themes_repository_version: master # Controls the default theme matrix_client_schildichat_default_theme: 'light' -# Controls the `setting_defaults.custom_themes` setting of the schildichat configuration. +# Controls the `setting_defaults.custom_themes` setting of the SchildiChat configuration. # You can use this setting to define custom themes. # # Also, look at `matrix_client_schildichat_themes_enabled` for a way to pull in a bunch of custom themes automatically. # If you define your own themes here and set `matrix_client_schildichat_themes_enabled: true`, your themes will be preserved as well. # -# Note that for a custom theme to work well, all schildichat instances that you use must have the same theme installed. +# Note that for a custom theme to work well, all SchildiChat instances that you use must have the same theme installed. matrix_client_schildichat_setting_defaults_custom_themes: [] # noqa var-naming -# Default schildichat configuration template which covers the generic use case. +# Default SchildiChat configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # # For a more advanced customization, you can extend the default (see `matrix_client_schildichat_configuration_extension_json`) @@ -218,7 +218,7 @@ matrix_client_schildichat_setting_defaults_custom_themes: [] # noqa var-naming # This is unlike what it does when looking up YAML template files (no automatic parsing there). matrix_client_schildichat_configuration_default: "{{ lookup('template', 'templates/config.json.j2') }}" -# Your custom JSON configuration for schildichat should go to `matrix_client_schildichat_configuration_extension_json`. +# Your custom JSON configuration for SchildiChat should go to `matrix_client_schildichat_configuration_extension_json`. # This configuration extends the default starting configuration (`matrix_client_schildichat_configuration_default`). # # You can override individual variables from the default configuration, or introduce new ones. @@ -237,16 +237,16 @@ matrix_client_schildichat_configuration_extension_json: '{}' matrix_client_schildichat_configuration_extension: "{{ matrix_client_schildichat_configuration_extension_json | from_json if matrix_client_schildichat_configuration_extension_json | from_json is mapping else {} }}" -# Holds the final schildichat configuration (a combination of the default and its extension). +# Holds the final SchildiChat configuration (a combination of the default and its extension). # You most likely don't need to touch this variable. Instead, see `matrix_client_schildichat_configuration_default`. matrix_client_schildichat_configuration: "{{ matrix_client_schildichat_configuration_default | combine(matrix_client_schildichat_configuration_extension, recursive=True) }}" -# schildichat Location sharing functionality +# SchildiChat Location sharing functionality # More info: https://element.io/blog/element-launches-e2ee-location-sharing/ # How to host your own map tile server: https://matrix.org/docs/guides/map-tile-server matrix_client_schildichat_location_sharing_enabled: false -# Default schildichat location sharing map style configuration template which covers the generic use case. +# Default SchildiChat location sharing map style configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # # For a more advanced customization, you can extend the default (see `matrix_client_schildichat_location_sharing_map_style_extension_json`) @@ -256,7 +256,7 @@ matrix_client_schildichat_location_sharing_enabled: false # This is unlike what it does when looking up YAML template files (no automatic parsing there). matrix_client_schildichat_location_sharing_map_style_default: "{{ lookup('template', 'templates/map_style.json.j2') }}" -# Your custom JSON configuration for schildichat location sharing map style should go to `matrix_client_schildichat_location_sharing_map_style_extension_json`. +# Your custom JSON configuration for SchildiChat location sharing map style should go to `matrix_client_schildichat_location_sharing_map_style_extension_json`. # This configuration extends the default starting configuration (`matrix_client_schildichat_location_sharing_map_style_default`). # # You can override individual variables from the default configuration, or introduce new ones. @@ -292,7 +292,7 @@ matrix_client_schildichat_location_sharing_map_style_extension_json: '{}' matrix_client_schildichat_location_sharing_map_style_extension: "{{ matrix_client_schildichat_location_sharing_map_style_extension_json | from_json if matrix_client_schildichat_location_sharing_map_style_extension_json | from_json is mapping else {} }}" -# Holds the final schildichat location sharing map style configuration (a combination of the default and its extension). +# Holds the final SchildiChat location sharing map style configuration (a combination of the default and its extension). # You most likely don't need to touch this variable. Instead, see `matrix_client_schildichat_location_sharing_map_style_default`. matrix_client_schildichat_location_sharing_map_style: "{{ matrix_client_schildichat_location_sharing_map_style_default | combine(matrix_client_schildichat_location_sharing_map_style_extension, recursive=True) }}" diff --git a/roles/custom/matrix-client-schildichat/tasks/prepare_themes.yml b/roles/custom/matrix-client-schildichat/tasks/prepare_themes.yml index 9e29ef90c..cd3f3ecb1 100644 --- a/roles/custom/matrix-client-schildichat/tasks/prepare_themes.yml +++ b/roles/custom/matrix-client-schildichat/tasks/prepare_themes.yml @@ -1,7 +1,7 @@ --- # -# Tasks related to setting up schildichat themes +# Tasks related to setting up SchildiChat themes # - when: matrix_client_schildichat_themes_enabled | bool @@ -9,35 +9,35 @@ delegate_to: 127.0.0.1 become: false block: - - name: Ensure schildichat themes repository is pulled + - name: Ensure SchildiChat themes repository is pulled ansible.builtin.git: repo: "{{ matrix_client_schildichat_themes_repository_url }}" version: "{{ matrix_client_schildichat_themes_repository_version }}" dest: "{{ role_path }}/files/scratchpad/themes" - - name: Find all schildichat theme files + - name: Find all SchildiChat theme files ansible.builtin.find: paths: "{{ role_path }}/files/scratchpad/themes" patterns: "*.json" recurse: true register: matrix_client_schildichat_theme_file_list - - name: Read schildichat theme + - name: Read SchildiChat theme ansible.builtin.slurp: path: "{{ item.path }}" register: "matrix_client_schildichat_theme_file_contents" with_items: "{{ matrix_client_schildichat_theme_file_list.files }}" - - name: Load schildichat theme + - name: Load SchildiChat theme ansible.builtin.set_fact: matrix_client_schildichat_setting_defaults_custom_themes: "{{ matrix_client_schildichat_setting_defaults_custom_themes + [item['content'] | b64decode | from_json] }}" # noqa var-naming with_items: "{{ matrix_client_schildichat_theme_file_contents.results }}" # -# Tasks related to getting rid of schildichat themes (if it was previously enabled) +# Tasks related to getting rid of SchildiChat themes (if it was previously enabled) # -- name: Ensure schildichat themes repository is removed +- name: Ensure SchildiChat themes repository is removed ansible.builtin.file: path: "{{ role_path }}/files/scratchpad/themes" state: absent diff --git a/roles/custom/matrix-client-schildichat/tasks/self_check.yml b/roles/custom/matrix-client-schildichat/tasks/self_check.yml index 7ecdd1c0a..11895e8c6 100644 --- a/roles/custom/matrix-client-schildichat/tasks/self_check.yml +++ b/roles/custom/matrix-client-schildichat/tasks/self_check.yml @@ -3,7 +3,7 @@ - ansible.builtin.set_fact: matrix_client_schildichat_url_endpoint_public: "{{ matrix_client_schildichat_scheme }}://{{ matrix_client_schildichat_hostname }}/config.json" -- name: Check schildichat +- name: Check SchildiChat ansible.builtin.uri: url: "{{ matrix_client_schildichat_url_endpoint_public }}" follow_redirects: none @@ -14,11 +14,11 @@ delegate_to: 127.0.0.1 become: false -- name: Fail if schildichat not working +- name: Fail if SchildiChat not working ansible.builtin.fail: - msg: "Failed checking schildichat is up at `{{ matrix_server_fqn_schildichat }}` (checked endpoint: `{{ matrix_client_schildichat_url_endpoint_public }}`). Is schildichat running? Is port 443 open in your firewall? Full error: {{ matrix_client_schildichat_self_check_result }}" + msg: "Failed checking SchildiChat is up at `{{ matrix_server_fqn_schildichat }}` (checked endpoint: `{{ matrix_client_schildichat_url_endpoint_public }}`). Is SchildiChat running? Is port 443 open in your firewall? Full error: {{ matrix_client_schildichat_self_check_result }}" when: "matrix_client_schildichat_self_check_result.failed or 'json' not in matrix_client_schildichat_self_check_result" -- name: Report working schildichat +- name: Report working SchildiChat ansible.builtin.debug: - msg: "schildichat at `{{ matrix_server_fqn_schildichat }}` is working (checked endpoint: `{{ matrix_client_schildichat_url_endpoint_public }}`)" + msg: "SchildiChat at `{{ matrix_server_fqn_schildichat }}` is working (checked endpoint: `{{ matrix_client_schildichat_url_endpoint_public }}`)" diff --git a/roles/custom/matrix-client-schildichat/tasks/setup_install.yml b/roles/custom/matrix-client-schildichat/tasks/setup_install.yml index 870b640a6..77c1b45c5 100644 --- a/roles/custom/matrix-client-schildichat/tasks/setup_install.yml +++ b/roles/custom/matrix-client-schildichat/tasks/setup_install.yml @@ -1,6 +1,6 @@ --- -- name: Ensure schildichat paths exists +- name: Ensure SchildiChat paths exists ansible.builtin.file: path: "{{ item.path }}" state: directory @@ -12,7 +12,7 @@ - {path: "{{ matrix_client_schildichat_docker_src_files_path }}", when: "{{ matrix_client_schildichat_container_image_self_build }}"} when: "item.when | bool" -- name: Ensure schildichat Docker image is pulled +- name: Ensure SchildiChat Docker image is pulled community.docker.docker_image: name: "{{ matrix_client_schildichat_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" @@ -24,7 +24,7 @@ delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed -- name: Ensure schildichat repository is present on self-build +- name: Ensure SchildiChat repository is present on self-build ansible.builtin.git: repo: "{{ matrix_client_schildichat_container_image_self_build_repo }}" dest: "{{ matrix_client_schildichat_docker_src_files_path }}" @@ -49,7 +49,7 @@ mode: '0644' when: "matrix_client_schildichat_container_image_self_build | bool and matrix_client_schildichat_container_image_self_build_low_memory_system_patch_enabled | bool" -- name: Ensure schildichat Docker image is built +- name: Ensure SchildiChat Docker image is built ansible.builtin.command: cmd: |- {{ devture_systemd_docker_base_host_command_docker }} buildx build @@ -59,7 +59,7 @@ changed_when: true when: matrix_client_schildichat_container_image_self_build | bool -- name: Ensure schildichat configuration installed +- name: Ensure SchildiChat configuration installed ansible.builtin.copy: content: "{{ matrix_client_schildichat_configuration | to_nice_json }}" dest: "{{ matrix_client_schildichat_data_path }}/config.json" @@ -67,7 +67,7 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" -- name: Ensure schildichat location sharing map style installed +- name: Ensure SchildiChat location sharing map style installed when: matrix_client_schildichat_location_sharing_enabled | bool ansible.builtin.copy: content: "{{ matrix_client_schildichat_location_sharing_map_style | to_nice_json }}" @@ -76,7 +76,7 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" -- name: Ensure schildichat config files installed +- name: Ensure SchildiChat config files installed ansible.builtin.template: src: "{{ item.src }}" dest: "{{ matrix_client_schildichat_data_path }}/{{ item.name }}" @@ -89,7 +89,7 @@ - {src: "{{ matrix_client_schildichat_embedded_pages_home_path }}", name: "home.html"} when: "item.src is not none" -- name: Ensure schildichat config files removed +- name: Ensure SchildiChat config files removed ansible.builtin.file: path: "{{ matrix_client_schildichat_data_path }}/{{ item.name }}" state: absent @@ -97,7 +97,7 @@ - {src: "{{ matrix_client_schildichat_embedded_pages_home_path }}", name: "home.html"} when: "item.src is none" -- name: Ensure schildichat container network is created +- name: Ensure SchildiChat container network is created community.general.docker_network: enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}" name: "{{ matrix_client_schildichat_container_network }}" diff --git a/roles/custom/matrix-client-schildichat/tasks/setup_uninstall.yml b/roles/custom/matrix-client-schildichat/tasks/setup_uninstall.yml index f752ba300..98a4ae494 100644 --- a/roles/custom/matrix-client-schildichat/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-client-schildichat/tasks/setup_uninstall.yml @@ -19,7 +19,7 @@ path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-schildichat.service" state: absent - - name: Ensure schildichat path doesn't exist + - name: Ensure SchildiChat path doesn't exist ansible.builtin.file: path: "{{ matrix_client_schildichat_data_path }}" state: absent diff --git a/roles/custom/matrix-client-schildichat/tasks/validate_config.yml b/roles/custom/matrix-client-schildichat/tasks/validate_config.yml index b5b5db54d..0e3b832a7 100644 --- a/roles/custom/matrix-client-schildichat/tasks/validate_config.yml +++ b/roles/custom/matrix-client-schildichat/tasks/validate_config.yml @@ -9,16 +9,16 @@ with_items: - {'old': 'matrix_client_schildichat_welcome_user_id', 'new': ''} -- name: Fail if required schildichat settings not defined +- name: Fail if required SchildiChat settings not defined ansible.builtin.fail: msg: > - You need to define a required configuration setting (`{{ item }}`) for using schildichat. + You need to define a required configuration setting (`{{ item }}`) for using SchildiChat. when: "vars[item] == ''" with_items: - matrix_client_schildichat_default_hs_url - matrix_client_schildichat_container_network -- name: Fail if schildichat location sharing enabled, but no tile server defined +- name: Fail if SchildiChat location sharing enabled, but no tile server defined ansible.builtin.fail: msg: >- You need to define at least one map tile server in matrix_client_schildichat_location_sharing_map_style_content_sources_localsource_tiles list diff --git a/roles/custom/matrix-client-schildichat/templates/systemd/matrix-client-schildichat.service.j2 b/roles/custom/matrix-client-schildichat/templates/systemd/matrix-client-schildichat.service.j2 index 97eac7704..74111ffa8 100644 --- a/roles/custom/matrix-client-schildichat/templates/systemd/matrix-client-schildichat.service.j2 +++ b/roles/custom/matrix-client-schildichat/templates/systemd/matrix-client-schildichat.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix schildichat server +Description=Matrix SchildiChat server {% for service in matrix_client_schildichat_systemd_required_services_list %} Requires={{ service }} After={{ service }} From 03ae2d11f8cd12dbfb17f0f52a6d1da08ae00365 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 8 Oct 2024 22:56:39 +0900 Subject: [PATCH 037/404] Update docs/configuring-playbook-bridge-hookshot.md - Wrap "Note" with wildcards - Fix colon placement - Fix typos - Remove an unclosed parenthesis Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-hookshot.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 1ca0d9465..812697b9c 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -6,7 +6,7 @@ Hookshot can bridge [Webhooks](https://en.wikipedia.org/wiki/Webhook) from softw See the project's [documentation](https://matrix-org.github.io/matrix-hookshot/latest/hookshot.html) to learn what it does in detail and why it might be useful to you. -Note: the playbook also supports [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), which however is soon to be archived by its author and to be replaced by hookshot. +**Note**: the playbook also supports [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), which however is soon to be archived by its author and to be replaced by hookshot. ## Setup Instructions @@ -27,7 +27,7 @@ Finally, run the playbook (see [installing](installing.md)). You can enable [experimental encryption](https://matrix-org.github.io/matrix-hookshot/latest/advanced/encryption.html) for Hookshot by adding `matrix_hookshot_experimental_encryption_enabled: true` to your configuration (`vars.yml`) and [executing the playbook](installing.md) again. -Should the crypto store be corrupted, you can reset it by executing this Ansible playbook with the tag `reset-hookshot-encryption` added, for example `ansible-playbook -i inventory/hosts setup.yml -K --tags=reset-hookshot-encryption`). +Should the crypto store be corrupted, you can reset it by executing this Ansible playbook with the tag `reset-hookshot-encryption` added, for example `ansible-playbook -i inventory/hosts setup.yml -K --tags=reset-hookshot-encryption`. ## Usage @@ -37,9 +37,9 @@ Make sure the bot is able to send state events (usually the Moderator power leve Send a `!hookshot help` message to see a list of help commands. -Refer to [Hookshot's documentation](https://matrix-org.github.io/matrix-hookshot/latest/usage.html) for more details about using the brige's various features. +Refer to [Hookshot's documentation](https://matrix-org.github.io/matrix-hookshot/latest/usage.html) for more details about using the bridge's various features. -**Important:** Note that the different listeners are bound to certain paths which might differ from those assumed by the hookshot documentation, see [URLs for bridges setup](#urls-for-bridges-setup) below. +**Important**: Note that the different listeners are bound to certain paths which might differ from those assumed by the hookshot documentation, see [URLs for bridges setup](#urls-for-bridges-setup) below. ## More setup documentation @@ -60,7 +60,7 @@ Unless indicated otherwise, the following endpoints are reachable on your `matri | widgets | `/hookshot/widgetapi/` | `matrix_hookshot_widgets_endpoint` | Widgets | | metrics | `/metrics/hookshot` | `matrix_hookshot_metrics_enabled` and exposure enabled via `matrix_hookshot_metrics_proxying_enabled` or `matrix_metrics_exposure_enabled`. Read more in the [Metrics section](#metrics) below. | Prometheus | -Also see the various `matrix_hookshot_container_labels_*` variables in in [default/main.yml](/roles/custom/matrix-bridge-hookshot/default/main.yml), which expose URLs publicly. +Also see the various `matrix_hookshot_container_labels_*` variables in [default/main.yml](/roles/custom/matrix-bridge-hookshot/default/main.yml), which expose URLs publicly. The different listeners are also reachable *internally* in the docker-network via the container's name (configured by `matrix_hookshot_container_url`) and on different ports (e.g. `matrix_hookshot_appservice_port`). Read [main.yml](/roles/custom/matrix-bridge-hookshot/defaults/main.yml) in detail for more info. From 789bf88b92063c4c12ac55526f53174cea9512f0 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 14 Oct 2024 22:35:16 +0900 Subject: [PATCH 038/404] Make "Note" consistent: wrap with wildcards Signed-off-by: Suguru Hirahara --- docs/configuring-dns.md | 2 +- docs/configuring-playbook-bridge-appservice-discord.md | 4 ++-- docs/configuring-playbook-bridge-appservice-slack.md | 2 +- docs/configuring-playbook-bridge-appservice-webhooks.md | 2 +- docs/configuring-playbook-jitsi.md | 2 +- docs/configuring-playbook-matrix-ldap-registration-proxy.md | 2 +- docs/installing.md | 2 +- examples/reverse-proxies/caddy2-in-container/README.md | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 016aa99a1..70ac3517d 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -89,7 +89,7 @@ To make the [ma1sd](https://github.com/ma1uta/ma1sd) Identity Server (which this This is an optional feature for the optionally-installed [ma1sd service](configuring-playbook-ma1sd.md). See [ma1sd's documentation](https://github.com/ma1uta/ma1sd/wiki/mxisd-and-your-privacy#choices-are-never-easy) for information on the privacy implications of setting up this SRV record. -Note: This `_matrix-identity._tcp` SRV record for the identity server is different from the `_matrix._tcp` that can be used for Synapse delegation. See [howto-server-delegation.md](howto-server-delegation.md) for more information about delegation. +**Note**: This `_matrix-identity._tcp` SRV record for the identity server is different from the `_matrix._tcp` that can be used for Synapse delegation. See [howto-server-delegation.md](howto-server-delegation.md) for more information about delegation. When you're done with the DNS configuration and ready to proceed, continue with [Getting the playbook](getting-the-playbook.md). diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index bd30d5aae..0e766af9c 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -42,14 +42,14 @@ Self-service bridging allows you to bridge specific and existing Matrix rooms to matrix_appservice_discord_bridge_enableSelfServiceBridging: true ``` -_Note: If self-service bridging is not enabled, `!discord help` commands will return no results._ +**Note**: If self-service bridging is not enabled, `!discord help` commands will return no results. Once self-service is enabled: 1. Start a chat with `@_discord_bot:` and say `!discord help bridge`. 2. Follow the instructions in the help output message. If the bot is not already in the Discord server, follow the provided invite link. This may require you to be a administrator of the Discord server. -_Note: Encrypted Matrix rooms are not supported as of writing._ +**Note**: Encrypted Matrix rooms are not supported as of writing. On the Discord side, you can say `!matrix help` to get a list of available commands to manage the bridge and Matrix users. diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index 5bf988268..6c2f830ee 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -73,7 +73,7 @@ Note that the bot's domain is your server's domain **without the `matrix.` prefi - files:write:user - Note: In order to make Slack files visible to matrix users, this bridge will make Slack files visible to anyone with the url (including files in private channels). This is different than the current behavior in Slack, which only allows authenticated access to media posted in private channels. See MSC701 for details. + **Note**: In order to make Slack files visible to matrix users, this bridge will make Slack files visible to anyone with the url (including files in private channels). This is different than the current behavior in Slack, which only allows authenticated access to media posted in private channels. See MSC701 for details. 9. Click on Install App and Install App to Workspace. Note the access tokens shown. You will need the Bot User OAuth Access Token and if you want to bridge files, the OAuth Access Token whenever you link a room. diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md index 3a4c7ea5b..a2827e85c 100644 --- a/docs/configuring-playbook-bridge-appservice-webhooks.md +++ b/docs/configuring-playbook-bridge-appservice-webhooks.md @@ -2,7 +2,7 @@ The playbook can install and configure [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) for you. -Note: This bridge is no longer maintained. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md). +**Note**: This bridge is no longer maintained. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md). This bridge provides support for Slack-compatible webhooks. diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index c640a7f1b..de23cf127 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -40,7 +40,7 @@ If you're fine with such an open Jitsi instance, please skip to [Apply changes]( If you would like to control who is allowed to open meetings on your new Jitsi instance, then please follow the following steps to enable Jitsi's authentication and optionally guests mode. Currently, there are three supported authentication modes: 'internal' (default), 'matrix' and 'ldap'. -**Note:** Authentication is not tested via the playbook's self-checks. +**Note**: Authentication is not tested via the playbook's self-checks. We therefore recommend that you manually verify if authentication is required by jitsi. For this, try to manually create a conference on jitsi.DOMAIN in your browser. diff --git a/docs/configuring-playbook-matrix-ldap-registration-proxy.md b/docs/configuring-playbook-matrix-ldap-registration-proxy.md index d72e82ab2..6ddcc0417 100644 --- a/docs/configuring-playbook-matrix-ldap-registration-proxy.md +++ b/docs/configuring-playbook-matrix-ldap-registration-proxy.md @@ -4,7 +4,7 @@ The playbook can install and configure [matrix-ldap-registration-proxy](https:// This proxy handles Matrix registration requests and forwards them to LDAP. -**Please note:** This does support the full Matrix specification for registrations. It only provide a very coarse +**Note**: This does support the full Matrix specification for registrations. It only provide a very coarse implementation of a basic password registration. ## Quickstart diff --git a/docs/installing.md b/docs/installing.md index 78a4b0d84..b282b9734 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -108,6 +108,6 @@ After you have started the services and **finalized the installation process** ( - or learn how to [upgrade services when new versions are released](maintenance-upgrading-services.md) - or learn how to [maintain your server](faq.md#maintenance) - or join some Matrix rooms: - * via the *Explore rooms* feature in Element or some other client, or by discovering them using this [matrix-static list](https://view.matrix.org). Note: joining large rooms may overload small servers. + * via the *Explore rooms* feature in Element or some other client, or by discovering them using this [matrix-static list](https://view.matrix.org). **Note**: joining large rooms may overload small servers. * or come say Hi in our support room - [#matrix-docker-ansible-deploy:devture.com](https://matrix.to/#/#matrix-docker-ansible-deploy:devture.com). You might learn something or get to help someone else new to Matrix hosting. - or help make this playbook better by contributing (code, documentation, or [coffee/beer](https://liberapay.com/s.pantaleev/donate)) diff --git a/examples/reverse-proxies/caddy2-in-container/README.md b/examples/reverse-proxies/caddy2-in-container/README.md index 783145de7..7a294f7ce 100644 --- a/examples/reverse-proxies/caddy2-in-container/README.md +++ b/examples/reverse-proxies/caddy2-in-container/README.md @@ -2,7 +2,7 @@ This directory contains a sample config that shows you how to front the integrated [Traefik](https://traefik.io/) reverse-proxy webserver with your own **containerized** [Caddy](https://caddyserver.com/) reverse-proxy. If you have a server with a Caddy container already serving several applications and you want to install Matrix on it (with no changes to existing traffic routing), then this guide is for you. -Note: if you're running Caddy on the host itself (not in a container), refer to the [caddy2](../caddy2/README.md) example instead. +**Note**: if you're running Caddy on the host itself (not in a container), refer to the [caddy2](../caddy2/README.md) example instead. ## Prerequisite configuration From ba9aeb7c9ffe05b516a85f09993c066788a9979b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 15 Oct 2024 02:47:38 +0900 Subject: [PATCH 039/404] =?UTF-8?q?Consistent=20capitalization:=20NOTE=20?= =?UTF-8?q?=E2=86=92=20Note?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-baibot.md | 2 +- docs/configuring-playbook-bot-buscarron.md | 2 +- docs/configuring-playbook-bridge-appservice-kakaotalk.md | 2 +- docs/configuring-playbook-conduit.md | 2 +- docs/configuring-playbook-dendrite.md | 3 +-- docs/configuring-playbook-external-postgres.md | 2 +- docs/configuring-playbook-prometheus-nginxlog.md | 2 +- docs/configuring-playbook-s3.md | 2 +- docs/configuring-playbook-sliding-sync-proxy.md | 2 +- docs/configuring-playbook-synapse-auto-accept-invite.md | 2 +- docs/howto-server-delegation.md | 2 +- docs/howto-srv-server-delegation.md | 2 +- .../tasks/migrate_nedb_to_postgres.yml | 2 +- .../tasks/migrate_nedb_to_postgres.yml | 2 +- .../matrix-bridge-mautrix-facebook/tasks/validate_config.yml | 2 +- roles/custom/matrix-coturn/tasks/setup_install.yml | 2 +- .../matrix-prometheus-nginxlog-exporter/defaults/main.yml | 2 +- .../custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 2 +- 18 files changed, 18 insertions(+), 19 deletions(-) diff --git a/docs/configuring-playbook-bot-baibot.md b/docs/configuring-playbook-bot-baibot.md index b47d1a233..bbc537e11 100644 --- a/docs/configuring-playbook-bot-baibot.md +++ b/docs/configuring-playbook-bot-baibot.md @@ -357,7 +357,7 @@ You can configure the **initial values** for these via Ansible, via the `matrix_ Example **additional** `vars.yml` configuration: ```yml -# NOTE: these are initial defaults for the bot's global configuration. +# Note: these are initial defaults for the bot's global configuration. # As such, changing any of these values subsequently has no effect on the bot's behavior. # Once initially configured, the global configuration is managed via bot commands, not via Ansible. diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index 11db6fc32..fc9c28675 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -79,7 +79,7 @@ To use the bot, invite the `@bot.buscarron:DOMAIN` to the room you specified in ``` -**NOTE**: to fight against spam, Buscarron is **very aggressive when it comes to banning** and will ban you if: +**Note**: to fight against spam, Buscarron is **very aggressive when it comes to banning** and will ban you if: - if you hit the homepage (HTTP `GET` request to `/`) - if you submit a form to the wrong URL (`POST` request to `/non-existing-form`) diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index a8da0c2de..3c90182a1 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -2,7 +2,7 @@ The playbook can install and configure [matrix-appservice-kakaotalk](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) for you. `matrix-appservice-kakaotalk` is a bridge to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) based on [node-kakao](https://github.com/storycraft/node-kakao) (now unmaintained) and some [mautrix-facebook](https://github.com/mautrix/facebook) code. -**NOTE**: there have been recent reports (~2022-09-16) that **using this bridge may get your account banned**. +**Note**: there have been recent reports (~2022-09-16) that **using this bridge may get your account banned**. See the project's [documentation](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) to learn what it does and why it might be useful to you. diff --git a/docs/configuring-playbook-conduit.md b/docs/configuring-playbook-conduit.md index 632d2e150..88e1d883f 100644 --- a/docs/configuring-playbook-conduit.md +++ b/docs/configuring-playbook-conduit.md @@ -2,7 +2,7 @@ By default, this playbook configures the [Synapse](https://github.com/element-hq/synapse) Matrix server, but you can also use [Conduit](https://conduit.rs). -**NOTES**: +**Notes**: - **You can't switch an existing Matrix server's implementation** (e.g. Synapse -> Conduit). Proceed below only if you're OK with losing data or you're dealing with a server on a new domain name, which hasn't participated in the Matrix federation yet. diff --git a/docs/configuring-playbook-dendrite.md b/docs/configuring-playbook-dendrite.md index fe9935612..01c80cff5 100644 --- a/docs/configuring-playbook-dendrite.md +++ b/docs/configuring-playbook-dendrite.md @@ -2,7 +2,7 @@ By default, this playbook configures the [Synapse](https://github.com/element-hq/synapse) Matrix server, but you can also use [Dendrite](https://github.com/matrix-org/dendrite). -**NOTES**: +**Notes**: - **You can't switch an existing Matrix server's implementation** (e.g. Synapse -> Dendrite). Proceed below only if you're OK with losing data or you're dealing with a server on a new domain name, which hasn't participated in the Matrix federation yet. @@ -29,4 +29,3 @@ To use Dendrite, you **generally** need the following additional `vars.yml` conf ```yaml matrix_homeserver_implementation: dendrite ``` - diff --git a/docs/configuring-playbook-external-postgres.md b/docs/configuring-playbook-external-postgres.md index f78113b73..f5774a340 100644 --- a/docs/configuring-playbook-external-postgres.md +++ b/docs/configuring-playbook-external-postgres.md @@ -5,7 +5,7 @@ If that's alright, you can skip this. If you'd like to use an external PostgreSQL server that you manage, you can edit your configuration file (`inventory/host_vars/matrix./vars.yml`). -**NOTE**: using **an external Postgres server is currently [not very seamless](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1682#issuecomment-1061461683) when it comes to enabling various other playbook services** - you will need to create a new database/credentials for each service and to point each service to its corresponding database using custom `vars.yml` configuration. **For the best experience with the playbook, stick to using the integrated Postgres server**. +**Note**: using **an external Postgres server is currently [not very seamless](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1682#issuecomment-1061461683) when it comes to enabling various other playbook services** - you will need to create a new database/credentials for each service and to point each service to its corresponding database using custom `vars.yml` configuration. **For the best experience with the playbook, stick to using the integrated Postgres server**. If you'd like to use an external Postgres server, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): diff --git a/docs/configuring-playbook-prometheus-nginxlog.md b/docs/configuring-playbook-prometheus-nginxlog.md index 77f42c5fb..3923fb685 100644 --- a/docs/configuring-playbook-prometheus-nginxlog.md +++ b/docs/configuring-playbook-prometheus-nginxlog.md @@ -6,7 +6,7 @@ This adds [prometheus-nginxlog-exporter](https://github.com/martin-helmich/prome It will collect access logs from various nginx reverse-proxies which may be used internally (e.g. `matrix-synapse-reverse-proxy-companion`, if Synapse workers are enabled) and will make them available at a Prometheus-compatible `/metrics` endpoint. -**NOTE**: nginx is only used internally by this Ansible playbook. With Traefik being our default reverse-proxy, collecting nginx metrics is less relevant. +**Note**: nginx is only used internally by this Ansible playbook. With Traefik being our default reverse-proxy, collecting nginx metrics is less relevant. To make use of this, you need to install [Prometheus](./configuring-playbook-prometheus-grafana.md) either via the playbook or externally. When using an external Prometheus, configuration adjustments are necessary - see [Save metrics on an external Prometheus server](#save-metrics-on-an-external-prometheus-server). diff --git a/docs/configuring-playbook-s3.md b/docs/configuring-playbook-s3.md index f5a182840..f73aa7012 100644 --- a/docs/configuring-playbook-s3.md +++ b/docs/configuring-playbook-s3.md @@ -65,7 +65,7 @@ You'll need an Amazon S3 bucket and some IAM user credentials (access key + secr } ``` -**NOTE**: This policy needs to be attached to an IAM user created from the **Security Credentials** menu. This is not a **Bucket Policy**. +**Note**: This policy needs to be attached to an IAM user created from the **Security Credentials** menu. This is not a **Bucket Policy**. ## Backblaze B2 diff --git a/docs/configuring-playbook-sliding-sync-proxy.md b/docs/configuring-playbook-sliding-sync-proxy.md index 9ff453d21..4a1dd521e 100644 --- a/docs/configuring-playbook-sliding-sync-proxy.md +++ b/docs/configuring-playbook-sliding-sync-proxy.md @@ -10,7 +10,7 @@ Element X iOS is [available on TestFlight](https://testflight.apple.com/join/uZb Element X Android is [available on the Github Releases page](https://github.com/element-hq/element-x-android/releases). -**NOTE**: The sliding-sync proxy is **not required** when using the **Conduit homeserver**. Starting from version `0.6.0` Conduit has native support for some sliding sync features. If there are issues with the native implementation, you might have a better experience when enabling the sliding-sync proxy anyway. +**Note**: The sliding-sync proxy is **not required** when using the **Conduit homeserver**. Starting from version `0.6.0` Conduit has native support for some sliding sync features. If there are issues with the native implementation, you might have a better experience when enabling the sliding-sync proxy anyway. ## Decide on a domain and path diff --git a/docs/configuring-playbook-synapse-auto-accept-invite.md b/docs/configuring-playbook-synapse-auto-accept-invite.md index db819fb7e..f7bb35c17 100644 --- a/docs/configuring-playbook-synapse-auto-accept-invite.md +++ b/docs/configuring-playbook-synapse-auto-accept-invite.md @@ -5,7 +5,7 @@ The playbook can install and configure [synapse-auto-invite-accept](https://gith See that project's [documentation](https://github.com/matrix-org/synapse-auto-accept-invite) to learn what it does and why it might be useful to you. In short, it automatically accepts room invites. You can specify that only 1:1 room invites are auto-accepted. Defaults to false if not specified. -**NOTE**: Synapse [v1.109.0](https://github.com/element-hq/synapse/releases/tag/v1.109.0), the same feature [has been merged](https://github.com/element-hq/synapse/pull/17147) into Synapse (see the [Native alternative](#native-alternative) section below). You'd better use the native feature, instead of the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite) 3rd party module. +**Note**: Synapse [v1.109.0](https://github.com/element-hq/synapse/releases/tag/v1.109.0), the same feature [has been merged](https://github.com/element-hq/synapse/pull/17147) into Synapse (see the [Native alternative](#native-alternative) section below). You'd better use the native feature, instead of the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite) 3rd party module. ## Configuration diff --git a/docs/howto-server-delegation.md b/docs/howto-server-delegation.md index cf94ec524..38374d4c6 100644 --- a/docs/howto-server-delegation.md +++ b/docs/howto-server-delegation.md @@ -35,7 +35,7 @@ Otherwise, you can decide to go against the default for this playbook, and inste ## Server Delegation via a DNS SRV record (advanced) -**NOTE**: doing Server Delegation via a DNS SRV record is a more **advanced** way to do it and is not the default for this playbook. This is usually **much more complicated** to set up, so **we don't recommend it**. If you're not an experience sysadmin, you'd better stay away from this. +**Note**: doing Server Delegation via a DNS SRV record is a more **advanced** way to do it and is not the default for this playbook. This is usually **much more complicated** to set up, so **we don't recommend it**. If you're not an experience sysadmin, you'd better stay away from this. As per the [Server-Server spec](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery), it's possible to do Server Delegation using only a SRV record (without a `/.well-known/matrix/server` file). diff --git a/docs/howto-srv-server-delegation.md b/docs/howto-srv-server-delegation.md index 8e293ad87..96ead7216 100644 --- a/docs/howto-srv-server-delegation.md +++ b/docs/howto-srv-server-delegation.md @@ -16,7 +16,7 @@ The up-to-date list can be accessed on [traefik's documentation](https://doc.tra ## The changes -**NOTE**: the changes below instruct you how to do this for a basic Synapse installation. You will need to adapt the variable name and the content of the labels: +**Note**: the changes below instruct you how to do this for a basic Synapse installation. You will need to adapt the variable name and the content of the labels: - if you're using another homeserver implementation (e.g. [Conduit](./configuring-playbook-conduit.md) or [Dendrite](./configuring-playbook-dendrite.md)) - if you're using [Synapse with workers enabled](./configuring-playbook-synapse.md#load-balancing-with-workers) (`matrix_synapse_workers_enabled: true`). In that case, it's actually the `matrix-synapse-reverse-proxy-companion` service which has Traefik labels attached diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml index c7c4415db..47d796886 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml @@ -73,6 +73,6 @@ devture_playbook_runtime_messages_list | default([]) + [ - "NOTE: Your appservice-irc database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_irc_data_path }}/*.db` to `{{ matrix_appservice_irc_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files." + "Note: Your appservice-irc database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_irc_data_path }}/*.db` to `{{ matrix_appservice_irc_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files." ] }} diff --git a/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml index 58d08ee0d..b3a6ee937 100644 --- a/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml @@ -69,6 +69,6 @@ devture_playbook_runtime_messages_list | default([]) + [ - "NOTE: Your appservice-slack database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_slack_data_path }}/*.db` to `{{ matrix_appservice_slack_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files." + "Note: Your appservice-slack database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_slack_data_path }}/*.db` to `{{ matrix_appservice_slack_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files." ] }} diff --git a/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml index 541032315..72961cb0e 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml @@ -34,6 +34,6 @@ devture_playbook_runtime_messages_list | default([]) + [ - "NOTE: Your mautrix-facebook bridge is still on SQLite and on the last version that supported it, before support was dropped. Support has been subsequently re-added in v0.3.2, so we advise you to upgrade (by removing your `matrix_mautrix_facebook_docker_image` definition from vars.yml)" + "Note: Your mautrix-facebook bridge is still on SQLite and on the last version that supported it, before support was dropped. Support has been subsequently re-added in v0.3.2, so we advise you to upgrade (by removing your `matrix_mautrix_facebook_docker_image` definition from vars.yml)" ] }} diff --git a/roles/custom/matrix-coturn/tasks/setup_install.yml b/roles/custom/matrix-coturn/tasks/setup_install.yml index 6bed10492..8ee3d5606 100644 --- a/roles/custom/matrix-coturn/tasks/setup_install.yml +++ b/roles/custom/matrix-coturn/tasks/setup_install.yml @@ -7,7 +7,7 @@ ansible.builtin.fail: msg: "To use the external IP address auto-detection feature, you need to set matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_url" - # NOTE: + # Note: # `ansible.builtin.uri` does not provide a way to configure whether IPv4 or IPv6 is used. # Luckily, the default instance we use does not define AAAA records for now, so it's always IPv4. - name: Fetch IP address information from EchoIP service diff --git a/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml b/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml index c8699eab8..a7177861e 100644 --- a/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml +++ b/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml @@ -87,7 +87,7 @@ matrix_prometheus_nginxlog_exporter_container_http_host_bind_port: '' # Controls whether the matrix-prometheus_nginxlog_exporter container exposes its SYSLOG port (udp/6514 in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:6514"), or empty string to not expose. -# NOTE: is an UDP connection! +# Note: is an UDP connection! matrix_prometheus_nginxlog_exporter_container_syslog_host_bind_port: '' matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags: "{{ matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags_auto + matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags_custom }}" diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index ddc331dd0..212a37ba5 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1581,7 +1581,7 @@ auto_accept_invites: enable_metrics: {{ matrix_synapse_metrics_enabled|to_json }} # Enable sentry integration -# NOTE: While attempts are made to ensure that the logs don't contain +# Note: While attempts are made to ensure that the logs don't contain # any sensitive information, this cannot be guaranteed. By enabling # this option the sentry server may therefore receive sensitive # information, and it in turn may then diseminate sensitive information From a8ab53c149948a04e1cf7f8c754edabf0eaa4ed4 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 15 Oct 2024 03:05:26 +0900 Subject: [PATCH 040/404] Use double wildcards for 'Note' Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-discord.md | 2 +- docs/configuring-playbook-bridge-appservice-webhooks.md | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index 0e766af9c..12370ad11 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -28,7 +28,7 @@ matrix_appservice_discord_bot_token: "YOUR DISCORD APP BOT TOKEN" matrix_synapse_configuration_extension_yaml: | use_appservice_legacy_authorization: true ``` -*Note*: This deprecated method is considered insecure. +**Note**: This deprecated method is considered insecure. 6. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md index a2827e85c..7d38ae871 100644 --- a/docs/configuring-playbook-bridge-appservice-webhooks.md +++ b/docs/configuring-playbook-bridge-appservice-webhooks.md @@ -20,7 +20,7 @@ matrix_appservice_webhooks_api_secret: '' 2. In case you want to change the verbosity of logging via `journalctl -fu matrix-appservice-webhooks.service` you can adjust this in `inventory/host_vars/matrix./vars.yml` as well. -*Note*: default value is: `info` and availabe log levels are : `info`, `verbose` +**Note**: default value is: `info` and availabe log levels are : `info`, `verbose` ```yaml matrix_appservice_webhooks_log_level: '' @@ -31,7 +31,7 @@ matrix_appservice_webhooks_log_level: '' matrix_synapse_configuration_extension_yaml: | use_appservice_legacy_authorization: true ``` -*Note*: This deprecated method is considered insecure. +**Note**: This deprecated method is considered insecure. 4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. @@ -39,7 +39,7 @@ matrix_synapse_configuration_extension_yaml: | 6. Invite the bridge bot user to your room: - - either with `/invite @_webhook:` (*Note*: Make sure you have administration permissions in your room) + - either with `/invite @_webhook:` (**Note**: Make sure you have administration permissions in your room) - or simply add the bridge bot to a private channel (personal channels imply you being an administrator) From 41186b07717f627878c8355c0e1f31b2c212ef21 Mon Sep 17 00:00:00 2001 From: Dark Decoy Date: Mon, 14 Oct 2024 18:47:59 +0000 Subject: [PATCH 041/404] Update registering-users.md --- docs/registering-users.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/registering-users.md b/docs/registering-users.md index 51fdef346..1fddafbbd 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -71,7 +71,7 @@ If you're opening up registrations publicly like this, you might also wish to [c To change the admin privileges for a user, you need to run an SQL query like this against the `synapse` database: ```sql -UPDATE users SET admin=ADMIN_VALUE WHERE name = '@USER:DOMAIN' +UPDATE users SET admin=ADMIN_VALUE WHERE name = '@USER:DOMAIN'; ``` where: From fb2f088bf0fcf6ee58d83b4d0fba0b5bc0b9fdd7 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 15 Oct 2024 15:31:11 +0000 Subject: [PATCH 042/404] Update vectorim/element-web Docker tag to v1.11.81 --- roles/custom/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index 617559388..20bd98737 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -11,7 +11,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" # renovate: datasource=docker depName=vectorim/element-web -matrix_client_element_version: v1.11.80 +matrix_client_element_version: v1.11.81 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" From 7dd961dea4dd72852d18e11c240b90465e5faa36 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 15 Oct 2024 15:31:15 +0000 Subject: [PATCH 043/404] Update dependency grafana to v11.2.2-0 --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 27144b2f4..1e094e06d 100644 --- a/requirements.yml +++ b/requirements.yml @@ -22,7 +22,7 @@ version: v4.98-r0-1-1 name: exim_relay - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-grafana.git - version: v11.1.7-0 + version: v11.2.2-0 name: grafana - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git version: v9753-0 From 9a75758bbe0668d3b46a19d6799cec5af5b6ae16 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 16 Oct 2024 00:35:07 +0900 Subject: [PATCH 044/404] Update docs/configuring-playbook-bridge-appservice-slack.md: fix indentation Signed-off-by: Suguru Hirahara --- ...guring-playbook-bridge-appservice-slack.md | 72 ++++++++++--------- 1 file changed, 39 insertions(+), 33 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index 6c2f830ee..7c40a4986 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -15,35 +15,35 @@ be done in Element by making a message, opening the options for that message and room ID will be displayed near the top. 2. Enable the bridge with the following configuration in your `vars.yml` file: -```yaml -matrix_appservice_slack_enabled: true -matrix_appservice_slack_control_room_id: "Your matrix admin room id" -``` + ```yaml + matrix_appservice_slack_enabled: true + matrix_appservice_slack_control_room_id: "Your matrix admin room id" + ``` 3. Enable puppeting (optional, but recommended) -```yaml -matrix_appservice_slack_puppeting_enabled: true -matrix_appservice_slack_puppeting_slackapp_client_id: "Your Classic Slack App Client ID" -matrix_appservice_slack_puppeting_slackapp_client_secret: "Your Classic Slack App Client Secret" -``` + ```yaml + matrix_appservice_slack_puppeting_enabled: true + matrix_appservice_slack_puppeting_slackapp_client_id: "Your Classic Slack App Client ID" + matrix_appservice_slack_puppeting_slackapp_client_secret: "Your Classic Slack App Client Secret" + ``` 4. Enable Team Sync (optional) -```yaml -matrix_appservice_slack_team_sync_enabled: true -``` + ```yaml + matrix_appservice_slack_team_sync_enabled: true + ``` See https://matrix-appservice-slack.readthedocs.io/en/latest/team_sync/ 4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. 5. Invite the bridge bot user into the admin room: -``` + ``` /invite @slackbot:MY.DOMAIN -``` + ``` -Note that the bot's domain is your server's domain **without the `matrix.` prefix.** + Note that the bot's domain is your server's domain **without the `matrix.` prefix.** 6. Create a Classic Slack App [here](https://api.slack.com/apps?new_classic_app=1). @@ -88,25 +88,31 @@ Note that the bot's domain is your server's domain **without the `matrix.` prefi * Issue a link command in the administration control room with these collected values as arguments: with file bridging: - ``` - link --channel_id CHANNELID --room !the-matrix:room.id --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx --slack_user_token xoxp-xxxxxxxx-xxxxxxxxx-xxxxxxxx-xxxxxxxx - ``` - without file bridging: - ``` - link --channel_id CHANNELID --room !the-matrix:room.id --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx - ``` - These arguments can be shortened to single-letter forms: - ``` - link -I CHANNELID -R !the-matrix:room.id -t xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx - ``` -Other configuration options are available via the `matrix_appservice_slack_configuration_extension_yaml` variable. + ``` + link --channel_id CHANNELID --room !the-matrix:room.id --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx --slack_user_token xoxp-xxxxxxxx-xxxxxxxxx-xxxxxxxx-xxxxxxxx + ``` + + without file bridging: + + ``` + link --channel_id CHANNELID --room !the-matrix:room.id --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx + ``` + + These arguments can be shortened to single-letter forms: + + ``` + link -I CHANNELID -R !the-matrix:room.id -t xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx + ``` + + Other configuration options are available via the `matrix_appservice_slack_configuration_extension_yaml` variable. 11. Unlinking Channels can be unlinked again like this: + ``` - unlink --room !the-matrix:room.id + unlink --room !the-matrix:room.id ``` Unlinking doesn't only disconnect the bridge, but also makes the slackbot leave the bridged matrix room. So in case you want to re-link later, don't forget to re-invite the slackbot into this room again. @@ -117,12 +123,12 @@ Other configuration options are available via the `matrix_appservice_slack_confi `journalctl -fu matrix-appservice-slack` * linking: "Room is now pending-name" -This typically means that you haven't used the correct slack channel id. Unlink the room and recheck 'Determine the "channel ID"' from above. + This typically means that you haven't used the correct slack channel id. Unlink the room and recheck 'Determine the "channel ID"' from above. * Messages work from M to S, but not the other way around -Check you logs, if they say something like + Check you logs, if they say something like -`WARN SlackEventHandler Ignoring message from unrecognised slack channel id : %s (%s) ` + `WARN SlackEventHandler Ignoring message from unrecognised slack channel id : %s (%s) ` -then unlink your room, reinvite the bot and re-link it again. This may particularly hit you, if you tried to unsuccessfully link -your room multiple times without unlinking it after each failed attempt. + then unlink your room, reinvite the bot and re-link it again. This may particularly hit you, if you tried to unsuccessfully link + your room multiple times without unlinking it after each failed attempt. From c7e347468f1b857acd3d1d9f352e9c88f8dd70a0 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 16 Oct 2024 00:40:43 +0900 Subject: [PATCH 045/404] Update docs/configuring-playbook-bridge-appservice-slack.md: fix line breaks Signed-off-by: Suguru Hirahara --- ...configuring-playbook-bridge-appservice-slack.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index 7c40a4986..6ae5f7fb5 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -10,9 +10,8 @@ See the project's [documentation](https://github.com/matrix-org/matrix-appservic loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Setup) -1. Create a new Matrix room to act as the administration control room. Note its internal room ID. This can -be done in Element by making a message, opening the options for that message and choosing "view source". The -room ID will be displayed near the top. +1. Create a new Matrix room to act as the administration control room. Note its internal room ID. This can be done in Element by making a message, opening the options for that message and choosing "view source". The room ID will be displayed near the top. + 2. Enable the bridge with the following configuration in your `vars.yml` file: ```yaml @@ -37,6 +36,7 @@ room ID will be displayed near the top. See https://matrix-appservice-slack.readthedocs.io/en/latest/team_sync/ 4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. + 5. Invite the bridge bot user into the admin room: ``` @@ -119,16 +119,16 @@ room ID will be displayed near the top. ## Troubleshooting -* as always, check the logs: -`journalctl -fu matrix-appservice-slack` +* as always, check the logs: `journalctl -fu matrix-appservice-slack` * linking: "Room is now pending-name" + This typically means that you haven't used the correct slack channel id. Unlink the room and recheck 'Determine the "channel ID"' from above. * Messages work from M to S, but not the other way around + Check you logs, if they say something like `WARN SlackEventHandler Ignoring message from unrecognised slack channel id : %s (%s) ` - then unlink your room, reinvite the bot and re-link it again. This may particularly hit you, if you tried to unsuccessfully link - your room multiple times without unlinking it after each failed attempt. + then unlink your room, reinvite the bot and re-link it again. This may particularly hit you, if you tried to unsuccessfully link your room multiple times without unlinking it after each failed attempt. From bc579cd3ba566e13a18c737cd34bdafe0053c625 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 16 Oct 2024 00:42:09 +0900 Subject: [PATCH 046/404] Update docs/configuring-playbook-bridge-appservice-slack.md: fix list numbering --- ...nfiguring-playbook-bridge-appservice-slack.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index 6ae5f7fb5..2582cb14a 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -35,9 +35,9 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se See https://matrix-appservice-slack.readthedocs.io/en/latest/team_sync/ -4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. +5. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. -5. Invite the bridge bot user into the admin room: +6. Invite the bridge bot user into the admin room: ``` /invite @slackbot:MY.DOMAIN @@ -45,7 +45,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se Note that the bot's domain is your server's domain **without the `matrix.` prefix.** -6. Create a Classic Slack App [here](https://api.slack.com/apps?new_classic_app=1). +7. Create a Classic Slack App [here](https://api.slack.com/apps?new_classic_app=1). Name the app "matrixbot" (or anything else you'll remember). @@ -53,7 +53,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se Click on bot users and add a new bot user. We will use this account to bridge the the rooms. -7. Click on Event Subscriptions and enable them and use the request url `https://matrix.DOMAIN/appservice-slack`. Then add the following events and save: +8. Click on Event Subscriptions and enable them and use the request url `https://matrix.DOMAIN/appservice-slack`. Then add the following events and save: Bot User Events: @@ -63,7 +63,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se - reaction_added - reaction_removed -8. Click on OAuth & Permissions and add the following scopes: +9. Click on OAuth & Permissions and add the following scopes: - chat:write:bot - users:read @@ -75,9 +75,9 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se **Note**: In order to make Slack files visible to matrix users, this bridge will make Slack files visible to anyone with the url (including files in private channels). This is different than the current behavior in Slack, which only allows authenticated access to media posted in private channels. See MSC701 for details. -9. Click on Install App and Install App to Workspace. Note the access tokens shown. You will need the Bot User OAuth Access Token and if you want to bridge files, the OAuth Access Token whenever you link a room. +10. Click on Install App and Install App to Workspace. Note the access tokens shown. You will need the Bot User OAuth Access Token and if you want to bridge files, the OAuth Access Token whenever you link a room. -10. If Team Sync is not enabled, for each channel you would like to bridge, perform the following steps: +11. If Team Sync is not enabled, for each channel you would like to bridge, perform the following steps: * Create a Matrix room in the usual manner for your client. Take a note of its Matrix room ID - it will look something like !aBcDeF:example.com. @@ -107,7 +107,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se Other configuration options are available via the `matrix_appservice_slack_configuration_extension_yaml` variable. -11. Unlinking +12. Unlinking Channels can be unlinked again like this: From 45abdaac01b12fa1e2d5ea66ed861c9949e4f228 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 16 Oct 2024 00:47:48 +0900 Subject: [PATCH 047/404] Update docs/configuring-playbook-bridge-appservice-slack.md: fix capitalization Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-slack.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index 2582cb14a..52ceceb5c 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -119,9 +119,9 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se ## Troubleshooting -* as always, check the logs: `journalctl -fu matrix-appservice-slack` +* As always, check the logs: `journalctl -fu matrix-appservice-slack` -* linking: "Room is now pending-name" +* Linking: "Room is now pending-name" This typically means that you haven't used the correct slack channel id. Unlink the room and recheck 'Determine the "channel ID"' from above. From f2a5b8595e95ae3c53766ace4440b02429ec747e Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 16 Oct 2024 00:56:41 +0900 Subject: [PATCH 048/404] Update docs/configuring-playbook-bridge-appservice-slack.md: use a common expression for adding configuration Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-slack.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index 52ceceb5c..03aa50e8a 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -12,7 +12,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se 1. Create a new Matrix room to act as the administration control room. Note its internal room ID. This can be done in Element by making a message, opening the options for that message and choosing "view source". The room ID will be displayed near the top. -2. Enable the bridge with the following configuration in your `vars.yml` file: +2. Enable the bridge by adding the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml matrix_appservice_slack_enabled: true From b3aad9b8a4759fa9ea1bd1c0dd7f64ceb4a0368e Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 15 Oct 2024 19:08:56 +0300 Subject: [PATCH 049/404] Upgrade Synapse (v1.116.0 -> v1.117.0) --- roles/custom/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 9cb0d5754..9659e876e 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -16,7 +16,7 @@ matrix_synapse_enabled: true matrix_synapse_github_org_and_repo: element-hq/synapse # renovate: datasource=docker depName=ghcr.io/element-hq/synapse -matrix_synapse_version: v1.116.0 +matrix_synapse_version: v1.117.0 matrix_synapse_username: '' matrix_synapse_uid: '' From ba775a20fc0a05aaed87d499118f1cccf8798a3c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 15 Oct 2024 19:44:28 +0300 Subject: [PATCH 050/404] Minor rewording --- docs/configuring-playbook-bridge-appservice-slack.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index 03aa50e8a..c837276eb 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -10,7 +10,7 @@ See the project's [documentation](https://github.com/matrix-org/matrix-appservic loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Setup) -1. Create a new Matrix room to act as the administration control room. Note its internal room ID. This can be done in Element by making a message, opening the options for that message and choosing "view source". The room ID will be displayed near the top. +1. Create a new Matrix room to act as the administration control room. Note its internal room ID. This can be done in Element by sending a message, opening the options for that message and choosing "view source". The room ID will be displayed near the top. 2. Enable the bridge by adding the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: @@ -81,7 +81,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se * Create a Matrix room in the usual manner for your client. Take a note of its Matrix room ID - it will look something like !aBcDeF:example.com. - * Invite the bot user to both the Slack and Matrix channels you would like to bridge using `/invite @matrixbot` for slack and `/invite @slackbot:MY.DOMAIN` for matrix. + * Invite the bot user to both the Slack and Matrix channels you would like to bridge using `/invite @matrixbot` for Slack and `/invite @slackbot:MY.DOMAIN` for Matrix. * Determine the "channel ID" that Slack uses to identify the channel. You can see it when you open a given Slack channel in a browser. The URL reads like this: `https://app.slack.com/client/XXX//details/`. @@ -123,12 +123,12 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se * Linking: "Room is now pending-name" - This typically means that you haven't used the correct slack channel id. Unlink the room and recheck 'Determine the "channel ID"' from above. + This typically means that you haven't used the correct Slack channel id. Unlink the room and recheck 'Determine the "channel ID"' from above. * Messages work from M to S, but not the other way around Check you logs, if they say something like - `WARN SlackEventHandler Ignoring message from unrecognised slack channel id : %s (%s) ` + `WARN SlackEventHandler Ignoring message from unrecognised Slack channel id : %s (%s) ` then unlink your room, reinvite the bot and re-link it again. This may particularly hit you, if you tried to unsuccessfully link your room multiple times without unlinking it after each failed attempt. From ac90870e3000be6cd01b66f0e81eedcaa5393403 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 14 Oct 2024 23:19:48 +0900 Subject: [PATCH 051/404] =?UTF-8?q?Fix=20capitalization:=20room=20id=20?= =?UTF-8?q?=E2=86=92=20room=20ID?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-email2matrix.md | 4 ++-- roles/custom/matrix-conduit/templates/conduit.toml.j2 | 2 +- roles/custom/matrix-synapse/defaults/main.yml | 2 +- roles/custom/matrix-synapse/vars/main.yml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 6db339b43..7fbd49a76 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -35,8 +35,8 @@ It doesn't matter who creates and owns the rooms and who joins later (you or the What matters is that both you and the sender user are part of the same room and that the sender user has enough privileges in the room to be able to send messages there. Inviting additional people to the room is okay too. -Take note of each room's room id (different clients show the room id in a different place). -You'll need the room id when doing [Configuration](#configuration) below. +Take note of each room's room ID (different clients show the room ID in a different place). +You'll need the room ID when doing [Configuration](#configuration) below. ### Obtaining an access token for the sender user diff --git a/roles/custom/matrix-conduit/templates/conduit.toml.j2 b/roles/custom/matrix-conduit/templates/conduit.toml.j2 index b22509cec..be490cd2a 100644 --- a/roles/custom/matrix-conduit/templates/conduit.toml.j2 +++ b/roles/custom/matrix-conduit/templates/conduit.toml.j2 @@ -7,7 +7,7 @@ [global] # The server_name is the pretty name of this server. It is used as a suffix for user -# and room ids. Examples: matrix.org, conduit.rs +# and room IDs. Examples: matrix.org, conduit.rs # The Conduit server needs all /_matrix/ requests to be reachable at # https://your.server.name/ on port 443 (client-server) and 8448 (federation). diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 9659e876e..119f29746 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -1210,7 +1210,7 @@ matrix_synapse_ext_encryption_disabler_download_url: "https://raw.githubusercont # A list of server domain names for which to deny encryption if the event sender's domain matches the domain in the list. # By default, with the configuration below, we prevent all homeserver users from initiating encryption in ANY room. matrix_synapse_ext_encryption_disabler_deny_encryption_for_users_of: ["{{ matrix_domain }}"] -# A list of server domain names for which to deny encryption if the destination room id's domain matches the domain in the list. +# A list of server domain names for which to deny encryption if the destination room ID's domain matches the domain in the list. # By default, with the configuration below, we prevent locally-created encryption events by ANY user encrypt rooms on the homeserver. # Note: foreign users with enough room privileges will still be able to send an encryption event to your rooms and encrypt them. matrix_synapse_ext_encryption_disabler_deny_encryption_for_rooms_of: ["{{ matrix_domain }}"] diff --git a/roles/custom/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml index c25f30fe7..88edcb187 100644 --- a/roles/custom/matrix-synapse/vars/main.yml +++ b/roles/custom/matrix-synapse/vars/main.yml @@ -8,7 +8,7 @@ matrix_synapse_media_store_directory_name: "{{ matrix_synapse_media_store_path | # Optionally: `false` to fully disable tls on outbound smtp matrix_synapse_email_smtp_enable_tls: true -# Room workers handle any URL that contains a room id, either through the client-server API or the federation API +# Room workers handle any URL that contains a room ID, either through the client-server API or the federation API # - see https://tcpipuk.github.io/synapse/deployment/nginx.html#locationsconf matrix_synapse_workers_room_worker_client_server_endpoints: - ^/_matrix/client/.*?!(?[A-Za-z0-9._=\-\/]+):[A-Za-z0-9.\-]+ From 174b18be9a8650e78087aed7fb67375e1c7d5b25 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 16 Oct 2024 02:24:34 +0900 Subject: [PATCH 052/404] =?UTF-8?q?Fix=20capitalization:=20id=20=E2=86=92?= =?UTF-8?q?=20ID?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 2 +- docs/configuring-playbook-alertmanager-receiver.md | 2 +- docs/configuring-playbook-bridge-appservice-slack.md | 8 ++++---- .../configuring-playbook-bridge-matrix-bridge-sms.md | 2 +- docs/configuring-playbook-jitsi.md | 8 ++++---- docs/configuring-playbook-matrix-corporal.md | 4 ++-- docs/configuring-playbook-matrix-media-repo.md | 2 +- docs/configuring-playbook-prometheus-grafana.md | 2 +- ...nfiguring-playbook-synapse-s3-storage-provider.md | 2 +- ...configuring-playbook-user-verification-service.md | 2 +- docs/configuring-well-known.md | 2 +- docs/maintenance-migrating.md | 2 +- .../templates/production-appservice.yaml.j2 | 4 ++-- roles/custom/matrix-base/defaults/main.yml | 4 ++-- roles/custom/matrix-bot-honoroit/defaults/main.yml | 8 ++++---- .../matrix-bridge-appservice-irc/defaults/main.yml | 2 +- .../templates/config.yaml.j2 | 2 +- .../templates/config.yaml.j2 | 2 +- .../templates/cactus_appservice.yaml.j2 | 2 +- roles/custom/matrix-dimension/defaults/main.yml | 2 +- roles/custom/matrix-synapse/defaults/main.yml | 6 +++--- .../templates/synapse/homeserver.yaml.j2 | 12 ++++++------ 22 files changed, 41 insertions(+), 41 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8aca87ee7..54535161d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3478,7 +3478,7 @@ By default, public registration is forbidden. You can also make people automatically get auto-joined to rooms (controlled via `matrix_synapse_auto_join_rooms`). -## Support for changing the welcome user id (welcome bot) +## Support for changing the welcome user ID (welcome bot) By default, `@riot-bot:matrix.org` is used to welcome newly registered users. This can be changed to something else (or disabled) via the new `matrix_riot_web_welcome_user_id` variable. diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index 0b07dd0c2..fbd50e85f 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -54,7 +54,7 @@ The playbook can automatically create users, but it cannot automatically obtain 2. [Obtain an access token](obtaining-access-tokens.md) for the bot's user account 3. Invite the bot to a room where you'd like to alerts to be delivered 4. Log in as the bot using any Matrix client of your choosing, accept the room invitation from the bot's account and log out -5. (Optionally) Adjust `matrix_alertmanager_receiver_config_matrix_room_mapping` to create a mapping between the new room and its id +5. (Optionally) Adjust `matrix_alertmanager_receiver_config_matrix_room_mapping` to create a mapping between the new room and its ID Steps 1 and 2 above only need to be done once, while preparing your [configuration](#configuration). diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index c837276eb..5c970dcc5 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -16,7 +16,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se ```yaml matrix_appservice_slack_enabled: true - matrix_appservice_slack_control_room_id: "Your matrix admin room id" + matrix_appservice_slack_control_room_id: "Your matrix admin room ID" ``` 3. Enable puppeting (optional, but recommended) @@ -83,7 +83,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se * Invite the bot user to both the Slack and Matrix channels you would like to bridge using `/invite @matrixbot` for Slack and `/invite @slackbot:MY.DOMAIN` for Matrix. - * Determine the "channel ID" that Slack uses to identify the channel. You can see it when you open a given Slack channel in a browser. The URL reads like this: `https://app.slack.com/client/XXX//details/`. + * Determine the "channel ID" that Slack uses to identify the channel. You can see it when you open a given Slack channel in a browser. The URL reads like this: `https://app.slack.com/client/XXX//details/`. * Issue a link command in the administration control room with these collected values as arguments: @@ -123,12 +123,12 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se * Linking: "Room is now pending-name" - This typically means that you haven't used the correct Slack channel id. Unlink the room and recheck 'Determine the "channel ID"' from above. + This typically means that you haven't used the correct Slack channel ID. Unlink the room and recheck 'Determine the "channel ID"' from above. * Messages work from M to S, but not the other way around Check you logs, if they say something like - `WARN SlackEventHandler Ignoring message from unrecognised Slack channel id : %s (%s) ` + `WARN SlackEventHandler Ignoring message from unrecognised Slack channel ID : %s (%s) ` then unlink your room, reinvite the bot and re-link it again. This may particularly hit you, if you tried to unsuccessfully link your room multiple times without unlinking it after each failed attempt. diff --git a/docs/configuring-playbook-bridge-matrix-bridge-sms.md b/docs/configuring-playbook-bridge-matrix-bridge-sms.md index e5efece53..fe883abb5 100644 --- a/docs/configuring-playbook-bridge-matrix-bridge-sms.md +++ b/docs/configuring-playbook-bridge-matrix-bridge-sms.md @@ -13,7 +13,7 @@ To enable the bridge, add the following configuration to your `inventory/host_va ```yaml matrix_sms_bridge_enabled: true -# (optional but recommended) a room id to a default room +# (optional but recommended) a room ID to a default room matrix_sms_bridge_default_room: "" # (optional but recommended) configure your server location diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index de23cf127..6bbad186d 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -173,8 +173,8 @@ For this role to work you will need an additional section in the ansible hosts f ansible_host= ``` -Each JVB will require a server id to be set so that it can be uniquely identified and this allows Jitsi to keep track of which conferences are on which JVB. -The server id is set with the variable `jitsi_jvb_server_id` which ends up as the JVB_WS_SERVER_ID environment variables in the JVB docker container. +Each JVB will require a server ID to be set so that it can be uniquely identified and this allows Jitsi to keep track of which conferences are on which JVB. +The server ID is set with the variable `jitsi_jvb_server_id` which ends up as the JVB_WS_SERVER_ID environment variables in the JVB docker container. This variable can be set via the host file, a parameter to the ansible command or in the `vars.yaml` for the host which will have the additional JVB. For example: ``` yaml @@ -187,7 +187,7 @@ jvb-2.example.com ansible_host=192.168.0.2 jitsi_jvb_server_id=jvb-2 jvb-3.example.com ansible_host=192.168.0.3 jitsi_jvb_server_id=jvb-2 ``` -Note that the server id `jvb-1` is reserved for the JVB instance running on the Matrix host and therefore should not be used as the id of an additional jvb host. +Note that the server ID `jvb-1` is reserved for the JVB instance running on the Matrix host and therefore should not be used as the ID of an additional jvb host. The additional JVB will also need to expose the colibri web socket port and this can be done with the following variable: @@ -195,7 +195,7 @@ The additional JVB will also need to expose the colibri web socket port and this jitsi_jvb_container_colibri_ws_host_bind_port: 9090 ``` -The JVB will also need to know where the prosody xmpp server is located, similar to the server id this can be set in the vars for the JVB by using the variable +The JVB will also need to know where the prosody xmpp server is located, similar to the server ID this can be set in the vars for the JVB by using the variable `jitsi_xmpp_server`. The Jitsi prosody container is deployed on the matrix server by default so the value can be set to the matrix domain. For example: ```yaml diff --git a/docs/configuring-playbook-matrix-corporal.md b/docs/configuring-playbook-matrix-corporal.md index c0e8b38be..ff762310e 100644 --- a/docs/configuring-playbook-matrix-corporal.md +++ b/docs/configuring-playbook-matrix-corporal.md @@ -52,7 +52,7 @@ matrix_corporal_policy_provider_config: | matrix_corporal_http_api_enabled: true matrix_corporal_http_api_auth_token: "AUTH_TOKEN_HERE" -# If you need to change matrix-corporal's user id from the default (matrix-corporal). +# If you need to change matrix-corporal's user ID from the default (matrix-corporal). # In any case, you need to make sure this Matrix user is created on your server. matrix_corporal_corporal_user_id_local_part: "matrix-corporal" @@ -73,7 +73,7 @@ matrix_synapse_rc_login: Matrix Corporal operates with a specific Matrix user on your server. By default, it's `matrix-corporal` (controllable by the `matrix_corporal_reconciliation_user_id_local_part` setting, see above). -No matter what Matrix user id you configure to run it with, make sure that: +No matter what Matrix user ID you configure to run it with, make sure that: - the Matrix Corporal user is created by [registering it](registering-users.md) **with administrator privileges**. Use a password you remember, as you'll need to log in from time to time to create or join rooms diff --git a/docs/configuring-playbook-matrix-media-repo.md b/docs/configuring-playbook-matrix-media-repo.md index e33162e9e..a91f3e444 100644 --- a/docs/configuring-playbook-matrix-media-repo.md +++ b/docs/configuring-playbook-matrix-media-repo.md @@ -105,7 +105,7 @@ If you wish to manually generate the signing key and merge it with your homeserv ### Key backup and revoking -Since your homeserver signing key file is modified by the playbook, a backup will be created in `HOMESERVER_DIR/config/DOMAIN.signing.key.backup`. If you need to remove/revoke old keys, you can restore from this backup or remove the MMR key id from your `DOMAIN.signing.key` file. +Since your homeserver signing key file is modified by the playbook, a backup will be created in `HOMESERVER_DIR/config/DOMAIN.signing.key.backup`. If you need to remove/revoke old keys, you can restore from this backup or remove the MMR key ID from your `DOMAIN.signing.key` file. Additionally, its recommended after revoking a signing key to update your homeserver config file (`old_signing_keys` field for Synapse and `old_private_keys` for Dendrite). See your homeserver config file for further documentation on how to populate the field. diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index 2bcb1d8e1..6f096da43 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -22,7 +22,7 @@ grafana_enabled: true grafana_anonymous_access: false -# This has no relation to your Matrix user id. It can be any username you'd like. +# This has no relation to your Matrix user ID. It can be any username you'd like. # Changing the username subsequently won't work. grafana_default_admin_user: "some_username_chosen_by_you" diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index 9fb26212a..a5887a33d 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -36,7 +36,7 @@ matrix_synapse_ext_synapse_s3_storage_provider_config_region_name: some-region-n matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url: https://s3.REGION_NAME.amazonaws.com # adjust this matrix_synapse_ext_synapse_s3_storage_provider_config_storage_class: STANDARD # or STANDARD_IA, etc. -# Authentication Method 1 - (access key id + secret) +# Authentication Method 1 - (access key ID + secret) # This works on all providers (AWS and other compatible systems). # Uncomment the variables below to use it. # matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id: access-key-goes-here diff --git a/docs/configuring-playbook-user-verification-service.md b/docs/configuring-playbook-user-verification-service.md index cefe39a87..ccac883a3 100644 --- a/docs/configuring-playbook-user-verification-service.md +++ b/docs/configuring-playbook-user-verification-service.md @@ -16,7 +16,7 @@ UVS can be used to verify two claims: * (A) Whether a given OpenID token is valid for a given server and * (B) whether a user is member of a given room and the corresponding PowerLevel -Verifying an OpenID token id done by finding the corresponding Homeserver via '.well-known/matrix/server' for the given domain. +Verifying an OpenID token ID done by finding the corresponding Homeserver via '.well-known/matrix/server' for the given domain. The configured `matrix_user_verification_service_uvs_homeserver_url` does **not** factor into this. By default, this playbook only checks against `matrix_server_fqn_matrix`. Therefore, the request will be made against the public openid API for `matrix_server_fqn_matrix`. diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index e7925bbea..1237c96f3 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -25,7 +25,7 @@ To learn how to set up `/.well-known/matrix/server`, read the Installing section ## Introduction to Client Server Discovery -Client Server Service discovery lets various client programs which support it, to receive a full user id (e.g. `@username:example.com`) and determine where the Matrix server is automatically (e.g. `https://matrix.example.com`). +Client Server Service discovery lets various client programs which support it, to receive a full user ID (e.g. `@username:example.com`) and determine where the Matrix server is automatically (e.g. `https://matrix.example.com`). This lets you (and your users) easily connect to your Matrix server without having to customize connection URLs. When using client programs that support it, you won't need to point them to `https://matrix.example.com` in Custom Server options manually anymore. The connection URL would be discovered automatically from your full username. diff --git a/docs/maintenance-migrating.md b/docs/maintenance-migrating.md index 6a56b9a04..638b3c0cb 100644 --- a/docs/maintenance-migrating.md +++ b/docs/maintenance-migrating.md @@ -10,5 +10,5 @@ 4. Make sure your DNS records are adjusted to point to the new server's IP address 5. Remove old server from the `inventory/hosts` file and add new server. 6. Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-system-user`. This will create the `matrix` user and group on the new server -7. Because the `matrix` user and group are created dynamically on each server, the user/group id may differ between the old and new server. We suggest that you adjust ownership of `/matrix` files manually by running this on the new server: `chown -R matrix:matrix /matrix`. +7. Because the `matrix` user and group are created dynamically on each server, the user/group ID may differ between the old and new server. We suggest that you adjust ownership of `/matrix` files manually by running this on the new server: `chown -R matrix:matrix /matrix`. 8. Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` to finish the installation and start all services diff --git a/roles/custom/matrix-appservice-draupnir-for-all/templates/production-appservice.yaml.j2 b/roles/custom/matrix-appservice-draupnir-for-all/templates/production-appservice.yaml.j2 index 8bc927ad1..f7f34cbe5 100644 --- a/roles/custom/matrix-appservice-draupnir-for-all/templates/production-appservice.yaml.j2 +++ b/roles/custom/matrix-appservice-draupnir-for-all/templates/production-appservice.yaml.j2 @@ -1,5 +1,5 @@ homeserver: - # The Matrix server name, this will be the name of the server in your matrix id. + # The Matrix server name, this will be the name of the server in your matrix ID. domain: "{{ matrix_domain }}" # The url for the appservice to call the client server API from. url: "{{ matrix_homeserver_url }}" @@ -15,4 +15,4 @@ adminRoom: "{{ matrix_appservice_draupnir_for_all_master_control_room_alias }}" # This is a web api that the widget connects to in order to interact with the appservice. webAPI: - port: 9000 \ No newline at end of file + port: 9000 diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 850fe1a53..3b82d941e 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -139,8 +139,8 @@ matrix_user_username: "matrix" matrix_user_groupname: "matrix" # By default, the playbook creates the user (`matrix_user_username`) -# and group (`matrix_user_groupname`) with a random id. -# To use a specific user/group id, override these variables. +# and group (`matrix_user_groupname`) with a random ID. +# To use a specific user/group ID, override these variables. matrix_user_uid: ~ matrix_user_gid: ~ diff --git a/roles/custom/matrix-bot-honoroit/defaults/main.yml b/roles/custom/matrix-bot-honoroit/defaults/main.yml index ae298e0c9..1ac81eadc 100644 --- a/roles/custom/matrix-bot-honoroit/defaults/main.yml +++ b/roles/custom/matrix-bot-honoroit/defaults/main.yml @@ -156,10 +156,10 @@ matrix_bot_honoroit_healthchecks_duration: 60 # in seconds matrix_bot_honoroit_redmine_host: '' # e.g. https://redmine.example.com matrix_bot_honoroit_redmine_apikey: '' matrix_bot_honoroit_redmine_project: '' # project identifier (e.g. 'myproject') -matrix_bot_honoroit_redmine_tracker_id: '' # tracker id (e.g. 1) -matrix_bot_honoroit_redmine_new_status_id: '' # new status id (e.g. 1) -matrix_bot_honoroit_redmine_in_progress_status_id: '' # in progress status id (e.g. 2) -matrix_bot_honoroit_redmine_done_status_id: '' # done status id (e.g. 3) +matrix_bot_honoroit_redmine_tracker_id: '' # tracker ID (e.g. 1) +matrix_bot_honoroit_redmine_new_status_id: '' # new status ID (e.g. 1) +matrix_bot_honoroit_redmine_in_progress_status_id: '' # in progress status ID (e.g. 2) +matrix_bot_honoroit_redmine_done_status_id: '' # done status ID (e.g. 3) # A list of whitelisted users allowed to use/invite honoroit # If not defined, everyone is allowed. diff --git a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml index 2beff97bf..61a028951 100644 --- a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml @@ -412,7 +412,7 @@ matrix_appservice_irc_configuration: "{{ matrix_appservice_irc_configuration_yam # # We do this to ensure consistency: # - always having an up-to-date registration.yaml file (synced with the configuration file) -# - always having the same AS/HS token and appservice id in the registration.yaml file +# - always having the same AS/HS token and appservice ID in the registration.yaml file # # Learn more about this in `setup_install.yml` matrix_appservice_irc_registration_override_yaml: | diff --git a/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2 index 0bd5a7b9f..465a861fb 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2 @@ -9,7 +9,7 @@ network: # * messenger - connect to FB Messenger via messenger.com (can be used with the facebook side deactivated) # * instagram - connect to Instagram DMs via instagram.com # - # Remember to change the appservice id, bot profile info, bridge username_template and management_room_text too. + # Remember to change the appservice ID, bot profile info, bridge username_template and management_room_text too. mode: {{ matrix_mautrix_meta_instagram_meta_mode | to_json }} # When in Instagram mode, should the bridge connect to WhatsApp servers for encrypted chats? diff --git a/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 index 74b20aeaa..dbfc69b35 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 @@ -9,7 +9,7 @@ network: # * messenger - connect to FB Messenger via messenger.com (can be used with the facebook side deactivated) # * instagram - connect to Instagram DMs via instagram.com # - # Remember to change the appservice id, bot profile info, bridge username_template and management_room_text too. + # Remember to change the appservice ID, bot profile info, bridge username_template and management_room_text too. mode: {{ matrix_mautrix_meta_messenger_meta_mode | to_json }} # When in Instagram mode, should the bridge connect to WhatsApp servers for encrypted chats? diff --git a/roles/custom/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 b/roles/custom/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 index bfcb4bb36..007a2e87a 100644 --- a/roles/custom/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 +++ b/roles/custom/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 @@ -10,7 +10,7 @@ url: "http://matrix-cactus-comments:{{ matrix_cactus_comments_container_port }}" as_token: {{ matrix_cactus_comments_as_token | to_json }} hs_token: {{ matrix_cactus_comments_hs_token | to_json }} -# The user id of the cactusbot which can be used to register and moderate sites +# The user ID of the cactusbot which can be used to register and moderate sites sender_localpart: "{{ matrix_cactus_comments_user_id }}" namespaces: diff --git a/roles/custom/matrix-dimension/defaults/main.yml b/roles/custom/matrix-dimension/defaults/main.yml index 7629115c5..11bd00d0d 100644 --- a/roles/custom/matrix-dimension/defaults/main.yml +++ b/roles/custom/matrix-dimension/defaults/main.yml @@ -44,7 +44,7 @@ matrix_dimension_systemd_required_services_list_custom: [] # List of systemd services that matrix-dimension.service wants matrix_dimension_systemd_wanted_services_list: [] -# The user and group id correspond to the node user in the `turt2live/matrix-dimension` image. +# The user and group ID correspond to the node user in the `turt2live/matrix-dimension` image. matrix_dimension_user_uid: '1000' matrix_dimension_user_gid: '1000' diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 119f29746..64872e0fd 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -547,9 +547,9 @@ matrix_synapse_auto_join_rooms: [] # automatically if they don't already exist. matrix_synapse_autocreate_auto_join_rooms: true -# The local part of the user id which is used to create auto-join rooms if `matrix_synapse_autocreate_auto_join_rooms` is true. +# The local part of the user ID which is used to create auto-join rooms if `matrix_synapse_autocreate_auto_join_rooms` is true. # Defaults to the initial user account that registers. -# The user id is also used to invite new users to any auto-join rooms which are set to invite-only. +# The user ID is also used to invite new users to any auto-join rooms which are set to invite-only. matrix_synapse_auto_join_mxid_localpart: '' # Controls whether room invites will be accepted on behalf of users. @@ -832,7 +832,7 @@ matrix_synapse_worker_container_labels_traefik_hostname: "{{ matrix_synapse_cont # Controls whether labels will be added that expose metrics (see `matrix_synapse_metrics_proxying_enabled`) matrix_synapse_worker_container_labels_public_metrics_enabled: "{{ matrix_synapse_metrics_enabled and matrix_synapse_metrics_proxying_enabled }}" -# The `__WORKER_ID__` placeholder will be replaced with the actual worker id during label-file generation (see `../templates/worker-labels.j2`). +# The `__WORKER_ID__` placeholder will be replaced with the actual worker ID during label-file generation (see `../templates/worker-labels.j2`). matrix_synapse_worker_container_labels_public_metrics_traefik_path: "{{ matrix_synapse_metrics_proxying_path_prefix }}/worker/__WORKER_ID__" matrix_synapse_worker_container_labels_public_metrics_traefik_rule: "Host(`{{ matrix_synapse_metrics_proxying_hostname }}`) && Path(`{{ matrix_synapse_worker_container_labels_public_metrics_traefik_path }}`)" matrix_synapse_worker_container_labels_public_metrics_traefik_priority: 0 diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 212a37ba5..9bb0bea75 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1531,11 +1531,11 @@ autocreate_auto_join_rooms: {{ matrix_synapse_autocreate_auto_join_rooms|to_json # #autocreate_auto_join_room_preset: private_chat -# The local part of the user id which is used to create auto_join_rooms if +# The local part of the user ID which is used to create auto_join_rooms if # autocreate_auto_join_rooms is true. If this is not provided then the # initial user account that registers will be used to create the rooms. # -# The user id is also used to invite new users to any auto-join rooms which +# The user ID is also used to invite new users to any auto-join rooms which # are set to invite-only. # # It *must* be configured if autocreate_auto_join_room_preset is set to @@ -1728,7 +1728,7 @@ old_signing_keys: # # server_name: the name of the server. required. # -# verify_keys: an optional map from key id to base64-encoded public key. +# verify_keys: an optional map from key ID to base64-encoded public key. # If specified, we will check that the response is signed by at least # one of the given keys. # @@ -1976,7 +1976,7 @@ saml2_config: # issuer: Required. The OIDC issuer. Used to validate tokens and (if discovery # is enabled) to discover the provider's endpoints. # -# client_id: Required. oauth2 client id to use. +# client_id: Required. oauth2 client ID to use. # # client_secret: oauth2 client secret to use. May be omitted if # client_secret_jwt_key is given, or if client_auth_method is 'none'. @@ -2720,10 +2720,10 @@ stats: # # Uncomment this section to enable a room which can be used to send notices # from the server to users. It is a special room which cannot be left; notices -# come from a special "notices" user id. +# come from a special "notices" user ID. # # If you uncomment this section, you *must* define the system_mxid_localpart -# setting, which defines the id of the user which will be used to send the +# setting, which defines the ID of the user which will be used to send the # notices. # # It's also possible to override the room name, the display name of the From c5646712b62052a4fb5793b611b81cbe93bc8c3a Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 14 Oct 2024 23:34:07 +0900 Subject: [PATCH 053/404] Update docs/configuring-playbook-email2matrix.md: fix the anchor link text and add a section for installing Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-email2matrix.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 7fbd49a76..cf170eb81 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -36,7 +36,7 @@ What matters is that both you and the sender user are part of the same room and Inviting additional people to the room is okay too. Take note of each room's room ID (different clients show the room ID in a different place). -You'll need the room ID when doing [Configuration](#configuration) below. +You'll need the room ID when [configuring the playbook](#adjusting-the-playbook-configuration) below. ### Obtaining an access token for the sender user @@ -72,4 +72,8 @@ matrix_email2matrix_matrix_mappings: You can also set `MatrixHomeserverUrl` to the container URL where your homeserver's Client-Server API lives by using the `{{ matrix_addons_homeserver_client_api_url }}` variable, instead of the public `https://matrix.DOMAIN` endpoint. -Re-run the playbook (`--tags=setup-email2matrix,start`) and try sending an email to `my-mailbox@matrix.DOMAIN`. +## Installing + +To enable Email2Matrix, run the [installation](installing.md) command (`--tags=setup-email2matrix,start`). + +After installation, you may wish to send a test email to `my-mailbox@matrix.DOMAIN` to make sure that Email2Matrix works as expected. From 08dfa094ea2cc81ce0d9daf1eecc5eaf2d6a7058 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 14 Oct 2024 23:35:51 +0900 Subject: [PATCH 054/404] Update docs/configuring-playbook-email2matrix.md: adjust line breaks Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-email2matrix.md | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index cf170eb81..5612edd23 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -1,7 +1,6 @@ # Setting up Email2Matrix (optional) -**Note**: email bridging can also happen via the [Postmoogle](configuring-playbook-bot-postmoogle.md) bot supported by the playbook. -Postmoogle is much more powerful and easier to use, so we recommend that you use it, instead of Email2Matrix. +**Note**: email bridging can also happen via the [Postmoogle](configuring-playbook-bot-postmoogle.md) bot supported by the playbook. Postmoogle is much more powerful and easier to use, so we recommend that you use it, instead of Email2Matrix. The playbook can install and configure [email2matrix](https://github.com/devture/email2matrix) for you. @@ -17,27 +16,26 @@ It's not strictly necessary, but you may increase the chances that incoming emai ### Port availability Ensure that port 25 is available on your Matrix server and open in your firewall. + If you have `postfix` or some other email server software installed, you may need to manually remove it first (unless you need it, of course). If you really need to run an email server on the Matrix machine for other purposes, it may be possible to run Email2Matrix on another port (with a configuration like `matrix_email2matrix_smtp_host_bind_port: "127.0.0.01:2525"`) and have your other email server relay messages there. + For details about using Email2Matrix alongside [Postfix](http://www.postfix.org/), see [here](https://github.com/devture/email2matrix/blob/master/docs/setup_with_postfix.md). ### Creating a user -Before enabling Email2Matrix, you'd most likely wish to create a dedicated user (or more) that would be sending messages on the Matrix side. -Refer to [Registering users](registering-users.md) for ways to do that. A regular (non-admin) user works best. +Before enabling Email2Matrix, you'd most likely wish to create a dedicated user (or more) that would be sending messages on the Matrix side. Refer to [Registering users](registering-users.md) for ways to do that. A regular (non-admin) user works best. ### Creating a shared room -After creating a sender user, you should create one or more Matrix rooms that you share with that user. -It doesn't matter who creates and owns the rooms and who joins later (you or the sender user). +After creating a sender user, you should create one or more Matrix rooms that you share with that user. It doesn't matter who creates and owns the rooms and who joins later (you or the sender user). What matters is that both you and the sender user are part of the same room and that the sender user has enough privileges in the room to be able to send messages there. + Inviting additional people to the room is okay too. -Take note of each room's room ID (different clients show the room ID in a different place). -You'll need the room ID when [configuring the playbook](#adjusting-the-playbook-configuration) below. - +Take note of each room's room ID (different clients show the room ID in a different place). You'll need the room ID when [configuring the playbook](#adjusting-the-playbook-configuration) below. ### Obtaining an access token for the sender user From d9dd462db06a18a47c1c0f19106137b99599807b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 16 Oct 2024 07:14:48 +0000 Subject: [PATCH 055/404] Update docker.io/metio/matrix-alertmanager-receiver Docker tag to v2024.10.16 --- roles/custom/matrix-alertmanager-receiver/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml index cf53828a5..ee23b09b7 100644 --- a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml +++ b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml @@ -6,7 +6,7 @@ matrix_alertmanager_receiver_enabled: true # renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver -matrix_alertmanager_receiver_version: 2024.10.2 +matrix_alertmanager_receiver_version: 2024.10.16 matrix_alertmanager_receiver_scheme: https From 30a01ce35421ee5c4c02915682d715196d9760c3 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 16 Oct 2024 11:12:26 +0000 Subject: [PATCH 056/404] Update ajbura/cinny Docker tag to v4.2.2 --- roles/custom/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-cinny/defaults/main.yml b/roles/custom/matrix-client-cinny/defaults/main.yml index 302ed47e5..d48cdcf9c 100644 --- a/roles/custom/matrix-client-cinny/defaults/main.yml +++ b/roles/custom/matrix-client-cinny/defaults/main.yml @@ -7,7 +7,7 @@ matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" # renovate: datasource=docker depName=ajbura/cinny -matrix_client_cinny_version: v4.2.1 +matrix_client_cinny_version: v4.2.2 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From 3405dd9ec8365ebaf138c7d3e58dc7ea76e00aaf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 16 Oct 2024 11:12:35 +0000 Subject: [PATCH 057/404] Update dock.mau.dev/mautrix/gmessages Docker tag to v0.5.1 --- roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml index b694c82a3..d541fa117 100644 --- a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_gmessages_container_image_self_build_repo: "https://github.com/ma matrix_mautrix_gmessages_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_gmessages_version == 'latest' else matrix_mautrix_gmessages_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/gmessages -matrix_mautrix_gmessages_version: v0.5.0 +matrix_mautrix_gmessages_version: v0.5.1 # See: https://mau.dev/mautrix/gmessages/container_registry matrix_mautrix_gmessages_docker_image: "{{ matrix_mautrix_gmessages_docker_image_name_prefix }}mautrix/gmessages:{{ matrix_mautrix_gmessages_version }}" From 66c60d569183976b024dfdb9d497bcd85d5b9e7e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 16 Oct 2024 14:09:54 +0000 Subject: [PATCH 058/404] Update dock.mau.dev/mautrix/meta Docker tag to v0.4.1 --- .../matrix-bridge-mautrix-meta-instagram/defaults/main.yml | 2 +- .../matrix-bridge-mautrix-meta-messenger/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml index b2b0e02a0..33d16a94a 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml @@ -13,7 +13,7 @@ matrix_mautrix_meta_instagram_enabled: true matrix_mautrix_meta_instagram_identifier: matrix-mautrix-meta-instagram # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta -matrix_mautrix_meta_instagram_version: v0.4.0 +matrix_mautrix_meta_instagram_version: v0.4.1 matrix_mautrix_meta_instagram_base_path: "{{ matrix_base_data_path }}/mautrix-meta-instagram" matrix_mautrix_meta_instagram_config_path: "{{ matrix_mautrix_meta_instagram_base_path }}/config" diff --git a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml index c4abf337c..7c99f5d33 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml @@ -13,7 +13,7 @@ matrix_mautrix_meta_messenger_enabled: true matrix_mautrix_meta_messenger_identifier: matrix-mautrix-meta-messenger # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta -matrix_mautrix_meta_messenger_version: v0.4.0 +matrix_mautrix_meta_messenger_version: v0.4.1 matrix_mautrix_meta_messenger_base_path: "{{ matrix_base_data_path }}/mautrix-meta-messenger" matrix_mautrix_meta_messenger_config_path: "{{ matrix_mautrix_meta_messenger_base_path }}/config" From a049859343ccf80670fae152cbf4253c07b83611 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 16 Oct 2024 14:09:59 +0000 Subject: [PATCH 059/404] Update dock.mau.dev/mautrix/slack Docker tag to v0.1.2 --- roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml index 1efabf6e3..b4d55b2fc 100644 --- a/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_slack_container_image_self_build_repo: "https://mau.dev/mautrix/s matrix_mautrix_slack_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_slack_version == 'latest' else matrix_mautrix_slack_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/slack -matrix_mautrix_slack_version: v0.1.1 +matrix_mautrix_slack_version: v0.1.2 # See: https://mau.dev/mautrix/slack/container_registry matrix_mautrix_slack_docker_image: "{{ matrix_mautrix_slack_docker_image_name_prefix }}mautrix/slack:{{ matrix_mautrix_slack_version }}" matrix_mautrix_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_slack_container_image_self_build else 'dock.mau.dev/' }}" From c400b87c79e94f041fadcbc63240ba74d041f37b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 16 Oct 2024 16:13:07 +0000 Subject: [PATCH 060/404] Update dock.mau.dev/mautrix/signal Docker tag to v0.7.2 --- roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml index 72e1ae830..b6265598b 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/ matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/signal -matrix_mautrix_signal_version: v0.7.1 +matrix_mautrix_signal_version: v0.7.2 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_name_prefix }}mautrix/signal:{{ matrix_mautrix_signal_docker_image_tag }}" From 2f9403baeea0bb5dff9dae796c794c7da0b91d8c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 15 Oct 2024 00:33:23 +0900 Subject: [PATCH 061/404] Update docs/configuring-playbook-etherpad.md: edit comment block for configuration Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-etherpad.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 34d16fd92..11925c3a0 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -35,9 +35,9 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ```yaml etherpad_enabled: true -# Uncomment below to enable the admin web UI -# etherpad_admin_username: admin -# etherpad_admin_password: some-password +# Uncomment and adjust if you'd like to enable the admin web UI +# etherpad_admin_username: YOUR_USERNAME_HERE +# etherpad_admin_password: YOUR_PASSWORD_HERE ``` ## Installing From fbd4a48709f1560c9165bfa3252968218a437e7e Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 02:22:51 +0900 Subject: [PATCH 062/404] Update docs/configuring-playbook-etherpad.md: add line breaks Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-etherpad.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 11925c3a0..9ba52ed66 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -68,6 +68,7 @@ To integrate a standalone etherpad in a room, create your pad by visiting `https ### Set Dimension default to the self-hosted Etherpad (optional) If you decided to install [Dimension integration manager](configuring-playbook-dimension.md) alongside Etherpad, the Dimension administrator users can configure the default URL template. + The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. @@ -81,4 +82,5 @@ Example: `https://etherpad./p/$roomId_$padName?showChat=false` ## Known issues If your Etherpad widget fails to load, this might be due to Dimension generating a Pad name so long, the Etherpad app rejects it. + `$roomId_$padName` can end up being longer than 50 characters. You can avoid having this problem by altering the template so it only contains the three word random identifier `$padName`. From 844d8ef4c34b3b429d94f1257dbdc9dc12f76d6d Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 15 Oct 2024 01:05:33 +0900 Subject: [PATCH 063/404] =?UTF-8?q?Fix=20capitalization:=20etherpad=20?= =?UTF-8?q?=E2=86=92=20Etherpad?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-dns.md | 2 +- docs/configuring-playbook-etherpad.md | 2 +- roles/custom/matrix-base/defaults/main.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 70ac3517d..c6c18d24d 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -71,7 +71,7 @@ The `sygnal.` subdomain may be necessary, because this playbook cou The `ntfy.` subdomain may be necessary, because this playbook could install the [ntfy](https://ntfy.sh/) UnifiedPush-compatible push notifications server. The installation of ntfy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring ntfy guide](configuring-playbook-ntfy.md). If you do not wish to set up ntfy, feel free to skip the `ntfy.` DNS record. -The `etherpad.` subdomain may be necessary, because this playbook could install the [Etherpad](https://etherpad.org/) a highly customizable open source online editor providing collaborative editing in really real-time. The installation of etherpad is disabled by default, it is not a core required component. To learn how to install it, see our [configuring etherpad guide](configuring-playbook-etherpad.md). If you do not wish to set up etherpad, feel free to skip the `etherpad.` DNS record. +The `etherpad.` subdomain may be necessary, because this playbook could install the [Etherpad](https://etherpad.org/) a highly customizable open source online editor providing collaborative editing in really real-time. The installation of Etherpad is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Etherpad guide](configuring-playbook-etherpad.md). If you do not wish to set up Etherpad, feel free to skip the `etherpad.` DNS record. The `hydrogen.` subdomain may be necessary, because this playbook could install the [Hydrogen](https://github.com/element-hq/hydrogen-web) web client. The installation of Hydrogen is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Hydrogen guide](configuring-playbook-client-hydrogen.md). If you do not wish to set up Hydrogen, feel free to skip the `hydrogen.` DNS record. diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 9ba52ed66..a32125773 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -62,7 +62,7 @@ Then from the plugin manager page (`https://etherpad./admin/plugins This is how it works in Element, it might work quite similar with other clients: -To integrate a standalone etherpad in a room, create your pad by visiting `https://etherpad.DOMAIN`. When the pad opens, copy the URL and send a command like this to the room: `/addwidget URL`. You will then find your integrated Etherpad within the right sidebar in the `Widgets` section. +To integrate a standalone Etherpad in a room, create your pad by visiting `https://etherpad.DOMAIN`. When the pad opens, copy the URL and send a command like this to the room: `/addwidget URL`. You will then find your integrated Etherpad within the right sidebar in the `Widgets` section. ### Set Dimension default to the self-hosted Etherpad (optional) diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 3b82d941e..5dce05582 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -86,7 +86,7 @@ matrix_server_fqn_buscarron: "buscarron.{{ matrix_domain }}" # This is where you access the Dimension. matrix_server_fqn_dimension: "dimension.{{ matrix_domain }}" -# This is where you access the etherpad (if enabled via etherpad_enabled; disabled by default). +# This is where you access the Etherpad (if enabled via etherpad_enabled; disabled by default). matrix_server_fqn_etherpad: "etherpad.{{ matrix_domain }}" # For use with Go-NEB! (github callback url for example) From 9ff0a5c34fa2d51d5994616441fcafe1aaa7cccd Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 14 Oct 2024 14:42:02 +0900 Subject: [PATCH 064/404] Use a common expression for suggesting to uncomment and adjust configuration Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-baibot.md | 4 ++-- docs/configuring-playbook-bot-honoroit.md | 2 +- docs/configuring-playbook-cactus-comments.md | 2 +- docs/configuring-playbook-etherpad.md | 2 +- docs/configuring-playbook-jitsi.md | 4 ++-- docs/configuring-playbook-ntfy.md | 3 +-- docs/configuring-playbook-own-webserver.md | 4 ++-- docs/configuring-playbook-synapse-auto-accept-invite.md | 2 +- 8 files changed, 11 insertions(+), 12 deletions(-) diff --git a/docs/configuring-playbook-bot-baibot.md b/docs/configuring-playbook-bot-baibot.md index bbc537e11..632242d3c 100644 --- a/docs/configuring-playbook-bot-baibot.md +++ b/docs/configuring-playbook-bot-baibot.md @@ -186,7 +186,7 @@ matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_m # or you can adjust it below only for the Groq agent. # matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_prompt: "{{ matrix_bot_baibot_config_agents_static_definitions_prompt }}" -# Uncomment and adjust if you're not happy with these speech-to-text defaults: +# Uncomment and adjust this part if you're not happy with these speech-to-text defaults: # # matrix_bot_baibot_config_agents_static_definitions_groq_config_speech_to_text_enabled: true # matrix_bot_baibot_config_agents_static_definitions_groq_config_speech_to_text_model_id: whisper-large-v3 @@ -217,7 +217,7 @@ matrix_bot_baibot_config_agents_static_definitions_mistral_config_api_key: "YOUR # or you can adjust it below only for the Mistral agent. # matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_prompt: "{{ matrix_bot_baibot_config_agents_static_definitions_prompt }}" -# Uncomment and adjust if you're not happy with these defaults: +# Uncomment and adjust this part if you're not happy with these defaults: # matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_model_id: mistral-large-latest # See `defaults/main.yml` in the baibot role for more configuration options. diff --git a/docs/configuring-playbook-bot-honoroit.md b/docs/configuring-playbook-bot-honoroit.md index b64144ab5..459f7be4d 100644 --- a/docs/configuring-playbook-bot-honoroit.md +++ b/docs/configuring-playbook-bot-honoroit.md @@ -14,7 +14,7 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_bot_honoroit_enabled: true -# Uncomment and adjust if you'd like to change the hostname or path +# Uncomment and adjust this part if you'd like to use a hostname or path different than the default # matrix_bot_honoroit_hostname: "{{ matrix_server_fqn_matrix }}" # matrix_bot_honoroit_path_prefix: /honoroit diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index f81003fc6..66d1c8369 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -38,7 +38,7 @@ matrix_cactus_comments_enabled: true # but we explicitly enable it here. matrix_cactus_comments_client_enabled: true -# Uncomment and adjust if you'd like to host the client assets at a different location. +# Uncomment and adjust this part if you'd like to host the client assets at a different location. # These variables are only make used if (`matrix_cactus_comments_client_enabled: true`) # matrix_cactus_comments_client_hostname: "{{ matrix_server_fqn_matrix }}" # matrix_cactus_comments_client_path_prefix: /cactus-comments diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index a32125773..08ec29243 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -35,7 +35,7 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ```yaml etherpad_enabled: true -# Uncomment and adjust if you'd like to enable the admin web UI +# Uncomment and adjust this part if you'd like to enable the admin web UI # etherpad_admin_username: YOUR_USERNAME_HERE # etherpad_admin_password: YOUR_PASSWORD_HERE ``` diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 6bbad186d..8c382bf60 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -24,10 +24,10 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml jitsi_enabled: true -# Uncomment and adjust if you need to use another hostname +# Uncomment and adjust this part if you'd like to use a hostname different than the default # jitsi_hostname: "jitsi.{{ matrix_domain }}" -# Uncomment and possible adjust if you'd like to host under a subpath +# Uncomment and possible adjust this part if you'd like to host under a subpath # jitsi_path_prefix: /jitsi ``` diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index e0f629efd..7f5252cc1 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -17,8 +17,7 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. # Enabling it is the only required setting ntfy_enabled: true -# This is the default hostname. -# Uncomment the line below and change it, if you'd like. +# Uncomment and adjust this part if you'd like to use a hostname different than the default # matrix_server_fqn_ntfy: "ntfy.{{ matrix_domain }}" # Uncomment to enable the ntfy web app (disabled by default) diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index a02693608..cb20f57ee 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -32,7 +32,7 @@ Traefik will manage SSL certificates for all services seamlessly. ```yaml matrix_playbook_reverse_proxy_type: other-traefik-container -# Uncomment and adjust if your Traefik container is on another network +# Uncomment and adjust this part if your Traefik container is on another network # matrix_playbook_reverse_proxy_container_network: traefik # Adjust to point to your Traefik container @@ -40,7 +40,7 @@ matrix_playbook_reverse_proxy_hostname: name-of-your-traefik-container traefik_certs_dumper_ssl_dir_path: "/path/to/your/traefiks/acme.json/directory" -# Uncomment and tweak the variable below if the name of your federation entrypoint is different +# Uncomment and adjust the variable below if the name of your federation entrypoint is different # than the default value (matrix-federation). # matrix_federation_traefik_entrypoint_name: matrix-federation ``` diff --git a/docs/configuring-playbook-synapse-auto-accept-invite.md b/docs/configuring-playbook-synapse-auto-accept-invite.md index f7bb35c17..057d79d70 100644 --- a/docs/configuring-playbook-synapse-auto-accept-invite.md +++ b/docs/configuring-playbook-synapse-auto-accept-invite.md @@ -38,7 +38,7 @@ Here's example configuration for using the **native** Synapse feature: ```yml matrix_synapse_auto_accept_invites_enabled: true -# Default settings below. Uncomment and adjust if necessary. +# Default settings below. Uncomment and adjust this part if necessary. # matrix_synapse_auto_accept_invites_only_for_direct_messages: false # matrix_synapse_auto_accept_invites_only_from_local_users: false From 9b76a86daf47852e893a40e32440f6ec63113868 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 11 Oct 2024 21:18:03 +0900 Subject: [PATCH 065/404] Use a common expression for password setting Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-baibot.md | 2 +- docs/configuring-playbook-matrix-registration.md | 2 +- docs/configuring-playbook-shared-secret-auth.md | 5 ++--- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/docs/configuring-playbook-bot-baibot.md b/docs/configuring-playbook-bot-baibot.md index 632242d3c..1832ef42b 100644 --- a/docs/configuring-playbook-bot-baibot.md +++ b/docs/configuring-playbook-bot-baibot.md @@ -46,7 +46,7 @@ matrix_bot_baibot_enabled: true matrix_bot_baibot_config_user_password: 'PASSWORD_FOR_THE_BOT' # An optional passphrase to use for backing up and recovering the bot's encryption keys. -# You can use any string here. Consider generating it with `pwgen -s 64 1`. +# You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`). # # If set to null, the recovery module will not be used and losing your session/database # will mean you lose access to old messages in encrypted room. diff --git a/docs/configuring-playbook-matrix-registration.md b/docs/configuring-playbook-matrix-registration.md index f708dc4d2..890c23273 100644 --- a/docs/configuring-playbook-matrix-registration.md +++ b/docs/configuring-playbook-matrix-registration.md @@ -24,7 +24,7 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_registration_enabled: true -# Generate a strong secret using: `pwgen -s 64 1`. +# Generate a strong secret here. Consider generating it with `pwgen -s 64 1` matrix_registration_admin_secret: "ENTER_SOME_SECRET_HERE" ``` diff --git a/docs/configuring-playbook-shared-secret-auth.md b/docs/configuring-playbook-shared-secret-auth.md index b0b0e99d9..542cd3cee 100644 --- a/docs/configuring-playbook-shared-secret-auth.md +++ b/docs/configuring-playbook-shared-secret-auth.md @@ -10,12 +10,11 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_synapse_ext_password_provider_shared_secret_auth_enabled: true + +# Generate a strong shared secret here. Consider generating it with `pwgen -s 64 1` matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: YOUR_SHARED_SECRET_GOES_HERE ``` -You can generate a strong shared secret with a command like this: `pwgen -s 64 1` - - ## Authenticating only using a password provider If you wish for users to **authenticate only against configured password providers** (like this one), **without consulting Synapse's local database**, feel free to disable it: From a874d5f91879d33cb3925c21c117a8fbc03deb77 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 14:47:40 +0900 Subject: [PATCH 066/404] Update docs/configuring-playbook-external-postgres.md: remove a duplicate sentence Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-external-postgres.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/docs/configuring-playbook-external-postgres.md b/docs/configuring-playbook-external-postgres.md index f5774a340..3fe5c0776 100644 --- a/docs/configuring-playbook-external-postgres.md +++ b/docs/configuring-playbook-external-postgres.md @@ -3,11 +3,9 @@ By default, this playbook would set up a PostgreSQL database server on your machine, running in a Docker container. If that's alright, you can skip this. -If you'd like to use an external PostgreSQL server that you manage, you can edit your configuration file (`inventory/host_vars/matrix./vars.yml`). - **Note**: using **an external Postgres server is currently [not very seamless](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1682#issuecomment-1061461683) when it comes to enabling various other playbook services** - you will need to create a new database/credentials for each service and to point each service to its corresponding database using custom `vars.yml` configuration. **For the best experience with the playbook, stick to using the integrated Postgres server**. -If you'd like to use an external Postgres server, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +If you'd like to use an external Postgres server that you manage, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): ```yaml postgres_enabled: false From 3d7cef049004127d93cd30ab482c8a433394f6ba Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 10 Oct 2024 22:37:09 +0900 Subject: [PATCH 067/404] Update docs/configuring-playbook-bot-postmoogle.md: add "bots" to the comment Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-postmoogle.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 870325f25..4a794f9b9 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -41,7 +41,7 @@ matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT # matrix_bot_postmoogle_admins: # - '@yourAdminAccount:domain.com' # -# .. unless you've made yourself an admin of all bridges like this: +# .. unless you've made yourself an admin of all bots/bridges like this: # # matrix_admin: '@yourAdminAccount:domain.com' ``` From b7b2fe7fedc590e252336b30d97ecdb604b7d981 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 16 Oct 2024 04:13:18 +0900 Subject: [PATCH 068/404] Use a common expression to suggest to skip the document Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-client-element.md | 3 +-- docs/configuring-playbook-external-postgres.md | 3 +-- docs/configuring-playbook-own-webserver.md | 4 +--- docs/configuring-playbook-s3.md | 3 +-- docs/configuring-playbook-synapse.md | 3 +-- 5 files changed, 5 insertions(+), 11 deletions(-) diff --git a/docs/configuring-playbook-client-element.md b/docs/configuring-playbook-client-element.md index 01fb06ba7..1e4ef79e5 100644 --- a/docs/configuring-playbook-client-element.md +++ b/docs/configuring-playbook-client-element.md @@ -1,7 +1,6 @@ # Configuring Element (optional) -By default, this playbook installs the [Element](https://github.com/element-hq/element-web) Matrix web client for you. -If that's okay, you can skip this document. +By default, this playbook installs the [Element](https://github.com/element-hq/element-web) Matrix web client for you. If that's okay, you can skip this document. ## Disabling Element diff --git a/docs/configuring-playbook-external-postgres.md b/docs/configuring-playbook-external-postgres.md index 3fe5c0776..2dc591b3a 100644 --- a/docs/configuring-playbook-external-postgres.md +++ b/docs/configuring-playbook-external-postgres.md @@ -1,7 +1,6 @@ # Using an external PostgreSQL server (optional) -By default, this playbook would set up a PostgreSQL database server on your machine, running in a Docker container. -If that's alright, you can skip this. +By default, this playbook would set up a PostgreSQL database server on your machine, running in a Docker container. If that's okay, you can skip this document. **Note**: using **an external Postgres server is currently [not very seamless](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1682#issuecomment-1061461683) when it comes to enabling various other playbook services** - you will need to create a new database/credentials for each service and to point each service to its corresponding database using custom `vars.yml` configuration. **For the best experience with the playbook, stick to using the integrated Postgres server**. diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index cb20f57ee..f7d1ab9d8 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -1,8 +1,6 @@ # Using your own webserver, instead of this playbook's Traefik reverse-proxy (optional, advanced) -By default, this playbook installs its own [Traefik](https://traefik.io/) reverse-proxy server (in a Docker container) which listens on ports 80 and 443. - -If that's alright, you can skip this. +By default, this playbook installs its own [Traefik](https://traefik.io/) reverse-proxy server (in a Docker container) which listens on ports 80 and 443. If that's okay, you can skip this document. ## Traefik diff --git a/docs/configuring-playbook-s3.md b/docs/configuring-playbook-s3.md index f73aa7012..48f44883d 100644 --- a/docs/configuring-playbook-s3.md +++ b/docs/configuring-playbook-s3.md @@ -1,7 +1,6 @@ # Storing Synapse media files on Amazon S3 or another compatible Object Storage (optional) -By default, this playbook configures your server to store Synapse's content repository (`media_store`) files on the local filesystem. -If that's alright, you can skip this. +By default, this playbook configures your server to store Synapse's content repository (`media_store`) files on the local filesystem. If that's okay, you can skip this document. As an alternative to storing media files on the local filesystem, you can store them on [Amazon S3](https://aws.amazon.com/s3/) or another S3-compatible object store. diff --git a/docs/configuring-playbook-synapse.md b/docs/configuring-playbook-synapse.md index 9802fc093..60f764bc7 100644 --- a/docs/configuring-playbook-synapse.md +++ b/docs/configuring-playbook-synapse.md @@ -1,7 +1,6 @@ # Configuring Synapse (optional) -By default, this playbook configures the [Synapse](https://github.com/element-hq/synapse) Matrix server, so that it works for the general case. -If that's enough for you, you can skip this document. +By default, this playbook configures the [Synapse](https://github.com/element-hq/synapse) Matrix server, so that it works for the general case. If that's okay, you can skip this document. The playbook provides lots of customization variables you could use to change Synapse's settings. From b9ba9a8ba3791f5f32c7d277fe74e822b673c4b0 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 11 Oct 2024 04:01:07 +0900 Subject: [PATCH 069/404] Move colons outside of asterisks Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-maubot.md | 6 +++--- docs/configuring-playbook-cactus-comments.md | 2 +- docs/configuring-playbook-jitsi.md | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index a35bc739d..f90dd6bf3 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -41,9 +41,9 @@ After configuring the playbook, run the [installation](installing.md) command: ` You can visit `matrix./_matrix/maubot/` to manage your available plugins, clients and instances. You should start in the following order -1. **Create one or more clients:** A client is a matrix account which the bot will use to message. By default, the playbook creates a `bot.maubot` account (as per the configuration above). You only need to [obtain an access token](#obtaining-an-access-token) for it -2. **Upload some Plugins:** Plugins can be obtained from [here](https://github.com/maubot/maubot#plugins) or any other source. -3. **Create an instance:** An instance is the actual bot. You have to specify a client which the bot instance will use +1. **Create one or more clients**: A client is a matrix account which the bot will use to message. By default, the playbook creates a `bot.maubot` account (as per the configuration above). You only need to [obtain an access token](#obtaining-an-access-token) for it +2. **Upload some Plugins**: Plugins can be obtained from [here](https://github.com/maubot/maubot#plugins) or any other source. +3. **Create an instance**: An instance is the actual bot. You have to specify a client which the bot instance will use and the plugin (how the bot will behave) ## Obtaining an access token diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index 66d1c8369..263406242 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -56,7 +56,7 @@ To get started, send a `help` message to the `@bot.cactusbot:your-homeserver.com Then, register a site by typing: `register `. You will then be invited into a moderation room. Now you are good to go and can include the comment section on your website! -**Careful:** To really make use of self-hosting you need change a few things in comparison to the official docs! +**Careful**: To really make use of self-hosting you need change a few things in comparison to the official docs! Insert the following snippet into you page and make sure to replace `example.com` with your base domain! diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 8c382bf60..ce2280914 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -61,7 +61,7 @@ jitsi_prosody_auth_internal_accounts: password: "another-password" ``` -**Caution:** Accounts added here and subsequently removed will not be automatically removed from the Prosody server until user account cleaning is integrated into the playbook. +**Caution**: Accounts added here and subsequently removed will not be automatically removed from the Prosody server until user account cleaning is integrated into the playbook. **If you get an error** like this: "Error: Account creation/modification not supported.", it's likely that you had previously installed Jitsi without auth/guest support. In such a case, you should look into [Rebuilding your Jitsi installation](#rebuilding-your-jitsi-installation). @@ -268,7 +268,7 @@ To enable Gravatar set: jitsi_disable_gravatar: false ``` -**Beware:** This leaks information to a third party, namely the Gravatar-Service (unless configured otherwise: gravatar.com). +**Beware**: This leaks information to a third party, namely the Gravatar-Service (unless configured otherwise: gravatar.com). Besides metadata, this includes the matrix user_id and possibly the room identifier (via `referrer` header). ## Installing From e961e1b43d9082bad04940231e551510262d2a78 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 14:20:26 +0900 Subject: [PATCH 070/404] Update Email2Matrix documentation and its default configuration file - Sync list of mailbox to Matrix mappings - Add explanation for each variable Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-email2matrix.md | 35 ++++++++++++------- .../matrix-email2matrix/defaults/main.yml | 16 +++++---- 2 files changed, 33 insertions(+), 18 deletions(-) diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 5612edd23..c410de559 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -49,29 +49,40 @@ After doing the preparation steps above, add the following configuration to your matrix_email2matrix_enabled: true matrix_email2matrix_matrix_mappings: - - MailboxName: "my-mailbox" - MatrixRoomId: "!someRoom:DOMAIN" - MatrixHomeserverUrl: "https://matrix.DOMAIN" - MatrixUserId: "@email2matrix:DOMAIN" - MatrixAccessToken: "ACCESS_TOKEN_GOES_HERE" + - MailboxName: "mailbox1" + MatrixRoomId: "!someRoom:{{ matrix_domain }}" + MatrixHomeserverUrl: "{{ matrix_homeserver_url }}" + MatrixUserId: "@email2matrix:{{ matrix_domain }}" + MatrixAccessToken: "MATRIX_ACCESS_TOKEN_HERE" IgnoreSubject: false IgnoreBody: false SkipMarkdown: false - - MailboxName: "my-mailbox2" - MatrixRoomId: "!anotherRoom:DOMAIN" - MatrixHomeserverUrl: "https://matrix.DOMAIN" - MatrixUserId: "@email2matrix:DOMAIN" - MatrixAccessToken: "ACCESS_TOKEN_GOES_HERE" + - MailboxName: "mailbox2" + MatrixRoomId: "!anotherRoom:{{ matrix_domain }}" + MatrixHomeserverUrl: "{{ matrix_homeserver_url }}" + MatrixUserId: "@email2matrix:{{ matrix_domain }}" + MatrixAccessToken: "MATRIX_ACCESS_TOKEN_HERE" IgnoreSubject: true IgnoreBody: false SkipMarkdown: true ``` -You can also set `MatrixHomeserverUrl` to the container URL where your homeserver's Client-Server API lives by using the `{{ matrix_addons_homeserver_client_api_url }}` variable, instead of the public `https://matrix.DOMAIN` endpoint. +where: + +* MailboxName - local-part of the email address, through which emails are bridged to the room whose ID is defined with MatrixRoomId +* MatrixRoomId - internal ID of the room, to which received emails are sent as Matrix message +* MatrixHomeserverUrl - URL of your Matrix homeserver, through which to send Matrix messages. You can also set `MatrixHomeserverUrl` to the container URL where your homeserver's Client-Server API lives by using the `{{ matrix_addons_homeserver_client_api_url }}` variable +* MatrixUserId - the full ID of the sender user which sends bridged messages to the room +* MatrixAccessToken - sender user's access token +* IgnoreSubject - if set to "true", the subject is not bridged to Matrix +* IgnoreBody - if set to "true", the message body is not bridged to Matrix +* SkipMarkdown - if set to "true", emails are bridged as plain text Matrix message instead of Markdown (actually HTML) + +Refer to the official documentation [here](https://github.com/devture/email2matrix/blob/master/docs/configuration.md). ## Installing To enable Email2Matrix, run the [installation](installing.md) command (`--tags=setup-email2matrix,start`). -After installation, you may wish to send a test email to `my-mailbox@matrix.DOMAIN` to make sure that Email2Matrix works as expected. +After installation, you may wish to send a test email to the email address assigned to `mailbox1` (default: `mailbox1@matrix.DOMAIN`) to make sure that Email2Matrix works as expected. diff --git a/roles/custom/matrix-email2matrix/defaults/main.yml b/roles/custom/matrix-email2matrix/defaults/main.yml index d05eb6d43..2c3f09629 100644 --- a/roles/custom/matrix-email2matrix/defaults/main.yml +++ b/roles/custom/matrix-email2matrix/defaults/main.yml @@ -46,18 +46,22 @@ matrix_email2matrix_smtp_hostname: "{{ matrix_server_fqn_matrix }}" # Example: # matrix_email2matrix_matrix_mappings: # - MailboxName: "mailbox1" -# MatrixRoomId: "!bpcwlxIUxVvvgXcbjy:example.com" +# MatrixRoomId: "!someRoom:{{ matrix_domain }}" # MatrixHomeserverUrl: "{{ matrix_homeserver_url }}" -# MatrixUserId": "@email2matrix:{{ matrix_domain }}" -# MatrixAccessToken": "TOKEN_HERE" +# MatrixUserId: "@email2matrix:{{ matrix_domain }}" +# MatrixAccessToken: "MATRIX_ACCESS_TOKEN_HERE" # IgnoreSubject: false +# IgnoreBody: false +# SkipMarkdown: false # # - MailboxName: "mailbox2" -# MatrixRoomId: "!another:example.com" +# MatrixRoomId: "!anotherRoom:{{ matrix_domain }}" # MatrixHomeserverUrl: "{{ matrix_homeserver_url }}" -# MatrixUserId": "@email2matrix:{{ matrix_domain }}" -# MatrixAccessToken": "TOKEN_HERE" +# MatrixUserId: "@email2matrix:{{ matrix_domain }}" +# MatrixAccessToken: "MATRIX_ACCESS_TOKEN_HERE" # IgnoreSubject: true +# IgnoreBody: false +# SkipMarkdown: true matrix_email2matrix_matrix_mappings: [] matrix_email2matrix_misc_debug: false From bf8bbdd5ba41032935952f6f7a587a6de4ebea7d Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 15 Oct 2024 18:33:19 +0900 Subject: [PATCH 071/404] Remove whitespace characters from the comment block Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-client-cinny.md | 2 +- docs/configuring-playbook-client-hydrogen.md | 2 +- docs/configuring-playbook-client-schildichat.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-client-cinny.md b/docs/configuring-playbook-client-cinny.md index a3db9bc4c..bcecff2d7 100644 --- a/docs/configuring-playbook-client-cinny.md +++ b/docs/configuring-playbook-client-cinny.md @@ -13,7 +13,7 @@ for `cinny`. See [Configuring DNS](configuring-dns.md). If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (changing it to use your preferred domain): ```yaml - matrix_server_fqn_cinny: "app.{{ matrix_domain }}" +matrix_server_fqn_cinny: "app.{{ matrix_domain }}" ``` ## Adjusting the playbook configuration diff --git a/docs/configuring-playbook-client-hydrogen.md b/docs/configuring-playbook-client-hydrogen.md index c840efad9..28ddb900a 100644 --- a/docs/configuring-playbook-client-hydrogen.md +++ b/docs/configuring-playbook-client-hydrogen.md @@ -13,7 +13,7 @@ for `hydrogen`. See [Configuring DNS](configuring-dns.md). If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (changing it to use your preferred domain): ```yaml - matrix_server_fqn_hydrogen: "helium.{{ matrix_domain }}" +matrix_server_fqn_hydrogen: "helium.{{ matrix_domain }}" ``` ## Adjusting the playbook configuration diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat.md index 856e71c13..81fe411d1 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat.md @@ -15,7 +15,7 @@ for `schildichat`. See [Configuring DNS](configuring-dns.md). If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (changing it to use your preferred domain): ```yaml - matrix_server_fqn_schildichat: "sc.{{ matrix_domain }}" +matrix_server_fqn_schildichat: "sc.{{ matrix_domain }}" ``` ## Adjusting the playbook configuration From 0b688eb9491a64f1a0a34e012c68a8158b974109 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 18:45:47 +0900 Subject: [PATCH 072/404] Update docs/configuring-playbook-external-postgres.md: minor changes Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-external-postgres.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-external-postgres.md b/docs/configuring-playbook-external-postgres.md index 2dc591b3a..b8c8f8eb9 100644 --- a/docs/configuring-playbook-external-postgres.md +++ b/docs/configuring-playbook-external-postgres.md @@ -17,11 +17,10 @@ matrix_synapse_database_database: "your-postgres-server-database-name" # Rewire any other service (each `matrix-*` role) you may wish to use to use your external Postgres server. # Each service expects to have its own dedicated database on the Postgres server -# and uses its own variable names (see `roles/custom/matrix-*/defaults/main.yml) for configuring Postgres connectivity. +# and uses its own variable names (see `roles/custom/matrix-*/defaults/main.yml`) for configuring Postgres connectivity. ``` -The database (as specified in `matrix_synapse_database_database`) must exist and be accessible with the given credentials. -It must be empty or contain a valid Synapse database. If empty, Synapse would populate it the first time it runs. +The database (as specified in `matrix_synapse_database_database`) must exist and be accessible with the given credentials. It must be empty or contain a valid Synapse database. If empty, Synapse would populate it the first time it runs. **Note**: the external server that you specify in `matrix_synapse_database_host` must be accessible from within the `matrix-synapse` Docker container (and possibly other containers too). This means that it either needs to be a publicly accessible hostname or that it's a hostname on the same Docker network where all containers installed by this playbook run (a network called `matrix` by default). Using a local PostgreSQL instance on the host (running on the same machine, but not in a container) is not possible. From 0eb53a0e77edfef34c11565ab6f0d0df2568ee3f Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 11 Oct 2024 04:01:07 +0900 Subject: [PATCH 073/404] Update docs/configuring-playbook-cactus-comments.md: add line breaks Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-cactus-comments.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index 263406242..98ec896e8 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -53,7 +53,9 @@ After configuring the playbook, run the [installation](installing.md) command: ` Upon starting Cactus Comments, a `bot.cactusbot` user account is created automatically. To get started, send a `help` message to the `@bot.cactusbot:your-homeserver.com` bot to confirm it's working. + Then, register a site by typing: `register `. You will then be invited into a moderation room. + Now you are good to go and can include the comment section on your website! **Careful**: To really make use of self-hosting you need change a few things in comparison to the official docs! From bfc5374fc84d430414ef9b40b050954e390cc0fe Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 17 Oct 2024 16:19:29 +0300 Subject: [PATCH 074/404] Upgrade mautrix-whatsapp (v0.10.9 -> v0.11.0) (bridgev2) and adapt configuration Related to: - https://github.com/mautrix/whatsapp/releases/tag/v0.11.0 - https://mau.fi/blog/2024-10-mautrix-release/ - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3615 --- group_vars/matrix_servers | 14 +- .../defaults/main.yml | 27 +- .../tasks/validate_config.yml | 4 + .../templates/config.yaml.j2 | 873 ++++++++++-------- 4 files changed, 493 insertions(+), 425 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 3108ba107..4e7cfa876 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1969,17 +1969,13 @@ matrix_mautrix_whatsapp_appservice_token: "{{ '%s' | format(matrix_homeserver_ge matrix_mautrix_whatsapp_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}" matrix_mautrix_whatsapp_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'whats.hs.token', rounds=655555) | to_uuid }}" -matrix_mautrix_whatsapp_bridge_login_shared_secret_map_auto: |- +matrix_mautrix_slack_double_puppet_secrets_auto: |- {{ - ({ - matrix_mautrix_whatsapp_homeserver_domain: ("as_token:" + matrix_appservice_double_puppet_registration_as_token) - }) + { + matrix_mautrix_slack_homeserver_domain: ("as_token:" + matrix_appservice_double_puppet_registration_as_token) + } if matrix_appservice_double_puppet_enabled - else ( - {matrix_mautrix_whatsapp_homeserver_domain: matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret} - if matrix_synapse_ext_password_provider_shared_secret_auth_enabled - else {} - ) + else {} }} matrix_mautrix_whatsapp_metrics_enabled: "{{ prometheus_enabled or matrix_metrics_exposure_enabled }}" diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml index d14d7e089..bb2c8c5f3 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautri matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/whatsapp -matrix_mautrix_whatsapp_version: v0.10.9 +matrix_mautrix_whatsapp_version: v0.11.0 # See: https://mau.dev/mautrix/whatsapp/container_registry matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" @@ -122,7 +122,7 @@ matrix_mautrix_whatsapp_database_connection_string: 'postgresql://{{ matrix_maut matrix_mautrix_whatsapp_appservice_database_type: "{{ { - 'sqlite': 'sqlite3', + 'sqlite': 'sqlite3-fk-wal', 'postgres':'postgres', }[matrix_mautrix_whatsapp_database_engine] }}" @@ -134,19 +134,24 @@ matrix_mautrix_whatsapp_appservice_database_uri: "{{ }[matrix_mautrix_whatsapp_database_engine] }}" -matrix_mautrix_whatsapp_bridge_login_shared_secret_map: "{{ matrix_mautrix_whatsapp_bridge_login_shared_secret_map_auto | combine(matrix_mautrix_whatsapp_bridge_login_shared_secret_map_custom) }}" -matrix_mautrix_whatsapp_bridge_login_shared_secret_map_auto: {} -matrix_mautrix_whatsapp_bridge_login_shared_secret_map_custom: {} +matrix_mautrix_whatsapp_double_puppet_secrets: "{{ matrix_mautrix_whatsapp_double_puppet_secrets_auto | combine(matrix_mautrix_whatsapp_double_puppet_secrets_custom) }}" +matrix_mautrix_whatsapp_double_puppet_secrets_auto: {} +matrix_mautrix_whatsapp_double_puppet_secrets_custom: {} # Enable End-to-bridge encryption matrix_mautrix_whatsapp_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}" matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_bridges_encryption_default }}" +matrix_mautrix_whatsapp_bridge_encryption_require: false matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" +# This pickle key value is backward-compatible with the old bridge. +# See: https://github.com/mautrix/whatsapp/blob/v0.11.0/cmd/mautrix-whatsapp/legacymigrate.go#L44 +matrix_mautrix_whatsapp_bridge_encryption_pickle_key: maunium.net/go/mautrix-whatsapp matrix_mautrix_whatsapp_bridge_personal_filtering_spaces: true -matrix_mautrix_whatsapp_bridge_mute_bridging: true -matrix_mautrix_whatsapp_bridge_enable_status_broadcast: false -matrix_mautrix_whatsapp_bridge_allow_user_invite: true +matrix_mautrix_whatsapp_bridge_enable_status_broadcast: true + +matrix_mautrix_whatsapp_provisioning_shared_secret: '' +matrix_mautrix_whatsapp_public_media_signing_key: '' matrix_mautrix_whatsapp_bridge_permissions: | {{ @@ -160,6 +165,12 @@ matrix_mautrix_whatsapp_bridge_relay_enabled: "{{ matrix_bridges_relay_enabled } # Only allow admins on this home server to set themselves as a relay user matrix_mautrix_whatsapp_bridge_relay_admin_only: true +# List of user login IDs which anyone can set as a relay, as long as the relay user is in the room. +matrix_mautrix_whatsapp_bridge_relay_default_relays: [] + +# Controls whether to do backfilling at all. +matrix_mautrix_whatsapp_backfill_enabled: true + # Default mautrix-whatsapp configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml index 7d4fa9479..220f99b15 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml @@ -20,3 +20,7 @@ with_items: - {'old': 'matrix_mautrix_whatsapp_log_level', 'new': 'matrix_mautrix_whatsapp_logging_level'} - {'old': 'matrix_mautrix_whatsapp_login_shared_secret', 'new': ''} + - {'old': 'matrix_mautrix_whatsapp_bridge_login_shared_secret_map', 'new': ''} + - {'old': 'matrix_mautrix_whatsapp_bridge_double_puppet_server_map', 'new': ''} + - {'old': 'matrix_mautrix_whatsapp_bridge_allow_user_invite', 'new': ''} + - {'old': 'matrix_mautrix_whatsapp_bridge_mute_bridging', 'new': ''} diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index cbaef5921..c6224525c 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -1,261 +1,37 @@ #jinja2: lstrip_blocks: "True" -# Homeserver details. -homeserver: - # The address that this appservice can use to connect to the homeserver. - address: {{ matrix_mautrix_whatsapp_homeserver_address }} - # The domain of the homeserver (for MXIDs, etc). - domain: {{ matrix_mautrix_whatsapp_homeserver_domain }} - # What software is the homeserver running? - # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. - software: standard - # The URL to push real-time bridge status to. - # If set, the bridge will make POST requests to this URL whenever a user's whatsapp connection state changes. - # The bridge will use the appservice as_token to authorize requests. - status_endpoint: null - # Endpoint for reporting per-message status. - message_send_checkpoint_endpoint: null - # Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246? - async_media: false - -# Application service host/registration related details. -# Changing these values requires regeneration of the registration. -appservice: - # The address that the homeserver can use to connect to this appservice. - address: {{ matrix_mautrix_whatsapp_appservice_address }} - # The hostname and port where this appservice should listen. - hostname: 0.0.0.0 - port: 8080 - # Database config. - database: - # The database type. "sqlite3" and "postgres" are supported. - type: {{ matrix_mautrix_whatsapp_appservice_database_type|to_json }} - # The database URI. - # SQLite: File name is enough. https://github.com/mattn/go-sqlite3#connection-string - # Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable - # To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql - uri: {{ matrix_mautrix_whatsapp_appservice_database_uri|to_json }} - # Maximum number of connections. Mostly relevant for Postgres. - max_open_conns: 20 - max_idle_conns: 2 - # Maximum connection idle time and lifetime before they're closed. Disabled if null. - # Parsed with https://pkg.go.dev/time#ParseDuration - max_conn_idle_time: null - max_conn_lifetime: null - # The unique ID of this appservice. - id: whatsapp - # Appservice bot details. - bot: - # Username of the appservice bot. - username: {{ matrix_mautrix_whatsapp_appservice_bot_username|to_json }} - # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty - # to leave display name/avatar as-is. - displayname: WhatsApp bridge bot - avatar: mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr - - # Whether or not to receive ephemeral events via appservice transactions. - # Requires MSC2409 support (i.e. Synapse 1.22+). - ephemeral_events: true - - # Should incoming events be handled asynchronously? - # This may be necessary for large public instances with lots of messages going through. - # However, messages will not be guaranteed to be bridged in the same order they were sent in. - async_transactions: false - - # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. - as_token: "{{ matrix_mautrix_whatsapp_appservice_token }}" - hs_token: "{{ matrix_mautrix_whatsapp_homeserver_token }}" - -# Prometheus config. -metrics: - # Enable prometheus metrics? - enabled: {{ matrix_mautrix_whatsapp_metrics_enabled | to_json }} - # IP and port where the metrics listener should be. The path is always /metrics - listen: 0.0.0.0:8001 - -# Config for things that are directly sent to WhatsApp. -whatsapp: +# Network-specific config options +network: # Device name that's shown in the "WhatsApp Web" section in the mobile app. os_name: Mautrix-WhatsApp bridge # Browser name that determines the logo shown in the mobile app. # Must be "unknown" for a generic icon or a valid browser name if you want a specific icon. - # List of valid browser names: https://github.com/tulir/whatsmeow/blob/8b34d886d543b72e5f4699cf5b2797f68d598f78/binary/proto/def.proto#L38-L51 + # List of valid browser names: https://github.com/tulir/whatsmeow/blob/efc632c008604016ddde63bfcfca8de4e5304da9/binary/proto/def.proto#L43-L64 browser_name: unknown -# Bridge config -bridge: - # Localpart template of MXIDs for WhatsApp users. - # {{ '{{.}}' }} is replaced with the phone number of the WhatsApp user. - username_template: "{{ 'whatsapp_{{.}}' }}" + # Proxy to use for all WhatsApp connections. + proxy: null + # Alternative to proxy: an HTTP endpoint that returns the proxy URL to use for WhatsApp connections. + get_proxy_url: null + # Whether the proxy options should only apply to the login websocket and not to authenticated connections. + proxy_only_login: false + # Displayname template for WhatsApp users. - # {{ '{{.PushName}}' }} - nickname set by the WhatsApp user - # {{ '{{.BusinessName}}' }} - validated WhatsApp business name - # {{ '{{.Phone}}' }} - phone number (international format) - # The following variables are also available, but will cause problems on multi-user instances: - # {{ '{{.FullName}}' }} - full name from contact list - # {{ '{{.FirstName}}' }} - first name from contact list - displayname_template: "{{ '{{or .BusinessName .PushName .JID}} (WhatsApp)' }}" - # Should the bridge create a space for each logged-in user and add bridged rooms to it? - # Users who logged in before turning this on should run `!wa sync space` to create and fill the space for the first time. - personal_filtering_spaces: {{ matrix_mautrix_whatsapp_bridge_personal_filtering_spaces | to_json }} - # Should the bridge send a read receipt from the bridge bot when a message has been sent to WhatsApp? - delivery_receipts: false - # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. - message_status_events: false - # Whether the bridge should send error notices via m.notice events when a message fails to bridge. - message_error_notices: true + # {% raw %} + # {{.PushName}} - nickname set by the WhatsApp user + # {{.BusinessName}} - validated WhatsApp business name + # {{.Phone}} - phone number (international format) + # {{.FullName}} - Name you set in the contacts list + # {% endraw %} + displayname_template: "{% raw %}{{or .BusinessName .PushName .Phone}} (WA){% endraw %}" + # Should incoming calls send a message to the Matrix room? call_start_notices: true # Should another user's cryptographic identity changing send a message to Matrix? identity_change_notices: false - portal_message_buffer: 128 - # Settings for handling history sync payloads. - history_sync: - # Enable backfilling history sync payloads from WhatsApp? - backfill: true - # The maximum number of initial conversations that should be synced. - # Other conversations will be backfilled on demand when receiving a message or when initiating a direct chat. - max_initial_conversations: -1 - # Maximum number of messages to backfill in each conversation. - # Set to -1 to disable limit. - message_count: 50 - # Should the bridge request a full sync from the phone when logging in? - # This bumps the size of history syncs from 3 months to 1 year. - request_full_sync: false - # Configuration parameters that are sent to the phone along with the request full sync flag. - # By default (when the values are null or 0), the config isn't sent at all. - full_sync_config: - # Number of days of history to request. - # The limit seems to be around 3 years, but using higher values doesn't break. - days_limit: null - # This is presumably the maximum size of the transferred history sync blob, which may affect what the phone includes in the blob. - size_mb_limit: null - # This is presumably the local storage quota, which may affect what the phone includes in the history sync blob. - storage_quota_mb: null - # If this value is greater than 0, then if the conversation's last message was more than - # this number of hours ago, then the conversation will automatically be marked it as read. - # Conversations that have a last message that is less than this number of hours ago will - # have their unread status synced from WhatsApp. - unread_hours_threshold: 0 - - ############################################################################### - # The settings below are only applicable for backfilling using batch sending, # - # which is no longer supported in Synapse. # - ############################################################################### - - # Settings for media requests. If the media expired, then it will not - # be on the WA servers. - # Media can always be requested by reacting with the ♻️ (recycle) emoji. - # These settings determine if the media requests should be done - # automatically during or after backfill. - media_requests: - # Should expired media be automatically requested from the server as - # part of the backfill process? - auto_request_media: true - # Whether to request the media immediately after the media message - # is backfilled ("immediate") or at a specific time of the day - # ("local_time"). - request_method: immediate - # If request_method is "local_time", what time should the requests - # be sent (in minutes after midnight)? - request_local_time: 120 - # Settings for immediate backfills. These backfills should generally be - # small and their main purpose is to populate each of the initial chats - # (as configured by max_initial_conversations) with a few messages so - # that you can continue conversations without loosing context. - immediate: - # The number of concurrent backfill workers to create for immediate - # backfills. Note that using more than one worker could cause the - # room list to jump around since there are no guarantees about the - # order in which the backfills will complete. - worker_count: 1 - # The maximum number of events to backfill initially. - max_events: 10 - # Settings for deferred backfills. The purpose of these backfills are - # to fill in the rest of the chat history that was not covered by the - # immediate backfills. These backfills generally should happen at a - # slower pace so as not to overload the homeserver. - # Each deferred backfill config should define a "stage" of backfill - # (i.e. the last week of messages). The fields are as follows: - # - start_days_ago: the number of days ago to start backfilling from. - # To indicate the start of time, use -1. For example, for a week ago, use 7. - # - max_batch_events: the number of events to send per batch. - # - batch_delay: the number of seconds to wait before backfilling each batch. - deferred: - # Last Week - - start_days_ago: 7 - max_batch_events: 20 - batch_delay: 5 - # Last Month - - start_days_ago: 30 - max_batch_events: 50 - batch_delay: 10 - # Last 3 months - - start_days_ago: 90 - max_batch_events: 100 - batch_delay: 10 - # The start of time - - start_days_ago: -1 - max_batch_events: 500 - batch_delay: 10 - - # Should puppet avatars be fetched from the server even if an avatar is already set? - user_avatar_sync: true - # Should Matrix users leaving groups be bridged to WhatsApp? - bridge_matrix_leave: true - # Should the bridge update the m.direct account data event when double puppeting is enabled. - # Note that updating the m.direct event is not atomic (except with mautrix-asmux) - # and is therefore prone to race conditions. - sync_direct_chat_list: false - # Should the bridge use MSC2867 to bridge manual "mark as unread"s from - # WhatsApp and set the unread status on initial backfill? - # This will only work on clients that support the m.marked_unread or - # com.famedly.marked_unread room account data. - sync_manual_marked_unread: true - # When double puppeting is enabled, users can use `!wa toggle` to change whether - # presence and read receipts are bridged. These settings set the default values. - # Existing users won't be affected when these are changed. - default_bridge_presence: true # Send the presence as "available" to whatsapp when users start typing on a portal. # This works as a workaround for homeservers that do not support presence, and allows # users to see when the whatsapp user on the other side is typing during a conversation. send_presence_on_typing: false - # Should the bridge always send "active" delivery receipts (two gray ticks on WhatsApp) - # even if the user isn't marked as online (e.g. when presence bridging isn't enabled)? - # - # By default, the bridge acts like WhatsApp web, which only sends active delivery - # receipts when it's in the foreground. - force_active_delivery_receipts: false - # Servers to always allow double puppeting from - double_puppet_server_map: - "{{ matrix_mautrix_whatsapp_homeserver_domain }}": {{ matrix_mautrix_whatsapp_homeserver_address }} - # Allow using double puppeting from any server with a valid client .well-known file. - double_puppet_allow_discovery: false - # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth - # - # If set, double puppeting will be enabled automatically for local users - # instead of users having to find an access token and run `login-matrix` - # manually. - login_shared_secret_map: {{ matrix_mautrix_whatsapp_bridge_login_shared_secret_map|to_json }} - # Should the bridge explicitly set the avatar and room name for private chat portal rooms? - # This is implicitly enabled in encrypted rooms. - private_chat_portal_meta: default - # Should group members be synced in parallel? This makes member sync faster - parallel_member_sync: false - # Should Matrix m.notice-type messages be bridged? - bridge_notices: true - # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. - # This field will automatically be changed back to false after it, except if the config file is not writable. - resend_bridge_info: false - # When using double puppeting, should muted chats be muted in Matrix? - mute_bridging: {{ matrix_mautrix_whatsapp_bridge_mute_bridging | to_json }} - # When using double puppeting, should archived chats be moved to a specific tag in Matrix? - # Note that WhatsApp unarchives chats when a message is received, which will also be mirrored to Matrix. - # This can be set to a tag (e.g. m.lowpriority), or null to disable. - archive_tag: null - # Same as above, but for pinned chats. The favorite tag is called m.favourite - pinned_tag: null - # Should mute status and tags only be bridged when the portal room is created? - tag_only_on_create: true # Should WhatsApp status messages be bridged into a Matrix room? # Disabling this won't affect already created status broadcast rooms. enable_status_broadcast: {{ matrix_mautrix_whatsapp_bridge_enable_status_broadcast | to_json }} @@ -270,189 +46,470 @@ bridge: # Should the bridge use thumbnails from WhatsApp? # They're disabled by default due to very low resolution. whatsapp_thumbnail: false - # Allow invite permission for user. User can invite any bots to room with whatsapp - # users (private chat and groups) - allow_user_invite: {{ matrix_mautrix_whatsapp_bridge_allow_user_invite | to_json }} - # Whether or not created rooms should have federation enabled. - # If false, created portal rooms will never be federated. - federate_rooms: {{ matrix_mautrix_whatsapp_federate_rooms|to_json }} - # Should the bridge never send alerts to the bridge management room? - # These are mostly things like the user being logged out. - disable_bridge_alerts: false - # Should the bridge stop if the WhatsApp server says another user connected with the same session? - # This is only safe on single-user bridges. - crash_on_stream_replaced: false # Should the bridge detect URLs in outgoing messages, ask the homeserver to generate a preview, # and send it to WhatsApp? URL previews can always be sent using the `com.beeper.linkpreviews` # key in the event content even if this is disabled. url_previews: false - # Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552. - # This is currently not supported in most clients. - caption_in_message: false - # Send galleries as a single event? This is not an MSC (yet). - beeper_galleries: false - # Should polls be sent using MSC3381 event types? + # Should polls be sent using unstable MSC3381 event types? extev_polls: {{ matrix_mautrix_whatsapp_extev_polls | to_json }} - # Should cross-chat replies from WhatsApp be bridged? Most servers and clients don't support this. - cross_room_replies: false - # Disable generating reply fallbacks? Some extremely bad clients still rely on them, - # but they're being phased out and will be completely removed in the future. - disable_reply_fallbacks: false - # Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration - # Null means there's no enforced timeout. - message_handling_timeout: - # Send an error message after this timeout, but keep waiting for the response until the deadline. - # This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay. - # If the message is older than this when it reaches the bridge, the message won't be handled at all. - error_after: null - # Drop messages after this timeout. They may still go through if the message got sent to the servers. - # This is counted from the time the bridge starts handling the message. - deadline: 120s - - # The prefix for commands. Only required in non-management rooms. - command_prefix: "{{ matrix_mautrix_whatsapp_command_prefix }}" - - # Messages sent upon joining a management room. - # Markdown is supported. The defaults are listed below. - management_room_text: - # Sent when joining a room. - welcome: "Hello, I'm a WhatsApp bridge bot." - # Sent when joining a management room and the user is already logged in. - welcome_connected: "Use `help` for help." - # Sent when joining a management room and the user is not logged in. - welcome_unconnected: "Use `help` for help or `login` to log in." - # Optional extra text sent when joining a management room. - additional_help: "" - - # End-to-bridge encryption support options. + # Should view-once messages be disabled entirely? + disable_view_once: false + # Should the bridge always send "active" delivery receipts (two gray ticks on WhatsApp) + # even if the user isn't marked as online (e.g. when presence bridging isn't enabled)? # - # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. - encryption: - # Allow encryption, work in group chat rooms with e2ee enabled - allow: {{ matrix_mautrix_whatsapp_bridge_encryption_allow|to_json }} - # Default to encryption, force-enable encryption in all portals the bridge creates - # This will cause the bridge bot to be in private chats for the encryption to work properly. - # It is recommended to also set private_chat_portal_meta to true when using this. - default: {{ matrix_mautrix_whatsapp_bridge_encryption_default|to_json }} - # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. - appservice: false - # Require encryption, drop any unencrypted messages. - require: false - # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. - # You must use a client that supports requesting keys from other users to use this feature. - allow_key_sharing: {{ matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow|to_json }} - # Should users mentions be in the event wire content to enable the server to send push notifications? - plaintext_mentions: false - # Options for deleting megolm sessions from the bridge. - delete_keys: - # Beeper-specific: delete outbound sessions when hungryserv confirms - # that the user has uploaded the key to key backup. - delete_outbound_on_ack: false - # Don't store outbound sessions in the inbound table. - dont_store_outbound: false - # Ratchet megolm sessions forward after decrypting messages. - ratchet_on_decrypt: false - # Delete fully used keys (index >= max_messages) after decrypting messages. - delete_fully_used_on_decrypt: false - # Delete previous megolm sessions from same device when receiving a new one. - delete_prev_on_new_session: false - # Delete megolm sessions received from a device when the device is deleted. - delete_on_device_delete: false - # Periodically delete megolm sessions when 2x max_age has passed since receiving the session. - periodically_delete_expired: false - # Delete inbound megolm sessions that don't have the received_at field used for - # automatic ratcheting and expired session deletion. This is meant as a migration - # to delete old keys prior to the bridge update. - delete_outdated_inbound: false - # What level of device verification should be required from users? - # - # Valid levels: - # unverified - Send keys to all device in the room. - # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys. - # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes). - # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot. - # Note that creating user signatures from the bridge bot is not currently possible. - # verified - Require manual per-device verification - # (currently only possible by modifying the `trust` column in the `crypto_device` database table). - verification_levels: - # Minimum level for which the bridge should send keys to when bridging messages from WhatsApp to Matrix. - receive: unverified - # Minimum level that the bridge should accept for incoming Matrix messages. - send: unverified - # Minimum level that the bridge should require for accepting key requests. - share: cross-signed-tofu - # Options for Megolm room key rotation. These options allow you to - # configure the m.room.encryption event content. See: - # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for - # more information about that event. - rotation: - # Enable custom Megolm room key rotation settings. Note that these - # settings will only apply to rooms created after this option is - # set. - enable_custom: false - # The maximum number of milliseconds a session should be used - # before changing it. The Matrix spec recommends 604800000 (a week) - # as the default. - milliseconds: 604800000 - # The maximum number of messages that should be sent with a given a - # session before changing it. The Matrix spec recommends 100 as the - # default. - messages: 100 + # By default, the bridge acts like WhatsApp web, which only sends active delivery + # receipts when it's in the foreground. + force_active_delivery_receipts: false - # Disable rotating keys when a user's devices change? - # You should not enable this option unless you understand all the implications. - disable_device_change_key_rotation: false + # Settings for converting animated stickers. + animated_sticker: + # Format to which animated stickers should be converted. + # disable - No conversion, just unzip and send raw lottie JSON + # png - converts to non-animated png (fastest) + # gif - converts to animated gif + # webm - converts to webm video, requires ffmpeg executable with vp9 codec and webm container support + # webp - converts to animated webp, requires ffmpeg executable with webp codec/container support + target: webp + # Arguments for converter. All converters take width and height. + args: + width: 320 + height: 320 + fps: 25 # only for webm, webp and gif (2, 5, 10, 20 or 25 recommended) - # Settings for provisioning API - provisioning: - # Prefix for the provisioning API paths. - prefix: /_matrix/provision - # Shared secret for authentication. If set to "generate", a random secret will be generated, - # or if set to "disable", the provisioning API will be disabled. - shared_secret: generate + # Settings for handling history sync payloads. + history_sync: + # How many conversations should the bridge create after login? + # If -1, all conversations received from history sync will be bridged. + # Other conversations will be backfilled on demand when receiving a message. + max_initial_conversations: -1 + # Should the bridge request a full sync from the phone when logging in? + # This bumps the size of history syncs from 3 months to 1 year. + request_full_sync: false + # Configuration parameters that are sent to the phone along with the request full sync flag. + # By default, (when the values are null or 0), the config isn't sent at all. + full_sync_config: + # Number of days of history to request. + # The limit seems to be around 3 years, but using higher values doesn't break. + days_limit: null + # This is presumably the maximum size of the transferred history sync blob, which may affect what the phone includes in the blob. + size_mb_limit: null + # This is presumably the local storage quota, which may affect what the phone includes in the history sync blob. + storage_quota_mb: null + # Settings for media requests. If the media expired, then it will not be on the WA servers. + # Media can always be requested by reacting with the ♻ (recycle) emoji. + # These settings determine if the media requests should be done automatically during or after backfill. + media_requests: + # Should the expired media be automatically requested from the server as part of the backfill process? + auto_request_media: true + # Whether to request the media immediately after the media message is backfilled ("immediate") + # or at a specific time of the day ("local_time"). + request_method: immediate + # If request_method is "local_time", what time should the requests be sent (in minutes after midnight)? + request_local_time: 120 + # Maximum number of media request responses to handle in parallel per user. + max_async_handle: 2 + + +# Config options that affect the central bridge module. +bridge: + # The prefix for commands. Only required in non-management rooms. + command_prefix: {{ matrix_mautrix_whatsapp_command_prefix | to_json }} + # Should the bridge create a space for each login containing the rooms that account is in? + personal_filtering_spaces: {{ matrix_mautrix_whatsapp_bridge_personal_filtering_spaces | to_json }} + # Whether the bridge should set names and avatars explicitly for DM portals. + # This is only necessary when using clients that don't support MSC4171. + private_chat_portal_meta: true + # Should events be handled asynchronously within portal rooms? + # If true, events may end up being out of order, but slow events won't block other ones. + # This is not yet safe to use. + async_events: false + # Should every user have their own portals rather than sharing them? + # By default, users who are in the same group on the remote network will be + # in the same Matrix room bridged to that group. If this is set to true, + # every user will get their own Matrix room instead. + split_portals: false + # Should the bridge resend `m.bridge` events to all portals on startup? + resend_bridge_info: false + + # Should leaving Matrix rooms be bridged as leaving groups on the remote network? + bridge_matrix_leave: false + # Should room tags only be synced when creating the portal? Tags mean things like favorite/pin and archive/low priority. + # Tags currently can't be synced back to the remote network, so a continuous sync means tagging from Matrix will be undone. + tag_only_on_create: true + # Should room mute status only be synced when creating the portal? + # Like tags, mutes can't currently be synced back to the remote network. + mute_only_on_create: true + + # What should be done to portal rooms when a user logs out or is logged out? + # Permitted values: + # nothing - Do nothing, let the user stay in the portals + # kick - Remove the user from the portal rooms, but don't delete them + # unbridge - Remove all ghosts in the room and disassociate it from the remote chat + # delete - Remove all ghosts and users from the room (i.e. delete it) + cleanup_on_logout: + # Should cleanup on logout be enabled at all? + enabled: false + # Settings for manual logouts (explicitly initiated by the Matrix user) + manual: + # Action for private portals which will never be shared with other Matrix users. + private: nothing + # Action for portals with a relay user configured. + relayed: nothing + # Action for portals which may be shared, but don't currently have any other Matrix users. + shared_no_users: nothing + # Action for portals which have other logged-in Matrix users. + shared_has_users: nothing + # Settings for credentials being invalidated (initiated by the remote network, possibly through user action). + # Keys have the same meanings as in the manual section. + bad_credentials: + private: nothing + relayed: nothing + shared_no_users: nothing + shared_has_users: nothing + + # Settings for relay mode + relay: + # Whether relay mode should be allowed. If allowed, the set-relay command can be used to turn any + # authenticated user into a relaybot for that chat. + enabled: {{ matrix_mautrix_whatsapp_bridge_relay_enabled | to_json }} + # Should only admins be allowed to set themselves as relay users? + # If true, non-admins can only set users listed in default_relays as relays in a room. + admin_only: {{ matrix_mautrix_whatsapp_bridge_relay_admin_only | to_json }} + # List of user login IDs which anyone can set as a relay, as long as the relay user is in the room. + default_relays: {{ matrix_mautrix_whatsapp_bridge_relay_default_relays | to_json }} + # The formats to use when sending messages via the relaybot. + # Available variables: + # .Sender.UserID - The Matrix user ID of the sender. + # .Sender.Displayname - The display name of the sender (if set). + # .Sender.RequiresDisambiguation - Whether the sender's name may be confused with the name of another user in the room. + # .Sender.DisambiguatedName - The disambiguated name of the sender. This will be the displayname if set, + # plus the user ID in parentheses if the displayname is not unique. + # If the displayname is not set, this is just the user ID. + # .Message - The `formatted_body` field of the message. + # .Caption - The `formatted_body` field of the message, if it's a caption. Otherwise an empty string. + # .FileName - The name of the file being sent. + message_formats: + m.text: "{% raw %}{{ .Sender.DisambiguatedName }}: {{ .Message }}{% endraw %}" + m.notice: "{% raw %}{{ .Sender.DisambiguatedName }}: {{ .Message }}{% endraw %}" + m.emote: "{% raw %}* {{ .Sender.DisambiguatedName }} {{ .Message }}{% endraw %}" + m.file: "{% raw %}{{ .Sender.DisambiguatedName }} sent a file{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}" + m.image: "{% raw %}{{ .Sender.DisambiguatedName }} sent an image{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}" + m.audio: "{% raw %}{{ .Sender.DisambiguatedName }} sent an audio file{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}" + m.video: "{% raw %}{{ .Sender.DisambiguatedName }} sent a video{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}" + m.location: "{% raw %}{{ .Sender.DisambiguatedName }} sent a location{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}" + # For networks that support per-message displaynames (i.e. Slack and Discord), the template for those names. + # This has all the Sender variables available under message_formats (but without the .Sender prefix). + # Note that you need to manually remove the displayname from message_formats above. + displayname_format: "{% raw %}{{ .DisambiguatedName }}{% endraw %}" # Permissions for using the bridge. # Permitted values: # relay - Talk through the relaybot (if enabled), no access otherwise - # user - Access to use the bridge to chat with a WhatsApp account. - # admin - User level and some additional administration tools + # commands - Access to use commands in the bridge, but not login. + # user - Access to use the bridge with puppeting. + # admin - Full access, user level with some additional administration tools. # Permitted keys: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user permissions: {{ matrix_mautrix_whatsapp_bridge_permissions|to_json }} - # Settings for relay mode - relay: - # Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any - # authenticated user into a relaybot for that chat. - enabled: {{ matrix_mautrix_whatsapp_bridge_relay_enabled | to_json }} - # Should only admins be allowed to set themselves as relay users? - admin_only: {{ matrix_mautrix_whatsapp_bridge_relay_admin_only | to_json }} - # The formats to use when sending messages to WhatsApp via the relaybot. - message_formats: - m.text: "{{ '{{ .Sender.Displayname }}' }}: {{ '{{ .Message }}' }}" - m.notice: "{{ '{{ .Sender.Displayname }}' }}:: {{ '{{ .Message }}' }}" - m.emote: "* {{ '{{ .Sender.Displayname }}' }}: {{ '{{ .Message }}' }}" - m.file: "{{ '{{ .Sender.Displayname }}' }}: sent a file" - m.image: "{{ '{{ .Sender.Displayname }}' }}: sent an image" - m.audio: "{{ '{{ .Sender.Displayname }}' }}: sent an audio file" - m.video: "{{ '{{ .Sender.Displayname }}' }}: sent a video" - m.location: "{{ '{{ .Sender.Displayname }}' }}: sent a location" +# Config for the bridge's database. +database: + # The database type. "sqlite3-fk-wal" and "postgres" are supported. + type: {{ matrix_mautrix_whatsapp_appservice_database_type | to_json }} + # The database URI. + # SQLite: A raw file path is supported, but `file:?_txlock=immediate` is recommended. + # https://github.com/mattn/go-sqlite3#connection-string + # Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable + # To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql + uri: {{ matrix_mautrix_whatsapp_appservice_database_uri | to_json }} + # Maximum number of connections. + max_open_conns: 20 + max_idle_conns: 2 + # Maximum connection idle time and lifetime before they're closed. Disabled if null. + # Parsed with https://pkg.go.dev/time#ParseDuration + max_conn_idle_time: null + max_conn_lifetime: null -# Logging config. +# Homeserver details. +homeserver: + # The address that this appservice can use to connect to the homeserver. + # Local addresses without HTTPS are generally recommended when the bridge is running on the same machine, + # but https also works if they run on different machines. + address: {{ matrix_mautrix_whatsapp_homeserver_address | to_json }} + # The domain of the homeserver (also known as server_name, used for MXIDs, etc). + domain: {{ matrix_mautrix_whatsapp_homeserver_domain | to_json }} + + # What software is the homeserver running? + # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. + software: standard + # The URL to push real-time bridge status to. + # If set, the bridge will make POST requests to this URL whenever a user's remote network connection state changes. + # The bridge will use the appservice as_token to authorize requests. + status_endpoint: + # Endpoint for reporting per-message status. + # If set, the bridge will make POST requests to this URL when processing a message from Matrix. + # It will make one request when receiving the message (step BRIDGE), one after decrypting if applicable + # (step DECRYPTED) and one after sending to the remote network (step REMOTE). Errors will also be reported. + # The bridge will use the appservice as_token to authorize requests. + message_send_checkpoint_endpoint: + # Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246? + async_media: false + + # Should the bridge use a websocket for connecting to the homeserver? + # The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy, + # mautrix-asmux (deprecated), and hungryserv (proprietary). + websocket: false + # How often should the websocket be pinged? Pinging will be disabled if this is zero. + ping_interval_seconds: 0 + +# Application service host/registration related details. +# Changing these values requires regeneration of the registration (except when noted otherwise) +appservice: + # The address that the homeserver can use to connect to this appservice. + # Like the homeserver address, a local non-https address is recommended when the bridge is on the same machine. + # If the bridge is elsewhere, you must secure the connection yourself (e.g. with https or wireguard) + # If you want to use https, you need to use a reverse proxy. The bridge does not have TLS support built in. + address: {{ matrix_mautrix_whatsapp_appservice_address | to_json }} + # A public address that external services can use to reach this appservice. + # This is only needed for things like public media. A reverse proxy is generally necessary when using this field. + # This value doesn't affect the registration file. + public_address: "" + + # The hostname and port where this appservice should listen. + # For Docker, you generally have to change the hostname to 0.0.0.0. + hostname: 0.0.0.0 + port: 8080 + + # The unique ID of this appservice. + id: whatsapp + # Appservice bot details. + bot: + # Username of the appservice bot. + username: {{ matrix_mautrix_whatsapp_appservice_bot_username | to_json }} + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + displayname: WhatsApp bridge bot + avatar: mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr + + # Whether to receive ephemeral events via appservice transactions. + ephemeral_events: true + # Should incoming events be handled asynchronously? + # This may be necessary for large public instances with lots of messages going through. + # However, messages will not be guaranteed to be bridged in the same order they were sent in. + # This value doesn't affect the registration file. + async_transactions: false + + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. + as_token: {{ matrix_mautrix_whatsapp_appservice_token | to_json }} + hs_token: {{ matrix_mautrix_whatsapp_homeserver_token | to_json }} + + # Localpart template of MXIDs for remote users. + # {% raw %}{{.}}{% endraw %} is replaced with the internal ID of the user. + username_template: "{% raw %}whatsapp_{{.}}{% endraw %}" + +# Config options that affect the Matrix connector of the bridge. +matrix: + # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. + message_status_events: false + # Whether the bridge should send a read receipt after successfully bridging a message. + delivery_receipts: false + # Whether the bridge should send error notices via m.notice events when a message fails to bridge. + message_error_notices: true + # Whether the bridge should update the m.direct account data event when double puppeting is enabled. + sync_direct_chat_list: true + # Whether created rooms should have federation enabled. If false, created portal rooms + # will never be federated. Changing this option requires recreating rooms. + federate_rooms: {{ matrix_mautrix_whatsapp_federate_rooms|to_json }} + # The threshold as bytes after which the bridge should roundtrip uploads via the disk + # rather than keeping the whole file in memory. + upload_file_threshold: 5242880 + +# Segment-compatible analytics endpoint for tracking some events, like provisioning API login and encryption errors. +analytics: + # API key to send with tracking requests. Tracking is disabled if this is null. + token: null + # Address to send tracking requests to. + url: https://api.segment.io/v1/track + # Optional user ID for tracking events. If null, defaults to using Matrix user ID. + user_id: null + +# Settings for provisioning API +provisioning: + # Prefix for the provisioning API paths. + prefix: /_matrix/provision + # Shared secret for authentication. If set to "generate" or null, a random secret will be generated, + # or if set to "disable", the provisioning API will be disabled. + shared_secret: {{ matrix_mautrix_whatsapp_provisioning_shared_secret | to_json }} + # Whether to allow provisioning API requests to be authed using Matrix access tokens. + # This follows the same rules as double puppeting to determine which server to contact to check the token, + # which means that by default, it only works for users on the same server as the bridge. + allow_matrix_auth: true + # Enable debug API at /debug with provisioning authentication. + debug_endpoints: false + +# Some networks require publicly accessible media download links (e.g. for user avatars when using Discord webhooks). +# These settings control whether the bridge will provide such public media access. +public_media: + # Should public media be enabled at all? + # The public_address field under the appservice section MUST be set when enabling public media. + enabled: false + # A key for signing public media URLs. + # If set to "generate", a random key will be generated. + signing_key: {{ matrix_mautrix_whatsapp_public_media_signing_key | to_json }} + # Number of seconds that public media URLs are valid for. + # If set to 0, URLs will never expire. + expiry: 0 + # Length of hash to use for public media URLs. Must be between 0 and 32. + hash_length: 32 + +# Settings for converting remote media to custom mxc:// URIs instead of reuploading. +# More details can be found at https://docs.mau.fi/bridges/go/discord/direct-media.html +direct_media: + # Should custom mxc:// URIs be used instead of reuploading media? + enabled: false + # The server name to use for the custom mxc:// URIs. + # This server name will effectively be a real Matrix server, it just won't implement anything other than media. + # You must either set up .well-known delegation from this domain to the bridge, or proxy the domain directly to the bridge. + server_name: discord-media.example.com + # Optionally a custom .well-known response. This defaults to `server_name:443` + well_known_response: + # Optionally specify a custom prefix for the media ID part of the MXC URI. + media_id_prefix: + # If the remote network supports media downloads over HTTP, then the bridge will use MSC3860/MSC3916 + # media download redirects if the requester supports it. Optionally, you can force redirects + # and not allow proxying at all by setting this to false. + # This option does nothing if the remote network does not support media downloads over HTTP. + allow_proxy: true + # Matrix server signing key to make the federation tester pass, same format as synapse's .signing.key file. + # This key is also used to sign the mxc:// URIs to ensure only the bridge can generate them. + server_key: generate + +# Settings for backfilling messages. +# Note that the exact way settings are applied depends on the network connector. +# See https://docs.mau.fi/bridges/general/backfill.html for more details. +backfill: + # Whether to do backfilling at all. + enabled: {{ matrix_mautrix_whatsapp_backfill_enabled | to_json }} + # Maximum number of messages to backfill in empty rooms. + max_initial_messages: 50 + # Maximum number of missed messages to backfill after bridge restarts. + max_catchup_messages: 500 + # If a backfilled chat is older than this number of hours, + # mark it as read even if it's unread on the remote network. + unread_hours_threshold: 720 + # Settings for backfilling threads within other backfills. + threads: + # Maximum number of messages to backfill in a new thread. + max_initial_messages: 50 + # Settings for the backwards backfill queue. This only applies when connecting to + # Beeper as standard Matrix servers don't support inserting messages into history. + queue: + # Should the backfill queue be enabled? + enabled: false + # Number of messages to backfill in one batch. + batch_size: 100 + # Delay between batches in seconds. + batch_delay: 20 + # Maximum number of batches to backfill per portal. + # If set to -1, all available messages will be backfilled. + max_batches: -1 + # Optional network-specific overrides for max batches. + # Interpretation of this field depends on the network connector. + max_batches_override: {} + +# Settings for enabling double puppeting +double_puppet: + # Servers to always allow double puppeting from. + # This is only for other servers and should NOT contain the server the bridge is on. + servers: {} + # Whether to allow client API URL discovery for other servers. When using this option, + # users on other servers can use double puppeting even if their server URLs aren't + # explicitly added to the servers map above. + allow_discovery: false + # Shared secrets for automatic double puppeting. + # See https://docs.mau.fi/bridges/general/double-puppeting.html for instructions. + secrets: {{ matrix_mautrix_whatsapp_double_puppet_secrets | to_json }} + +# End-to-bridge encryption support options. +# +# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. +encryption: + # Whether to enable encryption at all. If false, the bridge will not function in encrypted rooms. + allow: {{ matrix_mautrix_whatsapp_bridge_encryption_allow | to_json }} + # Whether to force-enable encryption in all bridged rooms. + default: {{ matrix_mautrix_whatsapp_bridge_encryption_default | to_json }} + # Whether to require all messages to be encrypted and drop any unencrypted messages. + require: {{ matrix_mautrix_whatsapp_bridge_encryption_require | to_json }} + # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. + # This option is not yet compatible with standard Matrix servers like Synapse and should not be used. + appservice: false + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow_key_sharing: {{ matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow | to_json }} + # Pickle key for encrypting encryption keys in the bridge database. + # If set to generate, a random key will be generated. + pickle_key: {{ matrix_mautrix_whatsapp_bridge_encryption_pickle_key | to_json }} + # Options for deleting megolm sessions from the bridge. + delete_keys: + # Beeper-specific: delete outbound sessions when hungryserv confirms + # that the user has uploaded the key to key backup. + delete_outbound_on_ack: false + # Don't store outbound sessions in the inbound table. + dont_store_outbound: false + # Ratchet megolm sessions forward after decrypting messages. + ratchet_on_decrypt: false + # Delete fully used keys (index >= max_messages) after decrypting messages. + delete_fully_used_on_decrypt: false + # Delete previous megolm sessions from same device when receiving a new one. + delete_prev_on_new_session: false + # Delete megolm sessions received from a device when the device is deleted. + delete_on_device_delete: false + # Periodically delete megolm sessions when 2x max_age has passed since receiving the session. + periodically_delete_expired: false + # Delete inbound megolm sessions that don't have the received_at field used for + # automatic ratcheting and expired session deletion. This is meant as a migration + # to delete old keys prior to the bridge update. + delete_outdated_inbound: false + # What level of device verification should be required from users? + # + # Valid levels: + # unverified - Send keys to all device in the room. + # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys. + # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes). + # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot. + # Note that creating user signatures from the bridge bot is not currently possible. + # verified - Require manual per-device verification + # (currently only possible by modifying the `trust` column in the `crypto_device` database table). + verification_levels: + # Minimum level for which the bridge should send keys to when bridging messages from the remote network to Matrix. + receive: unverified + # Minimum level that the bridge should accept for incoming Matrix messages. + send: unverified + # Minimum level that the bridge should require for accepting key requests. + share: cross-signed-tofu + # Options for Megolm room key rotation. These options allow you to configure the m.room.encryption event content. + # See https://spec.matrix.org/v1.10/client-server-api/#mroomencryption for more information about that event. + rotation: + # Enable custom Megolm room key rotation settings. Note that these + # settings will only apply to rooms created after this option is set. + enable_custom: false + # The maximum number of milliseconds a session should be used + # before changing it. The Matrix spec recommends 604800000 (a week) + # as the default. + milliseconds: 604800000 + # The maximum number of messages that should be sent with a given a + # session before changing it. The Matrix spec recommends 100 as the + # default. + messages: 100 + # Disable rotating keys when a user's devices change? + # You should not enable this option unless you understand all the implications. + disable_device_change_key_rotation: false + +# Logging config. See https://github.com/tulir/zeroconfig for details. logging: - # The directory for log files. Will be created if not found. - directory: ./logs - # Available variables: .Date for the file date and .Index for different log files on the same day. - # Set this to null to disable logging to file. - file_name_format: null - # Date format for file names in the Go time format: https://golang.org/pkg/time/#pkg-constants - file_date_format: "2006-01-02" - # Log file permissions. - file_mode: 0o600 - # Timestamp format for log entries in the Go time format. - timestamp_format: "Jan _2, 2006 15:04:05" - # Minimum severity for log messages printed to stdout/stderr. This doesn't affect the log file. - # Options: debug, info, warn, error, fatal - print_level: {{ matrix_mautrix_whatsapp_logging_level }} + min_level: {{ matrix_mautrix_whatsapp_logging_level | to_json }} + writers: + - type: stdout + format: pretty-colored From 15bc91244a3deadaa091eecca4fea65c8f06ed7b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 17 Oct 2024 17:10:50 +0300 Subject: [PATCH 075/404] Fix typo in variable name Regression since bfc5374fc84d430414ef9b40b050954e390cc0fe --- group_vars/matrix_servers | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 4e7cfa876..0fbda0089 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1969,10 +1969,10 @@ matrix_mautrix_whatsapp_appservice_token: "{{ '%s' | format(matrix_homeserver_ge matrix_mautrix_whatsapp_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}" matrix_mautrix_whatsapp_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'whats.hs.token', rounds=655555) | to_uuid }}" -matrix_mautrix_slack_double_puppet_secrets_auto: |- +matrix_mautrix_whatsapp_double_puppet_secrets_auto: |- {{ { - matrix_mautrix_slack_homeserver_domain: ("as_token:" + matrix_appservice_double_puppet_registration_as_token) + matrix_mautrix_whatsapp_homeserver_domain: ("as_token:" + matrix_appservice_double_puppet_registration_as_token) } if matrix_appservice_double_puppet_enabled else {} From 0261e247e33b46afa985cebe0889afec4b2f85f5 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:23:06 +0900 Subject: [PATCH 076/404] Replace YOUR_DOMAIN with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-go-neb.md | 2 +- docs/configuring-playbook-bot-matrix-reminder-bot.md | 2 +- ...configuring-playbook-bridge-appservice-discord.md | 2 +- docs/configuring-playbook-bridge-appservice-irc.md | 2 +- ...nfiguring-playbook-bridge-appservice-kakaotalk.md | 2 +- docs/configuring-playbook-bridge-beeper-linkedin.md | 4 ++-- docs/configuring-playbook-bridge-go-skype-bridge.md | 2 +- docs/configuring-playbook-bridge-mautrix-discord.md | 2 +- docs/configuring-playbook-bridge-mautrix-facebook.md | 2 +- .../configuring-playbook-bridge-mautrix-gmessages.md | 2 +- ...configuring-playbook-bridge-mautrix-googlechat.md | 2 +- docs/configuring-playbook-bridge-mautrix-hangouts.md | 2 +- .../configuring-playbook-bridge-mautrix-instagram.md | 4 ++-- ...iguring-playbook-bridge-mautrix-meta-instagram.md | 12 ++++++------ ...iguring-playbook-bridge-mautrix-meta-messenger.md | 10 +++++----- docs/configuring-playbook-bridge-mautrix-signal.md | 10 +++++----- docs/configuring-playbook-bridge-mautrix-slack.md | 2 +- docs/configuring-playbook-bridge-mautrix-telegram.md | 2 +- docs/configuring-playbook-bridge-mautrix-twitter.md | 2 +- docs/configuring-playbook-bridge-mautrix-whatsapp.md | 2 +- .../configuring-playbook-bridge-mx-puppet-discord.md | 2 +- .../configuring-playbook-bridge-mx-puppet-groupme.md | 2 +- ...onfiguring-playbook-bridge-mx-puppet-instagram.md | 2 +- docs/configuring-playbook-bridge-mx-puppet-slack.md | 2 +- docs/configuring-playbook-bridge-mx-puppet-steam.md | 2 +- .../configuring-playbook-bridge-mx-puppet-twitter.md | 2 +- docs/configuring-playbook-bridge-wechat.md | 2 +- docs/configuring-playbook-mautrix-bridges.md | 2 +- 28 files changed, 43 insertions(+), 43 deletions(-) diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 0baa972e4..911a20839 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -225,7 +225,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -To use the bot, invite it to any existing Matrix room (`/invite @whatever_you_chose:DOMAIN` where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain, make sure you have permission from the room owner if that's not you). +To use the bot, invite it to any existing Matrix room (`/invite @whatever_you_chose:example.com` where `example.com` is your base domain, not the `matrix.` domain, make sure you have permission from the room owner if that's not you). Basic usage is like this: `!echo hi` or `!imgur puppies` or `!giphy matrix` diff --git a/docs/configuring-playbook-bot-matrix-reminder-bot.md b/docs/configuring-playbook-bot-matrix-reminder-bot.md index 7f5bbf1f1..3336d191a 100644 --- a/docs/configuring-playbook-bot-matrix-reminder-bot.md +++ b/docs/configuring-playbook-bot-matrix-reminder-bot.md @@ -42,7 +42,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-use ## Usage -To use the bot, start a chat with `@bot.matrix-reminder-bot:DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +To use the bot, start a chat with `@bot.matrix-reminder-bot:DOMAIN` (where `example.com` is your base domain, not the `matrix.` domain). You can also add the bot to any existing Matrix room (`/invite @bot.matrix-reminder-bot:DOMAIN`). diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index 12370ad11..8ee106d1f 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -46,7 +46,7 @@ matrix_appservice_discord_bridge_enableSelfServiceBridging: true Once self-service is enabled: -1. Start a chat with `@_discord_bot:` and say `!discord help bridge`. +1. Start a chat with `@_discord_bot:` and say `!discord help bridge`. 2. Follow the instructions in the help output message. If the bot is not already in the Discord server, follow the provided invite link. This may require you to be a administrator of the Discord server. **Note**: Encrypted Matrix rooms are not supported as of writing. diff --git a/docs/configuring-playbook-bridge-appservice-irc.md b/docs/configuring-playbook-bridge-appservice-irc.md index 2dddbf16d..4da559790 100644 --- a/docs/configuring-playbook-bridge-appservice-irc.md +++ b/docs/configuring-playbook-bridge-appservice-irc.md @@ -66,4 +66,4 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -You then need to start a chat with `@irc_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@irc_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index 3c90182a1..4a004eb1a 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -63,7 +63,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage -Start a chat with `@kakaotalkbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +Start a chat with `@kakaotalkbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Send `login --save EMAIL_OR_PHONE_NUMBER` to the bridge bot to enable bridging for your Kakaotalk account. The `--save` flag may be omitted, if you'd rather not save your password. diff --git a/docs/configuring-playbook-bridge-beeper-linkedin.md b/docs/configuring-playbook-bridge-beeper-linkedin.md index cb3a5266c..3aaa01520 100644 --- a/docs/configuring-playbook-bridge-beeper-linkedin.md +++ b/docs/configuring-playbook-bridge-beeper-linkedin.md @@ -28,7 +28,7 @@ If you would like to be able to administrate the bridge from your account it can matrix_beeper_linkedin_configuration_extension_yaml: | bridge: permissions: - '@YOUR_USERNAME:YOUR_DOMAIN': admin + '@YOUR_USERNAME:example.com': admin ``` You may wish to look at `roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2` to find other things you would like to configure. @@ -48,7 +48,7 @@ Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playb ## Usage -You then need to start a chat with `@linkedinbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@linkedinbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Send `login YOUR_LINKEDIN_EMAIL_ADDRESS` to the bridge bot to enable bridging for your LinkedIn account. diff --git a/docs/configuring-playbook-bridge-go-skype-bridge.md b/docs/configuring-playbook-bridge-go-skype-bridge.md index 799a1dd4d..c9001636a 100644 --- a/docs/configuring-playbook-bridge-go-skype-bridge.md +++ b/docs/configuring-playbook-bridge-go-skype-bridge.md @@ -20,7 +20,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage Once the bot is enabled, you need to start a chat with `Skype bridge bot` -with the handle `@skypebridgebot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base +with the handle `@skypebridgebot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Send `help` to the bot to see the commands available. diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 6c25b8652..184addf6b 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -87,7 +87,7 @@ To acquire the token, open Discord in a private browser window. Then open the de ### Bridging -1. Start a chat with `@discordbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +1. Start a chat with `@discordbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). 2. If you would like to login to Discord using a token, send `login-token` command, otherwise, send `login-qr` command. 3. You'll see a QR code which you need to scan with the Discord app on your phone. You can scan it with the camera app too, which will open Discord, which will then instruct you to scan it a 2nd time in the Discord app. 4. After confirming (in the Discord app) that you'd like to allow this login, the bot should respond with "Succcessfully authenticated as ..." diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index 0b3ef7928..e20d1e2e6 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -76,7 +76,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage -You then need to start a chat with `@facebookbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@facebookbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Send `login YOUR_FACEBOOK_EMAIL_ADDRESS` to the bridge bot to enable bridging for your Facebook Messenger account. You can learn more here about authentication from the bridge's [official documentation on Authentication](https://docs.mau.fi/bridges/python/facebook/authentication.html). diff --git a/docs/configuring-playbook-bridge-mautrix-gmessages.md b/docs/configuring-playbook-bridge-mautrix-gmessages.md index ffad8b0b3..e07646743 100644 --- a/docs/configuring-playbook-bridge-mautrix-gmessages.md +++ b/docs/configuring-playbook-bridge-mautrix-gmessages.md @@ -41,4 +41,4 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage -You then need to start a chat with `@gmessagesbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@gmessagesbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). diff --git a/docs/configuring-playbook-bridge-mautrix-googlechat.md b/docs/configuring-playbook-bridge-mautrix-googlechat.md index f326763ed..ed6270c8a 100644 --- a/docs/configuring-playbook-bridge-mautrix-googlechat.md +++ b/docs/configuring-playbook-bridge-mautrix-googlechat.md @@ -44,7 +44,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage -Once the bot is enabled you need to start a chat with `googlechat bridge bot` with handle `@googlechatbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +Once the bot is enabled you need to start a chat with `googlechat bridge bot` with handle `@googlechatbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Send `login` to the bridge bot to receive a link to the portal from which you can enable the bridging. Open the link sent by the bot and follow the instructions. diff --git a/docs/configuring-playbook-bridge-mautrix-hangouts.md b/docs/configuring-playbook-bridge-mautrix-hangouts.md index 6cd88746c..62770fe0b 100644 --- a/docs/configuring-playbook-bridge-mautrix-hangouts.md +++ b/docs/configuring-playbook-bridge-mautrix-hangouts.md @@ -44,7 +44,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage -Once the bot is enabled you need to start a chat with `Hangouts bridge bot` with handle `@hangoutsbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +Once the bot is enabled you need to start a chat with `Hangouts bridge bot` with handle `@hangoutsbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Send `login` to the bridge bot to receive a link to the portal from which you can enable the bridging. Open the link sent by the bot and follow the instructions. diff --git a/docs/configuring-playbook-bridge-mautrix-instagram.md b/docs/configuring-playbook-bridge-mautrix-instagram.md index 34ae70b12..14d25f52f 100644 --- a/docs/configuring-playbook-bridge-mautrix-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-instagram.md @@ -35,7 +35,7 @@ matrix_admin: "@YOUR_USERNAME:{{ matrix_domain }}" matrix_mautrix_instagram_configuration_extension_yaml: | bridge: permissions: - '@YOUR_USERNAME:YOUR_DOMAIN': admin + '@YOUR_USERNAME:example.com': admin ``` You may wish to look at `roles/custom/matrix-bridge-mautrix-instagram/templates/config.yaml.j2` and `roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml` to find other things you would like to configure. @@ -46,7 +46,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -You then need to start a chat with `@instagrambot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@instagrambot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Send `login YOUR_INSTAGRAM_EMAIL_ADDRESS YOUR_INSTAGRAM_PASSWORD` to the bridge bot to enable bridging for your instagram/Messenger account. diff --git a/docs/configuring-playbook-bridge-mautrix-meta-instagram.md b/docs/configuring-playbook-bridge-mautrix-meta-instagram.md index aa0160858..0a644d049 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-instagram.md @@ -11,10 +11,10 @@ This documentation page only deals with the bridge's ability to bridge to Instag If you've been using the [mautrix-instagram](./configuring-playbook-bridge-mautrix-instagram.md) bridge, **you'd better get rid of it first** or the 2 bridges will be in conflict: -- both trying to use `@instagrambot:YOUR_DOMAIN` as their username. This conflict may be resolved by adjusting `matrix_mautrix_instagram_appservice_bot_username` or `matrix_mautrix_meta_instagram_appservice_username` +- both trying to use `@instagrambot:example.com` as their username. This conflict may be resolved by adjusting `matrix_mautrix_instagram_appservice_bot_username` or `matrix_mautrix_meta_instagram_appservice_username` - both trying to bridge the same DMs -To do so, send a `clean-rooms` command to the management room with the old bridge bot (`@instagrambot:YOUR_DOMAIN`). +To do so, send a `clean-rooms` command to the management room with the old bridge bot (`@instagrambot:example.com`). This would give you a list of portals and groups of portals you may purge. Proceed with sending commands like `clean recommended`, etc. @@ -47,17 +47,17 @@ The default permissions are set via `matrix_mautrix_meta_instagram_bridge_permis ```yaml matrix_mautrix_meta_instagram_bridge_permissions_default: '*': relay - YOUR_DOMAIN: user + example.com: user '{{ matrix_admin }}': admin ``` -If you don't define the `matrix_admin` in your configuration (e.g. `matrix_admin: @user:YOUR_DOMAIN`), then there's no admin by default. +If you don't define the `matrix_admin` in your configuration (e.g. `matrix_admin: @user:example.com`), then there's no admin by default. You may redefine `matrix_mautrix_meta_instagram_bridge_permissions_default` any way you see fit, or add extra permissions using `matrix_mautrix_meta_instagram_bridge_permissions_custom` like this: ```yaml matrix_mautrix_meta_instagram_bridge_permissions_custom: - '@YOUR_USERNAME:YOUR_DOMAIN': admin + '@YOUR_USERNAME:example.com': admin ``` You may wish to look at `roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. @@ -91,4 +91,4 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage -You then need to start a chat with `@instagrambot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@instagrambot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). diff --git a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md index 952a7d6f8..ded925ce5 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md @@ -11,7 +11,7 @@ This documentation page only deals with the bridge's ability to bridge to Facebo If you've been using the [mautrix-facebook](./configuring-playbook-bridge-mautrix-facebook.md) bridge, it's possible to migrate the database using [instructions from the bridge documentation](https://docs.mau.fi/bridges/go/meta/facebook-migration.html) (advanced). -Then you may wish to get rid of the Facebook bridge. To do so, send a `clean-rooms` command to the management room with the old bridge bot (`@facebookbot:YOUR_DOMAIN`). +Then you may wish to get rid of the Facebook bridge. To do so, send a `clean-rooms` command to the management room with the old bridge bot (`@facebookbot:example.com`). This would give you a list of portals and groups of portals you may purge. Proceed with sending commands like `clean recommended`, etc. @@ -57,17 +57,17 @@ The default permissions are set via `matrix_mautrix_meta_messenger_bridge_permis ```yaml matrix_mautrix_meta_messenger_bridge_permissions_default: '*': relay - YOUR_DOMAIN: user + example.com: user '{{ matrix_admin }}': admin ``` -If you don't define the `matrix_admin` in your configuration (e.g. `matrix_admin: @user:YOUR_DOMAIN`), then there's no admin by default. +If you don't define the `matrix_admin` in your configuration (e.g. `matrix_admin: @user:example.com`), then there's no admin by default. You may redefine `matrix_mautrix_meta_messenger_bridge_permissions_default` any way you see fit, or add extra permissions using `matrix_mautrix_meta_messenger_bridge_permissions_custom` like this: ```yaml matrix_mautrix_meta_messenger_bridge_permissions_custom: - '@YOUR_USERNAME:YOUR_DOMAIN': admin + '@YOUR_USERNAME:example.com': admin ``` You may wish to look at `roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. @@ -101,7 +101,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage -You then need to start a chat with `@messengerbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@messengerbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). You then need to send a `login` command and follow the bridge bot's instructions. diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index dacdce37f..16227a186 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -32,7 +32,7 @@ The default permissions are set as follows: ```yaml permissions: '*': relay - YOUR_DOMAIN: user + example.com: user ``` If you want to augment the preset permissions, you might want to set the additional permissions with the following settings in your `vars.yml` file: @@ -40,7 +40,7 @@ If you want to augment the preset permissions, you might want to set the additio matrix_mautrix_signal_configuration_extension_yaml: | bridge: permissions: - '@YOUR_USERNAME:YOUR_DOMAIN': admin + '@YOUR_USERNAME:example.com': admin ``` This will add the admin permission to the specific user, while keeping the default permissions. @@ -48,8 +48,8 @@ This will add the admin permission to the specific user, while keeping the defau In case you want to replace the default permissions settings **completely**, populate the following item within your `vars.yml` file: ```yaml matrix_mautrix_signal_bridge_permissions: - '@ADMIN:YOUR_DOMAIN': admin - '@USER:YOUR_DOMAIN' : user + '@ADMIN:example.com': admin + '@USER:example.com' : user ``` You may wish to look at `roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. @@ -83,4 +83,4 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage -You then need to start a chat with `@signalbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@signalbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). diff --git a/docs/configuring-playbook-bridge-mautrix-slack.md b/docs/configuring-playbook-bridge-mautrix-slack.md index 5ce1bdcaa..e2f00d467 100644 --- a/docs/configuring-playbook-bridge-mautrix-slack.md +++ b/docs/configuring-playbook-bridge-mautrix-slack.md @@ -74,7 +74,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage -1. Start a chat with `@slackbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +1. Start a chat with `@slackbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). 2. If you would like to login to Slack using a token, send the `login-token` command, otherwise, send the `login-password` command. Read [here](https://docs.mau.fi/bridges/go/slack/authentication.html) on how to retrieve your token and cookie token. 3. The bot should respond with "Successfully logged into for team " 4. Now that you're logged in, you can send a `help` command to the bot again, to see additional commands you have access to. diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index 82eb6ba52..a556dcffa 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -45,7 +45,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage -You then need to start a chat with `@telegrambot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@telegrambot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). If you want to use the relay-bot feature ([relay bot documentation](https://docs.mau.fi/bridges/python/telegram/relay-bot.html)), which allows anonymous user to chat with telegram users, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: diff --git a/docs/configuring-playbook-bridge-mautrix-twitter.md b/docs/configuring-playbook-bridge-mautrix-twitter.md index 0925cf1b2..60c1a745f 100644 --- a/docs/configuring-playbook-bridge-mautrix-twitter.md +++ b/docs/configuring-playbook-bridge-mautrix-twitter.md @@ -36,7 +36,7 @@ This method is currently not available for the Mautrix-Twitter bridge, but is on ## Usage -1. You then need to start a chat with `@twitterbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +1. You then need to start a chat with `@twitterbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). 2. Send login-cookie to start the login. The bot should respond with instructions on how to proceed. You can learn more here about authentication from the bridge's [official documentation on Authentication](https://docs.mau.fi/bridges/python/twitter/authentication.html). diff --git a/docs/configuring-playbook-bridge-mautrix-whatsapp.md b/docs/configuring-playbook-bridge-mautrix-whatsapp.md index d9cabaa27..ae1d2ea3a 100644 --- a/docs/configuring-playbook-bridge-mautrix-whatsapp.md +++ b/docs/configuring-playbook-bridge-mautrix-whatsapp.md @@ -58,4 +58,4 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage -You then need to start a chat with `@whatsappbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@whatsappbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index d56bf89fb..da987bf2e 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -26,7 +26,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage Once the bot is enabled you need to start a chat with `Discord Puppet Bridge` with -the handle `@_discordpuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base +the handle `@_discordpuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Three authentication methods are available, Legacy Token, OAuth and xoxc token. diff --git a/docs/configuring-playbook-bridge-mx-puppet-groupme.md b/docs/configuring-playbook-bridge-mx-puppet-groupme.md index 37e22ead2..ed38600e4 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-groupme.md +++ b/docs/configuring-playbook-bridge-mx-puppet-groupme.md @@ -20,7 +20,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage Once the bot is enabled you need to start a chat with `GroupMe Puppet Bridge` with -the handle `@_groupmepuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base +the handle `@_groupmepuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). One authentication method is available. diff --git a/docs/configuring-playbook-bridge-mx-puppet-instagram.md b/docs/configuring-playbook-bridge-mx-puppet-instagram.md index dba9b27df..0a61d561f 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-instagram.md +++ b/docs/configuring-playbook-bridge-mx-puppet-instagram.md @@ -20,7 +20,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage Once the bot is enabled, you need to start a chat with `Instagram Puppet Bridge` with -the handle `@_instagrampuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base +the handle `@_instagrampuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Send `link ` to the bridge bot to link your instagram account. diff --git a/docs/configuring-playbook-bridge-mx-puppet-slack.md b/docs/configuring-playbook-bridge-mx-puppet-slack.md index 3f0607513..a2e2fa3c3 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-slack.md +++ b/docs/configuring-playbook-bridge-mx-puppet-slack.md @@ -34,7 +34,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage Once the bot is enabled you need to start a chat with `Slack Puppet Bridge` with -the handle `@_slackpuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base +the handle `@_slackpuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Three authentication methods are available, Legacy Token, OAuth and xoxc token. diff --git a/docs/configuring-playbook-bridge-mx-puppet-steam.md b/docs/configuring-playbook-bridge-mx-puppet-steam.md index e5338b1c7..08b254259 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-steam.md +++ b/docs/configuring-playbook-bridge-mx-puppet-steam.md @@ -20,7 +20,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage Once the bot is enabled you need to start a chat with `Steam Puppet Bridge` with -the handle `@_steampuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base +the handle `@_steampuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Three authentication methods are available, Legacy Token, OAuth and xoxc token. diff --git a/docs/configuring-playbook-bridge-mx-puppet-twitter.md b/docs/configuring-playbook-bridge-mx-puppet-twitter.md index 74b35092d..0d567c56e 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-twitter.md +++ b/docs/configuring-playbook-bridge-mx-puppet-twitter.md @@ -31,7 +31,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage Once the bot is enabled you need to start a chat with `Twitter Puppet Bridge` with -the handle `@_twitterpuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base +the handle `@_twitterpuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). To log in, use `link` and click the link. diff --git a/docs/configuring-playbook-bridge-wechat.md b/docs/configuring-playbook-bridge-wechat.md index c6891de15..c00b9a7fc 100644 --- a/docs/configuring-playbook-bridge-wechat.md +++ b/docs/configuring-playbook-bridge-wechat.md @@ -18,6 +18,6 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -Once the bridge is installed, start a chat with `@wechatbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +Once the bridge is installed, start a chat with `@wechatbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Send `help` to the bot to see the available commands. diff --git a/docs/configuring-playbook-mautrix-bridges.md b/docs/configuring-playbook-mautrix-bridges.md index bffeeff8d..ddb935809 100644 --- a/docs/configuring-playbook-mautrix-bridges.md +++ b/docs/configuring-playbook-mautrix-bridges.md @@ -121,7 +121,7 @@ If you have issues with a service, and are requesting support, the higher levels ## Usage -You then need to start a chat with `@SERVICENAMEbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@SERVICENAMEbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Send `login ` to the bridge bot to get started You can learn more here about authentication from the bridge's official documentation on Authentication https://docs.mau.fi/bridges/python/SERVICENAME/authentication.html . From 59dd88967167625fe7a04214204219b29a44a9b5 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:23:55 +0900 Subject: [PATCH 077/404] Replace with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-discord.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index 8ee106d1f..49834bd42 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -46,7 +46,7 @@ matrix_appservice_discord_bridge_enableSelfServiceBridging: true Once self-service is enabled: -1. Start a chat with `@_discord_bot:` and say `!discord help bridge`. +1. Start a chat with `@_discord_bot:example.com` and say `!discord help bridge`. 2. Follow the instructions in the help output message. If the bot is not already in the Discord server, follow the provided invite link. This may require you to be a administrator of the Discord server. **Note**: Encrypted Matrix rooms are not supported as of writing. From 7779b747ea466acad9e39f25a6cd88b1fbbe6e9b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 10 Oct 2024 22:15:01 +0900 Subject: [PATCH 078/404] =?UTF-8?q?Edit=20user=20identifier=20example=20(d?= =?UTF-8?q?omain.com=20=E2=86=92=20example.com)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-baibot.md | 2 +- docs/configuring-playbook-bot-postmoogle.md | 4 ++-- docs/faq.md | 6 +++--- docs/updating-users-passwords.md | 4 ++-- examples/reverse-proxies/nginx/README.md | 2 +- roles/custom/matrix-bot-chatgpt/defaults/main.yml | 2 +- roles/custom/matrix-dendrite/templates/dendrite.yaml.j2 | 2 +- roles/custom/matrix-dimension/defaults/main.yml | 2 +- .../matrix-synapse/templates/synapse/homeserver.yaml.j2 | 2 +- 9 files changed, 13 insertions(+), 13 deletions(-) diff --git a/docs/configuring-playbook-bot-baibot.md b/docs/configuring-playbook-bot-baibot.md index 1832ef42b..e13c9c81e 100644 --- a/docs/configuring-playbook-bot-baibot.md +++ b/docs/configuring-playbook-bot-baibot.md @@ -93,7 +93,7 @@ If `matrix_admin` is already configured in your `vars.yml` configuration, you ca # # .. unless you've made yourself an admin of all bots/bridges like this: # -# matrix_admin: '@yourAdminAccount:domain.com' +# matrix_admin: '@yourAdminAccount:example.com' ``` ### 👥 Initial users configuration diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 4a794f9b9..8674a8641 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -39,11 +39,11 @@ matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT # Uncomment to add one or more admins to this bridge: # # matrix_bot_postmoogle_admins: -# - '@yourAdminAccount:domain.com' +# - '@yourAdminAccount:example.com' # # .. unless you've made yourself an admin of all bots/bridges like this: # -# matrix_admin: '@yourAdminAccount:domain.com' +# matrix_admin: '@yourAdminAccount:example.com' ``` ### DNS diff --git a/docs/faq.md b/docs/faq.md index d0cc9d8c1..50dcdaaf6 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -25,11 +25,11 @@ You don't just use the "email" protocols (SMTP, POP3, IMAP) directly though. The In the world of the Matrix chat protocol, there are various client programs. The first and currently most full-featured one is called [Element](https://element.io/) (used to be called Riot.im and Vector.im in the past). There are [many other clients](https://matrix.org/clients/). You can switch clients as much as you want until you find the one that is right for you on a given platform (you may use Element on your desktop, but Fluffychat on your phone, etc). -Matrix is also like email due to the fact that there are many servers around the world which can all talk to each other (you can send email from `@gmail.com` addresses to `@yahoo.com` and `@hotmail.com` addresses). It's the same with Matrix (`@bob:his-domain.com` can talk to `@alice:her-domain.org`). +Matrix is also like email due to the fact that there are many servers around the world which can all talk to each other (you can send email from `@gmail.com` addresses to `@yahoo.com` and `@hotmail.com` addresses). It's the same with Matrix (`@bob:example.com` can talk to `@alice:example.org`). If someone else is hosting your Matrix server (you being `@user:matrix.org` or some other public server like this), all you need is a Matrix client program, like Element. -If you'd like to host your own server (you being `@user:your-own-domain.com`), you'd need to set up a Matrix server program, like Synapse. +If you'd like to host your own server (you being `@user:example.com`), you'd need to set up a Matrix server program, like Synapse. In short: @@ -57,7 +57,7 @@ There are 3 ways to get into Matrix, depending on your technical ability and nee - **using some other server** - instead of using the largest public server (`matrix.org`), you can use another public one. Here's a [list of public Matrix servers](https://joinmatrix.org/servers/) to choose from. Again, you download [Element](https://element.io) or [some other client](https://matrix.org/clients/) of your choosing and adjust the homeserver URL during login. -- **using your own server** - running your own server puts you in ultimate control of your data. It also lets you have your own user identifiers (e.g. `@bob:your-domain.com`). See [How do I set up my own Matrix server](#how-do-i-set-up-my-own-matrix-server). +- **using your own server** - running your own server puts you in ultimate control of your data. It also lets you have your own user identifiers (e.g. `@bob:example.com`). See [How do I set up my own Matrix server](#how-do-i-set-up-my-own-matrix-server). ### How do I set up my own Matrix server? diff --git a/docs/updating-users-passwords.md b/docs/updating-users-passwords.md index 49e05ce5f..953045b3a 100644 --- a/docs/updating-users-passwords.md +++ b/docs/updating-users-passwords.md @@ -39,7 +39,7 @@ This requires an [access token](obtaining-access-tokens.md) from a server admin If you didn't make your account a server admin when you created it, you can learn how to switch it now by reading about it in [Adding/Removing Administrator privileges to an existing Synapse user](registering-users.md#addingremoving-administrator-privileges-to-an-existing-synapse-user). ### Example: -To set @user:domain.com's password to `correct_horse_battery_staple` you could use this curl command: +To set @user:example.com's password to `correct_horse_battery_staple` you could use this curl command: ``` -curl -XPOST -d '{ "new_password": "correct_horse_battery_staple" }' "https://matrix./_matrix/client/r0/admin/reset_password/@user:domain.com?access_token=MDA...this_is_my_access_token +curl -XPOST -d '{ "new_password": "correct_horse_battery_staple" }' "https://matrix.example.com/_matrix/client/r0/admin/reset_password/@user:example.com?access_token=MDA...this_is_my_access_token ``` diff --git a/examples/reverse-proxies/nginx/README.md b/examples/reverse-proxies/nginx/README.md index fd7df72af..be52550e5 100644 --- a/examples/reverse-proxies/nginx/README.md +++ b/examples/reverse-proxies/nginx/README.md @@ -14,4 +14,4 @@ Copy the [matrix.conf](matrix.conf) file to your nginx server's filesystem, modi This configuration **disables SSL certificate retrieval**, so you will **need to obtain SSL certificates manually** (e.g. by using [certbot](https://certbot.eff.org/)) and set the appropriate path in `matrix.conf`. In the example nginx configuration, a single certificate is used for all subdomains (`matrix.DOMAIN`, `element.DOMAIN`, etc.). For your setup, may wish to change this and use separate `server` blocks and separate certificate files for each host. -Also note that your copy of the `matrix.conf` file has to be adapted to whatever services you are using. For example, remove `element.domain.com` from the `server_name` list if you don't use [Element](../../../docs/configuring-playbook-client-element.md) web client or add `dimension.domain.com` to it if you do use the [Dimension](../../../docs/configuring-playbook-dimension.md) integration manager. \ No newline at end of file +Also note that your copy of the `matrix.conf` file has to be adapted to whatever services you are using. For example, remove `element.example.com` from the `server_name` list if you don't use [Element](../../../docs/configuring-playbook-client-element.md) web client or add `dimension.example.com` to it if you do use the [Dimension](../../../docs/configuring-playbook-dimension.md) integration manager. diff --git a/roles/custom/matrix-bot-chatgpt/defaults/main.yml b/roles/custom/matrix-bot-chatgpt/defaults/main.yml index 09d73a602..8d1bc733c 100644 --- a/roles/custom/matrix-bot-chatgpt/defaults/main.yml +++ b/roles/custom/matrix-bot-chatgpt/defaults/main.yml @@ -73,7 +73,7 @@ matrix_bot_chatgpt_matrix_default_prefix_reply: false # MATRIX_DEFAULT_PREFIX_R # Matrix Access Control (optional) # # Lists of space-separated entries. Example: -# matrix_bot_chatgpt_matrix_whitelist: ":{{ matrix_domain }} :second-domain.com :third-domain.com" +# matrix_bot_chatgpt_matrix_whitelist: ":{{ matrix_domain }} :second-example.com :third-example.com" matrix_bot_chatgpt_matrix_blacklist: '' matrix_bot_chatgpt_matrix_whitelist: ':{{ matrix_domain }}' diff --git a/roles/custom/matrix-dendrite/templates/dendrite.yaml.j2 b/roles/custom/matrix-dendrite/templates/dendrite.yaml.j2 index 02c08b9e7..a0502c5f1 100644 --- a/roles/custom/matrix-dendrite/templates/dendrite.yaml.j2 +++ b/roles/custom/matrix-dendrite/templates/dendrite.yaml.j2 @@ -213,7 +213,7 @@ client_api: threshold: {{ matrix_dendrite_client_api_rate_limiting_threshold | to_json }} cooloff_ms: {{ matrix_dendrite_client_api_rate_limiting_cooloff_ms | to_json }} exempt_user_ids: - # - "@user:domain.com" + # - "@user:example.com" # Configuration for the Federation API. federation_api: diff --git a/roles/custom/matrix-dimension/defaults/main.yml b/roles/custom/matrix-dimension/defaults/main.yml index 11bd00d0d..1a19e9452 100644 --- a/roles/custom/matrix-dimension/defaults/main.yml +++ b/roles/custom/matrix-dimension/defaults/main.yml @@ -16,7 +16,7 @@ matrix_dimension_path_prefix: / # For information on how to acquire an access token, visit https://t2bot.io/docs/access_tokens matrix_dimension_access_token: "" -# Users in form: ['@user1:domain.com', '@user2:domain.com'] +# Users in form: ['@user1:example.com', '@user2:example.com'] matrix_dimension_admins: [] # Whether to allow Dimension widgets serve websites with invalid or self signed SSL certificates diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 9bb0bea75..3f7b8acd9 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -691,7 +691,7 @@ tls_private_key_path: {{ matrix_synapse_tls_private_key_path|to_json }} # #federation_certificate_verification_whitelist: # - lon.example.com -# - "*.domain.com" +# - "*.example.com" # - "*.onion" # List of custom certificate authorities for federation traffic. From c02aba2724379f0a849afc7a888ba10caa237ed4 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:25:30 +0900 Subject: [PATCH 079/404] Replace mydomain.com with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-traefik.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-traefik.md b/docs/configuring-playbook-traefik.md index 0a3c534eb..3b49a8bb9 100644 --- a/docs/configuring-playbook-traefik.md +++ b/docs/configuring-playbook-traefik.md @@ -57,9 +57,9 @@ However, if your service does not run on a container or runs on another machine, ## Reverse-proxying a remote HTTP/HTTPS service behind Traefik -If you want to host another webserver would be reachable via `my-fancy-website.mydomain.com` from the internet and via `https://:` from inside your network, you can make the playbook's integrated Traefik instance reverse-proxy the traffic to the correct host. +If you want to host another webserver would be reachable via `my-fancy-website.example.com` from the internet and via `https://:` from inside your network, you can make the playbook's integrated Traefik instance reverse-proxy the traffic to the correct host. -Prerequisites: DNS and routing for the domain `my-fancy-website.mydomain.com` need to be set up correctly. In this case, you'd be pointing the domain name to your Matrix server - `my-fancy-website.mydomain.com` would be a CNAME going to `matrix.example.com`. +Prerequisites: DNS and routing for the domain `my-fancy-website.example.com` need to be set up correctly. In this case, you'd be pointing the domain name to your Matrix server - `my-fancy-website.example.com` would be a CNAME going to `matrix.example.com`. First, we have to adjust the static configuration of Traefik, so that we can add additional configuration files: @@ -99,7 +99,7 @@ aux_file_definitions: http: routers: webserver-router: - rule: Host(`my_fancy_website.mydomain.com`) + rule: Host(`my_fancy_website.example.com`) service: webserver-service tls: certResolver: default @@ -122,7 +122,7 @@ aux_file_definitions: tcp: routers: webserver-router: - rule: Host(`my_fancy_website.mydomain.com`) + rule: Host(`my_fancy_website.example.com`) service: webserver-service tls: passthrough: true From 532babc55b51ebb3acd1b2459c38f3c05b0dd5a2 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:27:32 +0900 Subject: [PATCH 080/404] Replace yourdomain.com with example.com Signed-off-by: Suguru Hirahara --- roles/custom/matrix-media-repo/defaults/main.yml | 4 ++-- .../matrix-media-repo/templates/media-repo/media-repo.yaml.j2 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/custom/matrix-media-repo/defaults/main.yml b/roles/custom/matrix-media-repo/defaults/main.yml index 45bc1b5cd..7f1ce62c4 100755 --- a/roles/custom/matrix-media-repo/defaults/main.yml +++ b/roles/custom/matrix-media-repo/defaults/main.yml @@ -366,9 +366,9 @@ matrix_media_repo_access_tokens_use_local_appservice_config: false # { # id: "Name_of_appservice_for_your_reference", # asToken: "Secret_token_for_appservices_to_use", -# senderUserId: "@_example_bridge:yourdomain.com", +# senderUserId: "@_example_bridge:example.com", # userNamespaces: [ -# regex: "@_example_bridge_.+:yourdomain.com" +# regex: "@_example_bridge_.+:example.com" # # A note about regexes: it is best to suffix *all* namespaces with the homeserver # # domain users are valid for, as otherwise the appservice can use any user with # # any domain name it feels like, even if that domain is not configured with the diff --git a/roles/custom/matrix-media-repo/templates/media-repo/media-repo.yaml.j2 b/roles/custom/matrix-media-repo/templates/media-repo/media-repo.yaml.j2 index f8597f265..30ab8cee5 100644 --- a/roles/custom/matrix-media-repo/templates/media-repo/media-repo.yaml.j2 +++ b/roles/custom/matrix-media-repo/templates/media-repo/media-repo.yaml.j2 @@ -153,9 +153,9 @@ accessTokens: # appservices: # - id: Name_of_appservice_for_your_reference # asToken: Secret_token_for_appservices_to_use -# senderUserId: "@_example_bridge:yourdomain.com" +# senderUserId: "@_example_bridge:example.com" # userNamespaces: -# - regex: "@_example_bridge_.+:yourdomain.com" +# - regex: "@_example_bridge_.+:example.com" # # A note about regexes: it is best to suffix *all* namespaces with the homeserver # # domain users are valid for, as otherwise the appservice can use any user with # # any domain name it feels like, even if that domain is not configured with the From e54d66053ccbdec30d7f3d96b19b24f97583d675 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:29:43 +0900 Subject: [PATCH 081/404] Replace with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-webhooks.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md index 7d38ae871..d10f451b9 100644 --- a/docs/configuring-playbook-bridge-appservice-webhooks.md +++ b/docs/configuring-playbook-bridge-appservice-webhooks.md @@ -39,7 +39,7 @@ matrix_synapse_configuration_extension_yaml: | 6. Invite the bridge bot user to your room: - - either with `/invite @_webhook:` (**Note**: Make sure you have administration permissions in your room) + - either with `/invite @_webhook:example.com` (**Note**: Make sure you have administration permissions in your room) - or simply add the bridge bot to a private channel (personal channels imply you being an administrator) From ef8cf740a1a5cb7c364b194ab6b54b0fbfd1fa35 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:30:27 +0900 Subject: [PATCH 082/404] Replace mydomain.tld with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-ldap-auth.md | 4 ++-- roles/custom/matrix-synapse/defaults/main.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-ldap-auth.md b/docs/configuring-playbook-ldap-auth.md index 8a9898e05..cc07f396f 100644 --- a/docs/configuring-playbook-ldap-auth.md +++ b/docs/configuring-playbook-ldap-auth.md @@ -9,8 +9,8 @@ If you decide that you'd like to let this playbook install it for you, add the f ```yaml matrix_synapse_ext_password_provider_ldap_enabled: true matrix_synapse_ext_password_provider_ldap_uri: - - "ldap://ldap-01.mydomain.tld:389" - - "ldap://ldap-02.mydomain.tld:389" + - "ldap://ldap-01.example.com:389" + - "ldap://ldap-02.example.com:389" matrix_synapse_ext_password_provider_ldap_start_tls: true matrix_synapse_ext_password_provider_ldap_base: "ou=users,dc=example,dc=com" matrix_synapse_ext_password_provider_ldap_attributes_uid: "uid" diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 64872e0fd..c7489fa50 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -1153,7 +1153,7 @@ matrix_synapse_ext_password_provider_shared_secret_config_yaml: | # Enable this to activate LDAP password provider matrix_synapse_ext_password_provider_ldap_enabled: false -matrix_synapse_ext_password_provider_ldap_uri: "ldap://ldap.mydomain.tld:389" +matrix_synapse_ext_password_provider_ldap_uri: "ldap://ldap.example.com:389" matrix_synapse_ext_password_provider_ldap_start_tls: true matrix_synapse_ext_password_provider_ldap_mode: "search" matrix_synapse_ext_password_provider_ldap_base: "" From 288a711af6182fae90c29e606ceaadebeb274d70 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:31:12 +0900 Subject: [PATCH 083/404] Replace domain.tld with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-go-neb.md | 2 +- docs/configuring-well-known.md | 8 ++++---- roles/custom/matrix-bot-go-neb/defaults/main.yml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 911a20839..5e01d83dd 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -207,7 +207,7 @@ matrix_bot_go_neb_services: webhook_url: "http://localhost/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2U" # Each room will get the notification with the alert rendered with the given template rooms: - "!someroomid:domain.tld": + "!someroomid:example.com": text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}" html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} [FIRING - CRITICAL] {{ else if eq $severity \"warning\"}} [FIRING - WARNING] {{ else }} [FIRING - {{ $severity }}] {{ end }} {{ else }} [RESOLVED] {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} source
{{end -}}{% endraw %}" msg_type: "m.text" # Must be either `m.text` or `m.notice` diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 1237c96f3..fb5ec1b18 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -50,15 +50,15 @@ matrix_static_files_file_matrix_support_enabled: true # Homeserver admin contacts as per MSC 1929 https://github.com/matrix-org/matrix-spec-proposals/pull/1929 matrix_static_files_file_matrix_support_property_m_contacts: - matrix_id: "@admin1:{{ matrix_domain }}" - email_address: admin@domain.tld + email_address: admin@example.com role: m.role.admin - matrix_id: "@admin2:{{ matrix_domain }}" - email_address: admin2@domain.tld + email_address: admin2@example.com role: m.role.admin - - email_address: security@domain.tld + - email_address: security@example.com role: m.role.security -matrix_static_files_file_matrix_support_property_m_support_page: "https://example.domain.tld/support" +matrix_static_files_file_matrix_support_property_m_support_page: "https://example.example.com/support" ``` To learn how to set up `/.well-known/matrix/support` for the base domain, read the Installing section below. diff --git a/roles/custom/matrix-bot-go-neb/defaults/main.yml b/roles/custom/matrix-bot-go-neb/defaults/main.yml index 39622b398..866e756ad 100644 --- a/roles/custom/matrix-bot-go-neb/defaults/main.yml +++ b/roles/custom/matrix-bot-go-neb/defaults/main.yml @@ -321,7 +321,7 @@ matrix_bot_go_neb_services: [] # webhook_url: "http://localhost/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2U" # # Each room will get the notification with the alert rendered with the given template # rooms: -# "!someroomid:domain.tld": +# "!someroomid:example.com": # text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}" # html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\"}} {{ if eq .Status \"firing\"}} {{ if eq $severity \"critical\"}} [FIRING - CRITICAL] {{ else if eq $severity \"warning\"}} [FIRING - WARNING] {{ else }} [FIRING - {{ $severity }}] {{ end }} {{ else }} [RESOLVED] {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} source
{{end -}}{% endraw %}" # msg_type: "m.text" # Must be either `m.text` or `m.notice` From d218e9315563678db788d679b79e796c9eb560fc Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:32:32 +0900 Subject: [PATCH 084/404] Replace example.tld with example.com Signed-off-by: Suguru Hirahara --- examples/reverse-proxies/caddy2-in-container/Caddyfile | 8 ++++---- examples/reverse-proxies/caddy2-in-container/README.md | 2 +- examples/reverse-proxies/caddy2/Caddyfile | 8 ++++---- examples/reverse-proxies/caddy2/README.md | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/examples/reverse-proxies/caddy2-in-container/Caddyfile b/examples/reverse-proxies/caddy2-in-container/Caddyfile index 9f1128c2f..10df00d46 100644 --- a/examples/reverse-proxies/caddy2-in-container/Caddyfile +++ b/examples/reverse-proxies/caddy2-in-container/Caddyfile @@ -1,4 +1,4 @@ -matrix.example.tld { +matrix.example.com { handle { encode zstd gzip @@ -14,7 +14,7 @@ matrix.example.tld { } # Put `https://` at the beginning to enforce https protocol as 8448 is not the default https port (which is 443) -https://matrix.example.tld:8448 { +https://matrix.example.com:8448 { handle { encode zstd gzip @@ -29,14 +29,14 @@ https://matrix.example.tld:8448 { } -example.tld { +example.com { # Uncomment this if you are following "(Option 3): Setting up reverse-proxying of the well-known files from the base domain's server to the Matrix server" of https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-well-known.md#option-3-setting-up-reverse-proxying-of-the-well-known-files-from-the-base-domains-server-to-the-matrix-server @wellknown { path /.well-known/matrix/* } handle @wellknown { - reverse_proxy https://matrix.example.tld { + reverse_proxy https://matrix.example.com { header_up Host {http.reverse_proxy.upstream.hostport} } } diff --git a/examples/reverse-proxies/caddy2-in-container/README.md b/examples/reverse-proxies/caddy2-in-container/README.md index 7a294f7ce..925547f4e 100644 --- a/examples/reverse-proxies/caddy2-in-container/README.md +++ b/examples/reverse-proxies/caddy2-in-container/README.md @@ -14,6 +14,6 @@ Then, adjust your Caddy `docker-compose.yaml` file (if you're using docker-comp ## Using the Caddyfile You can either just use the [Caddyfile](Caddyfile) directly or append its content to your own Caddyfile. -In both cases make sure to replace all the `example.tld` domains with your own domain. +In both cases make sure to replace all the `example.com` domains with your own domain. This example does not include additional services like Element, but you should be able copy the first block and replace the `matrix.` subdomain with the subdomain of the some other service (e.g. `element.`). diff --git a/examples/reverse-proxies/caddy2/Caddyfile b/examples/reverse-proxies/caddy2/Caddyfile index 2ffcea520..c63b794ca 100644 --- a/examples/reverse-proxies/caddy2/Caddyfile +++ b/examples/reverse-proxies/caddy2/Caddyfile @@ -1,4 +1,4 @@ -matrix.example.tld { +matrix.example.com { handle { encode zstd gzip @@ -12,7 +12,7 @@ matrix.example.tld { } } -matrix.example.tld:8448 { +matrix.example.com:8448 { handle { encode zstd gzip @@ -26,14 +26,14 @@ matrix.example.tld:8448 { } -example.tld { +example.com { # Uncomment this if you are following "(Option 3): Setting up reverse-proxying of the well-known files from the base domain's server to the Matrix server" of https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-well-known.md#option-3-setting-up-reverse-proxying-of-the-well-known-files-from-the-base-domains-server-to-the-matrix-server @wellknown { path /.well-known/matrix/* } handle @wellknown { - reverse_proxy https://matrix.example.tld { + reverse_proxy https://matrix.example.com { header_up Host {http.reverse_proxy.upstream.hostport} } } diff --git a/examples/reverse-proxies/caddy2/README.md b/examples/reverse-proxies/caddy2/README.md index 8ec8fb3eb..0c73fce5d 100644 --- a/examples/reverse-proxies/caddy2/README.md +++ b/examples/reverse-proxies/caddy2/README.md @@ -11,6 +11,6 @@ To get started, first follow the [front the integrated reverse-proxy webserver w ## Using the Caddyfile You can either just use the [Caddyfile](Caddyfile) directly or append its content to your own Caddyfile. -In both cases make sure to replace all the `example.tld` domains with your own domain. +In both cases make sure to replace all the `example.com` domains with your own domain. This example does not include additional services like element, but you should be able copy the first block and replace the matrix subdomain with the additional services subdomain. I have not tested this though. From b2d840482a9ae38582284c1cf6489653fb2b45ea Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:34:57 +0900 Subject: [PATCH 085/404] Replace domain names on roles/custom/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 Signed-off-by: Suguru Hirahara --- .../templates/config.yaml.j2 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 b/roles/custom/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 index 8502ae753..f6075388f 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 +++ b/roles/custom/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 @@ -39,9 +39,9 @@ allowlist: enabled: {{ matrix_bot_matrix_reminder_bot_allowlist_enabled | to_json }} # A list of MXID regexes to be allowed # To allow a certain homeserver: - # regexes: ["@[a-z0-9-_.]+:myhomeserver.tld"] + # regexes: ["@[a-z0-9-_.]+:example.com"] # To allow a set of users: - # regexes: ["@alice:someserver.tld", "@bob:anotherserver.tld"] + # regexes: ["@alice:example.net", "@bob:example.org"] # To allow nobody (same as blocking every MXID): # regexes: [] regexes: {{ matrix_bot_matrix_reminder_bot_allowlist_regexes | to_json }} @@ -53,9 +53,9 @@ blocklist: enabled: {{ matrix_bot_matrix_reminder_bot_blocklist_enabled | to_json }} # A list of MXID regexes to be blocked # To block a certain homeserver: - # regexes: [".*:myhomeserver.tld"] + # regexes: [".*:example.com"] # To block a set of users: - # regexes: ["@alice:someserver.tld", "@bob:anotherserver.tld"] + # regexes: ["@alice:example.net", "@bob:example.org"] # To block absolutely everyone (same as allowing nobody): # regexes: [".*"] regexes: {{ matrix_bot_matrix_reminder_bot_blocklist_regexes | to_json }} From fe238474a5acdbeb18cbad85d84376823c3bf521 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:36:41 +0900 Subject: [PATCH 086/404] Replace matrix-homeserver-domain with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-appservice-draupnir-for-all.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-appservice-draupnir-for-all.md b/docs/configuring-playbook-appservice-draupnir-for-all.md index b3ffe05f3..6205fd872 100644 --- a/docs/configuring-playbook-appservice-draupnir-for-all.md +++ b/docs/configuring-playbook-appservice-draupnir-for-all.md @@ -59,7 +59,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -If you made it through all the steps above and your main control room was joined by a user called `@draupnir-main:matrix-homeserver-domain` you have succesfully installed Draupnir for All and can now start using it. +If you made it through all the steps above and your main control room was joined by a user called `@draupnir-main:example.com` you have succesfully installed Draupnir for All and can now start using it. The installation of Draupnir for all in this playbook is very much Alpha quality. Usage-wise, Draupnir for allis almost identical to Draupnir bot mode. @@ -69,11 +69,11 @@ Draupnir for all includes several security measures like that it only allows use The bot requires a powerlevel of 50 in the management room to control who is allowed to use the bot. The bot does currently not say anything if this is true or false. (This is considered a bug and is documented in issue [#297](https://github.com/the-draupnir-project/Draupnir/issues/297)) -To allow users or whole homeservers you type /plain @draupnir-main:matrix-homeserver-domain allow `target` and target can be either a MXID or a wildcard like `@*:example.com` to allow all users on example.com to register. We use /plain to force the client to not attempt to mess with this command as it can break Wildcard commands especially. +To allow users or whole homeservers you type /plain @draupnir-main:example.com allow `target` and target can be either a MXID or a wildcard like `@*:example.com` to allow all users on example.com to register. We use /plain to force the client to not attempt to mess with this command as it can break Wildcard commands especially. ### 2. How to provision a D4A once you are allowed to. -Open a DM with @draupnir-main:matrix-homeserver-domain and if using Element send a message into this DM to finalise creating it. The bot will reject this invite and you will shortly get invited to the Draupnir control room for your newly provisioned Draupnir. From here its just a normal Draupnir experience. +Open a DM with @draupnir-main:example.com and if using Element send a message into this DM to finalise creating it. The bot will reject this invite and you will shortly get invited to the Draupnir control room for your newly provisioned Draupnir. From here its just a normal Draupnir experience. Congratulations if you made it all the way here because you now have a fully working Draupnir for all deployment. From 02e0c2c3e051c78884898f0060c45ace9e81e3c4 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 10 Oct 2024 03:45:16 +0900 Subject: [PATCH 087/404] =?UTF-8?q?Edit=20user=20identifier=20example:=20D?= =?UTF-8?q?OMAIN=20=E2=86=92=20{{=20matrix=5Fdomain=20}}?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-buscarron.md | 2 +- docs/configuring-playbook-bot-honoroit.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index fc9c28675..e04ce58e2 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -44,7 +44,7 @@ matrix_bot_buscarron_password: PASSWORD_FOR_THE_BOT # Adjust accepted forms matrix_bot_buscarron_forms: - name: contact # (mandatory) Your form name, will be used as endpoint, eg: buscarron.DOMAIN/contact - room: "!yourRoomID:DOMAIN" # (mandatory) Room ID where form submission will be posted + room: "!yourRoomID:{{ matrix_domain }}" # (mandatory) Room ID where form submission will be posted redirect: https://DOMAIN # (mandatory) To what page user will be redirected after the form submission ratelimit: 1r/m # (optional) rate limit of the form, format: r/, eg: 1r/s or 54r/m hasemail: 1 # (optional) form has "email" field that should be validated diff --git a/docs/configuring-playbook-bot-honoroit.md b/docs/configuring-playbook-bot-honoroit.md index 459f7be4d..9f88ee8dd 100644 --- a/docs/configuring-playbook-bot-honoroit.md +++ b/docs/configuring-playbook-bot-honoroit.md @@ -25,7 +25,7 @@ matrix_bot_honoroit_enabled: true matrix_bot_honoroit_password: PASSWORD_FOR_THE_BOT # Adjust this to your room ID -matrix_bot_honoroit_roomid: "!yourRoomID:DOMAIN" +matrix_bot_honoroit_roomid: "!yourRoomID:{{ matrix_domain }}" ``` From 95ab7fabd02ba43bd11644ad27dade90b1530260 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 10 Oct 2024 22:17:04 +0900 Subject: [PATCH 088/404] =?UTF-8?q?Edit=20user=20identifier=20example:=20e?= =?UTF-8?q?xample.com=20=E2=86=92=20{{=20matrix=5Fdomain=20}}?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-baibot.md | 2 +- docs/configuring-playbook-bot-postmoogle.md | 4 ++-- roles/custom/matrix-dendrite/templates/dendrite.yaml.j2 | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bot-baibot.md b/docs/configuring-playbook-bot-baibot.md index e13c9c81e..86785d3c3 100644 --- a/docs/configuring-playbook-bot-baibot.md +++ b/docs/configuring-playbook-bot-baibot.md @@ -93,7 +93,7 @@ If `matrix_admin` is already configured in your `vars.yml` configuration, you ca # # .. unless you've made yourself an admin of all bots/bridges like this: # -# matrix_admin: '@yourAdminAccount:example.com' +# matrix_admin: '@yourAdminAccount:{{ matrix_domain }}' ``` ### 👥 Initial users configuration diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 8674a8641..35f141a4d 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -39,11 +39,11 @@ matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT # Uncomment to add one or more admins to this bridge: # # matrix_bot_postmoogle_admins: -# - '@yourAdminAccount:example.com' +# - '@yourAdminAccount:{{ matrix_domain }}' # # .. unless you've made yourself an admin of all bots/bridges like this: # -# matrix_admin: '@yourAdminAccount:example.com' +# matrix_admin: '@yourAdminAccount:{{ matrix_domain }}' ``` ### DNS diff --git a/roles/custom/matrix-dendrite/templates/dendrite.yaml.j2 b/roles/custom/matrix-dendrite/templates/dendrite.yaml.j2 index a0502c5f1..4f1c02f21 100644 --- a/roles/custom/matrix-dendrite/templates/dendrite.yaml.j2 +++ b/roles/custom/matrix-dendrite/templates/dendrite.yaml.j2 @@ -213,7 +213,7 @@ client_api: threshold: {{ matrix_dendrite_client_api_rate_limiting_threshold | to_json }} cooloff_ms: {{ matrix_dendrite_client_api_rate_limiting_cooloff_ms | to_json }} exempt_user_ids: - # - "@user:example.com" + # - "@user:{{ matrix_domain }}" # Configuration for the Federation API. federation_api: From f6e118bb4c97218df613909599954192d8ccfc15 Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Thu, 17 Oct 2024 18:35:58 +0300 Subject: [PATCH 089/404] synapse-admin v0.10.3-etke20: access token login --- roles/custom/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index be19ada16..271d32eeb 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git" # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin -matrix_synapse_admin_version: v0.10.3-etke19 +matrix_synapse_admin_version: v0.10.3-etke20 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From 90cfdabb2b227e2c613c3eb9d337cb04aa22bd17 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:17:56 +0900 Subject: [PATCH 090/404] Replace DOMAIN with example.com Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 38 +++++++------- docs/configuring-captcha.md | 2 +- ...figuring-playbook-alertmanager-receiver.md | 8 +-- ...uring-playbook-appservice-double-puppet.md | 2 +- ...ng-playbook-appservice-draupnir-for-all.md | 4 +- docs/configuring-playbook-backup-borg.md | 2 +- ...onfiguring-playbook-base-domain-serving.md | 12 ++--- docs/configuring-playbook-bot-baibot.md | 8 +-- docs/configuring-playbook-bot-buscarron.md | 14 +++--- docs/configuring-playbook-bot-chatgpt.md | 4 +- docs/configuring-playbook-bot-draupnir.md | 16 +++--- docs/configuring-playbook-bot-go-neb.md | 6 +-- docs/configuring-playbook-bot-honoroit.md | 4 +- ...ng-playbook-bot-matrix-registration-bot.md | 6 +-- ...guring-playbook-bot-matrix-reminder-bot.md | 6 +-- docs/configuring-playbook-bot-maubot.md | 2 +- docs/configuring-playbook-bot-mjolnir.md | 12 ++--- docs/configuring-playbook-bot-postmoogle.md | 4 +- ...figuring-playbook-bridge-appservice-irc.md | 2 +- ...ng-playbook-bridge-appservice-kakaotalk.md | 2 +- ...guring-playbook-bridge-appservice-slack.md | 8 +-- ...iguring-playbook-bridge-beeper-linkedin.md | 2 +- ...iguring-playbook-bridge-go-skype-bridge.md | 2 +- ...onfiguring-playbook-bridge-heisenbridge.md | 4 +- docs/configuring-playbook-bridge-hookshot.md | 4 +- ...uring-playbook-bridge-matrix-bridge-sms.md | 2 +- ...iguring-playbook-bridge-mautrix-discord.md | 2 +- ...guring-playbook-bridge-mautrix-facebook.md | 4 +- ...uring-playbook-bridge-mautrix-gmessages.md | 2 +- ...ring-playbook-bridge-mautrix-googlechat.md | 2 +- ...guring-playbook-bridge-mautrix-hangouts.md | 2 +- ...uring-playbook-bridge-mautrix-instagram.md | 2 +- ...-playbook-bridge-mautrix-meta-instagram.md | 2 +- ...-playbook-bridge-mautrix-meta-messenger.md | 2 +- ...figuring-playbook-bridge-mautrix-signal.md | 2 +- ...nfiguring-playbook-bridge-mautrix-slack.md | 2 +- ...guring-playbook-bridge-mautrix-telegram.md | 6 +-- ...iguring-playbook-bridge-mautrix-twitter.md | 2 +- ...guring-playbook-bridge-mautrix-whatsapp.md | 2 +- ...iguring-playbook-bridge-mautrix-wsproxy.md | 4 +- ...uring-playbook-bridge-mx-puppet-discord.md | 2 +- ...uring-playbook-bridge-mx-puppet-groupme.md | 2 +- ...ing-playbook-bridge-mx-puppet-instagram.md | 2 +- ...iguring-playbook-bridge-mx-puppet-slack.md | 4 +- ...iguring-playbook-bridge-mx-puppet-steam.md | 2 +- ...uring-playbook-bridge-mx-puppet-twitter.md | 2 +- docs/configuring-playbook-bridge-wechat.md | 2 +- docs/configuring-playbook-cactus-comments.md | 2 +- docs/configuring-playbook-client-cinny.md | 8 +-- docs/configuring-playbook-client-hydrogen.md | 8 +-- ...configuring-playbook-client-schildichat.md | 8 +-- docs/configuring-playbook-dimension.md | 2 +- docs/configuring-playbook-dynamic-dns.md | 2 +- docs/configuring-playbook-email.md | 2 +- docs/configuring-playbook-email2matrix.md | 6 +-- docs/configuring-playbook-etherpad.md | 10 ++-- .../configuring-playbook-external-postgres.md | 2 +- docs/configuring-playbook-federation.md | 2 +- docs/configuring-playbook-jitsi.md | 20 ++++---- docs/configuring-playbook-ldap-auth.md | 2 +- docs/configuring-playbook-ma1sd.md | 6 +-- docs/configuring-playbook-matrix-corporal.md | 2 +- ...playbook-matrix-ldap-registration-proxy.md | 2 +- .../configuring-playbook-matrix-media-repo.md | 4 +- ...onfiguring-playbook-matrix-registration.md | 6 +-- docs/configuring-playbook-mautrix-bridges.md | 8 +-- docs/configuring-playbook-ntfy.md | 4 +- docs/configuring-playbook-own-webserver.md | 4 +- docs/configuring-playbook-pantalaimon.md | 2 +- docs/configuring-playbook-postgres-backup.md | 2 +- ...configuring-playbook-prometheus-grafana.md | 22 ++++---- ...onfiguring-playbook-prometheus-nginxlog.md | 4 +- ...onfiguring-playbook-prometheus-postgres.md | 4 +- docs/configuring-playbook-rageshake.md | 6 +-- docs/configuring-playbook-rest-auth.md | 2 +- docs/configuring-playbook-riot-web.md | 8 +-- docs/configuring-playbook-s3-goofys.md | 2 +- docs/configuring-playbook-s3.md | 4 +- ...configuring-playbook-shared-secret-auth.md | 2 +- ...configuring-playbook-sliding-sync-proxy.md | 6 +-- docs/configuring-playbook-ssl-certificates.md | 4 +- docs/configuring-playbook-sygnal.md | 8 +-- docs/configuring-playbook-synapse-admin.md | 4 +- ...ing-playbook-synapse-auto-accept-invite.md | 2 +- ...guring-playbook-synapse-auto-compressor.md | 2 +- ...guring-playbook-synapse-simple-antispam.md | 2 +- ...iguring-playbook-synapse-usage-exporter.md | 4 +- docs/configuring-playbook-synapse.md | 4 +- docs/configuring-playbook-telemetry.md | 2 +- docs/configuring-playbook-traefik.md | 2 +- docs/configuring-playbook-turn.md | 2 +- ...ring-playbook-user-verification-service.md | 2 +- docs/faq.md | 50 +++++++++---------- docs/maintenance-and-troubleshooting.md | 2 +- docs/maintenance-migrating.md | 2 +- docs/maintenance-synapse.md | 2 +- docs/obtaining-access-tokens.md | 8 +-- docs/registering-users.md | 4 +- examples/reverse-proxies/apache/README.md | 4 +- .../apache/matrix-client-element.conf | 16 +++--- .../reverse-proxies/apache/matrix-domain.conf | 26 +++++----- .../nginx-proxy-manager/README.md | 10 ++-- examples/reverse-proxies/nginx/README.md | 2 +- group_vars/matrix_servers | 2 +- .../defaults/main.yml | 2 +- roles/custom/matrix-base/defaults/main.yml | 2 +- .../matrix-base/tasks/validate_config.yml | 2 +- .../matrix-bot-chatgpt/defaults/main.yml | 2 +- .../matrix-bot-chatgpt/templates/env.j2 | 2 +- .../tasks/validate_config.yml | 2 +- .../defaults/main.yml | 6 +-- .../defaults/main.yml | 6 +-- .../matrix-media-repo/defaults/main.yml | 2 +- .../matrix-registration/defaults/main.yml | 2 +- .../matrix-sliding-sync/defaults/main.yml | 2 +- .../matrix-static-files/defaults/main.yml | 4 +- .../defaults/main.yml | 2 +- roles/custom/matrix-synapse/defaults/main.yml | 4 +- 118 files changed, 304 insertions(+), 304 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 54535161d..8085178f3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -195,7 +195,7 @@ matrix_synapse_admin_config_restrictBaseUrl: [] ## The URL-prefix for Hookshot generic webhooks has changed -Until now, generic Hookshot webhook URLs looked like this: `https://matrix.DOMAIN/hookshot/webhooks/:hookId`. +Until now, generic Hookshot webhook URLs looked like this: `https://matrix.example.com/hookshot/webhooks/:hookId`. The `/hookshot/webhooks` common prefix gets stripped by Traefik automatically, so Hookshot only sees the part that comes after (`/:hookId`). @@ -331,7 +331,7 @@ Refer to our new [Tuning caches and cache autotuning](docs/maintenance-synapse.m This only affects people who are [Serving a static website at the base domain](./docs/configuring-playbook-base-domain-serving.md#serving-a-static-website-at-the-base-domain), but not managing its `index.html` through the playbook. -That is, for people who have `matrix_static_files_file_index_html_enabled: false` in their `vars.yml` configuration, the playbook has a new default behavior. Since the playbook is not managing the `index.html` file, it will default to a more sensible way of handling the base domain - redirecting `https://DOMAIN/` to `https://matrix.DOMAIN/`, instead of serving a 404 page. +That is, for people who have `matrix_static_files_file_index_html_enabled: false` in their `vars.yml` configuration, the playbook has a new default behavior. Since the playbook is not managing the `index.html` file, it will default to a more sensible way of handling the base domain - redirecting `https://example.com/` to `https://matrix.example.com/`, instead of serving a 404 page. If you are managing your static website by yourself (by dropping files into `/matrix/static-files/public` somehow), then you probably don't wish for such redirection to happen. You can disable it by adding `matrix_static_files_container_labels_base_domain_root_path_redirection_enabled: false` to your `vars.yml` configuration file. @@ -448,7 +448,7 @@ To perform this new role, Traefik now has a new internal [entrypoint](https://do Doing so, services can contact Traefik on this entrypoint's dedicated port (the URL defaults to `http://matrix-traefik:8008`) and reach the homeserver Client-Server API as they expect. Internally, Traefik takes care of the routing to the correct service. -We've also considered keeping it simple and having services talk to the homeserver over the public internet (e.g. `https://matrix.DOMAIN`) thus reusing all existing Traefik routing labels. In this scenario, performance was incredibly poor (e.g. 70 rps, instead of 1400 rps) due to TLS and networking overhead. The need for fast internal communication (via the new internal non-TLS-enabled Traefik entrypoint) is definitely there. In our benchmarks, Traefik even proved more efficient than nginx at doing this: ~1200 rps for Traefik compared to ~900 rps for nginx (out of ~1400 rps when talking to the Synapse homeserver directly). +We've also considered keeping it simple and having services talk to the homeserver over the public internet (e.g. `https://matrix.example.com`) thus reusing all existing Traefik routing labels. In this scenario, performance was incredibly poor (e.g. 70 rps, instead of 1400 rps) due to TLS and networking overhead. The need for fast internal communication (via the new internal non-TLS-enabled Traefik entrypoint) is definitely there. In our benchmarks, Traefik even proved more efficient than nginx at doing this: ~1200 rps for Traefik compared to ~900 rps for nginx (out of ~1400 rps when talking to the Synapse homeserver directly). Traefik serving this second purpose has a few downsides: @@ -1378,15 +1378,15 @@ Various services (like Dimension, etc.) still talk to Synapse via `matrix-nginx- ## (Backward Compatibility Break) A new default standalone mode for Etherpad -Until now, [Etherpad](https://etherpad.org/) (which [the playbook could install for you](docs/configuring-playbook-etherpad.md)) required the [Dimension integration manager](docs/configuring-playbook-dimension.md) to also be installed, because Etherpad was hosted on the Dimension domain (at `dimension.DOMAIN/etherpad`). +Until now, [Etherpad](https://etherpad.org/) (which [the playbook could install for you](docs/configuring-playbook-etherpad.md)) required the [Dimension integration manager](docs/configuring-playbook-dimension.md) to also be installed, because Etherpad was hosted on the Dimension domain (at `dimension.example.com/etherpad`). -From now on, Etherpad can be installed in `standalone` mode on `etherpad.DOMAIN` and used even without Dimension. This is much more versatile, so the playbook now defaults to this new mode (`etherpad_mode: standalone`). +From now on, Etherpad can be installed in `standalone` mode on `etherpad.example.com` and used even without Dimension. This is much more versatile, so the playbook now defaults to this new mode (`etherpad_mode: standalone`). If you've already got both Etherpad and Dimension in use you could: - **either** keep hosting Etherpad under the Dimension domain by adding `etherpad_mode: dimension` to your `vars.yml` file. All your existing room widgets will continue working at the same URLs and no other changes will be necessary. -- **or**, you could change to hosting Etherpad separately on `etherpad.DOMAIN`. You will need to [configure a DNS record](docs/configuring-dns.md) for this new domain. You will also need to reconfigure Dimension to use the new pad URLs (`https://etherpad.DOMAIN/...`) going forward (refer to our [configuring Etherpad documentation](docs/configuring-playbook-etherpad.md)). All your existing room widgets (which still use `https://dimension.DOMAIN/etherpad/...`) will break as Etherpad is not hosted there anymore. You will need to re-add them or to consider not using `standalone` mode +- **or**, you could change to hosting Etherpad separately on `etherpad.example.com`. You will need to [configure a DNS record](docs/configuring-dns.md) for this new domain. You will also need to reconfigure Dimension to use the new pad URLs (`https://etherpad.example.com/...`) going forward (refer to our [configuring Etherpad documentation](docs/configuring-playbook-etherpad.md)). All your existing room widgets (which still use `https://dimension.example.com/etherpad/...`) will break as Etherpad is not hosted there anymore. You will need to re-add them or to consider not using `standalone` mode # 2022-11-04 @@ -1665,26 +1665,26 @@ See our [Setting up the ntfy push notifications server](docs/configuring-playboo **TLDR**: we've made extensive **changes to metrics exposure/collection, which concern people using an external Prometheus server**. If you don't know what that is, you don't need to read below. -**Why do major changes to metrics**? Because various services were exposing metrics in different, hacky, ways. Synapse was exposing metrics at `/_synapse/metrics` and `/_synapse-worker-.../metrics` on the `matrix.DOMAIN`. The Hookshot role was **repurposing** the Granana web UI domain (`stats.DOMAIN`) for exposing its metrics on `stats.DOMAIN/hookshot/metrics`, while protecting these routes using Basic Authentication **normally used for Synapse** (`/_synapse/metrics`). Node-exporter and Postgres-exporter roles were advising for more `stats.DOMAIN` usage in manual ways. Each role was doing things differently and mixing variables from other roles. Each metrics endpoint was ending up in a different place, protected by who knows what Basic Authentication credentials (if protected at all). +**Why do major changes to metrics**? Because various services were exposing metrics in different, hacky, ways. Synapse was exposing metrics at `/_synapse/metrics` and `/_synapse-worker-.../metrics` on the `matrix.example.com`. The Hookshot role was **repurposing** the Granana web UI domain (`stats.example.com`) for exposing its metrics on `stats.example.com/hookshot/metrics`, while protecting these routes using Basic Authentication **normally used for Synapse** (`/_synapse/metrics`). Node-exporter and Postgres-exporter roles were advising for more `stats.example.com` usage in manual ways. Each role was doing things differently and mixing variables from other roles. Each metrics endpoint was ending up in a different place, protected by who knows what Basic Authentication credentials (if protected at all). -**The solution**: a completely revamped way to expose metrics to an external Prometheus server. We are **introducing new `https://matrix.DOMAIN/metrics/*` endpoints**, where various services *can* expose their metrics, for collection by external Prometheus servers. To enable the `/metrics/*` endpoints, use `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`. There's also a way to protect access using [Basic Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication). See the `matrix-nginx-proxy` role or our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation for additional variables around `matrix_nginx_proxy_proxy_matrix_metrics_enabled`. +**The solution**: a completely revamped way to expose metrics to an external Prometheus server. We are **introducing new `https://matrix.example.com/metrics/*` endpoints**, where various services *can* expose their metrics, for collection by external Prometheus servers. To enable the `/metrics/*` endpoints, use `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`. There's also a way to protect access using [Basic Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication). See the `matrix-nginx-proxy` role or our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation for additional variables around `matrix_nginx_proxy_proxy_matrix_metrics_enabled`. **If you are using the [Hookshot bridge](docs/configuring-playbook-bridge-hookshot.md)**, you may find that: 1. **Metrics may not be enabled by default anymore**: - If Prometheus is enabled (`prometheus_enabled: true`), then Hookshot metrics will be enabled automatically (`matrix_hookshot_metrics_enabled: true`). These metrics will be collected from the local (in-container) Prometheus over the container network. - **If Prometheus is not enabled** (you are either not using Prometheus or are using an external one), **Hookshot metrics will not be enabled by default anymore**. Feel free to enable them by setting `matrix_hookshot_metrics_enabled: true`. Also, see below. -2. When metrics are meant to be **consumed by an external Prometheus server**, `matrix_hookshot_metrics_proxying_enabled` needs to be set to `true`, so that metrics would be exposed (proxied) "publicly" on `https://matrix.DOMAIN/metrics/hookshot`. To make use of this, you'll also need to enable the new `https://matrix.DOMAIN/metrics/*` endpoints mentioned above, using `matrix_nginx_proxy_proxy_matrix_metrics_enabled`. Learn more in our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation. -3. **We've changed the URL we're exposing Hookshot metrics at** for external Prometheus servers. Until now, you were advised to consume Hookshot metrics from `https://stats.DOMAIN/hookshot/metrics` (working in conjunction with `matrix_nginx_proxy_proxy_synapse_metrics`). From now on, **this no longer works**. As described above, you need to start consuming metrics from `https://matrix.DOMAIN/metrics/hookshot`. +2. When metrics are meant to be **consumed by an external Prometheus server**, `matrix_hookshot_metrics_proxying_enabled` needs to be set to `true`, so that metrics would be exposed (proxied) "publicly" on `https://matrix.example.com/metrics/hookshot`. To make use of this, you'll also need to enable the new `https://matrix.example.com/metrics/*` endpoints mentioned above, using `matrix_nginx_proxy_proxy_matrix_metrics_enabled`. Learn more in our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation. +3. **We've changed the URL we're exposing Hookshot metrics at** for external Prometheus servers. Until now, you were advised to consume Hookshot metrics from `https://stats.example.com/hookshot/metrics` (working in conjunction with `matrix_nginx_proxy_proxy_synapse_metrics`). From now on, **this no longer works**. As described above, you need to start consuming metrics from `https://matrix.example.com/metrics/hookshot`. -**If you're using node-exporter** (`matrix_prometheus_node_exporter_enabled: true`) and would like to collect its metrics from an external Prometheus server, see `matrix_prometheus_node_exporter_metrics_proxying_enabled` described in our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation. You will be able to collect its metrics from `https://matrix.DOMAIN/metrics/node-exporter`. +**If you're using node-exporter** (`matrix_prometheus_node_exporter_enabled: true`) and would like to collect its metrics from an external Prometheus server, see `matrix_prometheus_node_exporter_metrics_proxying_enabled` described in our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation. You will be able to collect its metrics from `https://matrix.example.com/metrics/node-exporter`. -**If you're using [postgres-exporter](docs/configuring-playbook-prometheus-postgres.md)** (`prometheus_postgres_exporter_enabled: true`) and would like to collect its metrics from an external Prometheus server, see `matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_metrics_proxying_enabled` described in our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation. You will be able to collect its metrics from `https://matrix.DOMAIN/metrics/postgres-exporter`. +**If you're using [postgres-exporter](docs/configuring-playbook-prometheus-postgres.md)** (`prometheus_postgres_exporter_enabled: true`) and would like to collect its metrics from an external Prometheus server, see `matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_metrics_proxying_enabled` described in our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation. You will be able to collect its metrics from `https://matrix.example.com/metrics/postgres-exporter`. **If you're using Synapse** and would like to collect its metrics from an external Prometheus server, you may find that: 1. Exposing metrics is now done using `matrix_synapse_metrics_proxying_enabled`, not `matrix_nginx_proxy_proxy_synapse_metrics: true`. You may still need to enable metrics using `matrix_synapse_metrics_enabled: true` before exposing them. 2. Protecting metrics endpoints using [Basic Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) is now done in another way. See our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation -3. If Synapse metrics are exposed, they will be made available at `https://matrix.DOMAIN/metrics/synapse/main-process` or `https://matrix.DOMAIN/metrics/synapse/worker/TYPE-ID` (when workers are enabled), not at `https://matrix.DOMAIN/_synapse/metrics` and `https://matrix.DOMAIN/_synapse-worker-.../metrics` +3. If Synapse metrics are exposed, they will be made available at `https://matrix.example.com/metrics/synapse/main-process` or `https://matrix.example.com/metrics/synapse/worker/TYPE-ID` (when workers are enabled), not at `https://matrix.example.com/_synapse/metrics` and `https://matrix.example.com/_synapse-worker-.../metrics` 4. The playbook still generates an `external_prometheus.yml.example` sample file for scraping Synapse from Prometheus as described in [Collecting Synapse worker metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-synapse-worker-metrics-to-an-external-prometheus-server), but it's now saved under `/matrix/synapse` (not `/matrix`). **If you where already using a external Prometheus server** before this change, and you gave a hashed version of the password as a variable, the playbook will now take care of hashing the password for you. Thus, you need to provide the non-hashed version now. @@ -2074,7 +2074,7 @@ Thanks to [@Peetz0r](https://github.com/Peetz0r), the playbook can now install a To get get these installed, follow our [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](docs/configuring-playbook-prometheus-grafana.md) docs page. -This update comes with a **potential breaking change** for people who were already exposing Synapse metrics (for consumption via another Prometheus installation). From now on, `matrix_synapse_metrics_enabled: true` no longer exposes metrics publicly via matrix-nginx-proxy (at `https://matrix.DOMAIN/_synapse/metrics`). To do so, you'd need to explicitly set `matrix_nginx_proxy_proxy_synapse_metrics: true`. +This update comes with a **potential breaking change** for people who were already exposing Synapse metrics (for consumption via another Prometheus installation). From now on, `matrix_synapse_metrics_enabled: true` no longer exposes metrics publicly via matrix-nginx-proxy (at `https://matrix.example.com/_synapse/metrics`). To do so, you'd need to explicitly set `matrix_nginx_proxy_proxy_synapse_metrics: true`. # 2021-01-31 @@ -2122,7 +2122,7 @@ To migrate to the new setup, expect a few minutes of downtime, while you follow 2. Generate a strong password to be used for your superuser Postgres user (called `matrix`). You can use `pwgen -s 64 1` to generate it, or some other tool. The **maximum length** for a Postgres password is 100 bytes (characters). Don't go crazy! -3. Update your playbook's `inventory/host_vars/matrix.DOMAIN/vars.yml` file, adding a line like this: +3. Update your playbook's `inventory/host_vars/matrix.example.com/vars.yml` file, adding a line like this: ```yaml matrix_postgres_connection_password: 'YOUR_POSTGRES_PASSWORD_HERE' ``` @@ -2404,11 +2404,11 @@ To learn more, follow our [Dynamic DNS docs page](docs/configuring-playbook-dyna # 2020-10-28 -## (Compatibility Break) https://matrix.DOMAIN/ now redirects to https://element.DOMAIN/ +## (Compatibility Break) https://matrix.example.com/ now redirects to https://element.example.com/ -Until now, we used to serve a static page coming from Synapse at `https://matrix.DOMAIN/`. This page was not very useful to anyone. +Until now, we used to serve a static page coming from Synapse at `https://matrix.example.com/`. This page was not very useful to anyone. -Since `matrix.DOMAIN` may be accessed by regular users in certain conditions, it's probably better to redirect them to a better place (e.g. to the [Element](docs/configuring-playbook-client-element.md) client). +Since `matrix.example.com` may be accessed by regular users in certain conditions, it's probably better to redirect them to a better place (e.g. to the [Element](docs/configuring-playbook-client-element.md) client). If Element is installed (`matrix_client_element_enabled: true`, which it is by default), we now redirect people to it, instead of showing them a Synapse static page. @@ -2420,7 +2420,7 @@ To restore the old behavior of not redirecting anywhere and serving the Synapse ## (Compatibility Break) /_synapse/admin is no longer publicly exposed by default -We used to expose the Synapse Admin APIs publicly (at `https://matrix.DOMAIN/_synapse/admin`). +We used to expose the Synapse Admin APIs publicly (at `https://matrix.example.com/_synapse/admin`). These APIs require authentication with a valid access token, so it's not that big a deal to expose them. However, following [official Synapse's reverse-proxying recommendations](https://github.com/element-hq/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints), we're no longer exposing `/_synapse/admin` by default. diff --git a/docs/configuring-captcha.md b/docs/configuring-captcha.md index 1989d66ee..8d46891d0 100644 --- a/docs/configuring-captcha.md +++ b/docs/configuring-captcha.md @@ -16,7 +16,7 @@ Must be a reCAPTCHA **v2** key using the "I'm not a robot" Checkbox option ### Setting ReCaptcha keys -Once registered as above, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Once registered as above, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml # for Synapse diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index fbd50e85f..b7952c3bc 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -10,7 +10,7 @@ This service is meant to be used with an external [Alertmanager](https://prometh ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yml matrix_alertmanager_receiver_enabled: true @@ -33,10 +33,10 @@ matrix_alertmanager_receiver_config_matrix_access_token: '' # Optionally, configure some mappings (URL-friendly room name -> actual Matrix room ID). # # If you don't configure mappings, you can still deliver alerts using URLs like this: -# https://matrix.DOMAIN/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!some-room-id:example.com +# https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!some-room-id:example.com # # If a mapping like the one below is configured, you can deliver alerts using friendlier URLs like this: -# https://matrix.DOMAIN/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/some-room-name +# https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/some-room-name matrix_alertmanager_receiver_config_matrix_room_mapping: some-room-name: "!some-room-id:{{ matrix_domain }}" ``` @@ -89,6 +89,6 @@ route: - receiver: matrix ``` -.. where `URL_HERE` looks like `https://matrix.DOMAIN/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/some-room-name` or `https://matrix.DOMAIN/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!some-room-id:DOMAIN`. +.. where `URL_HERE` looks like `https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/some-room-name` or `https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!some-room-id:example.com`. This bot does **not** accept room invitations automatically (like many other bots do). To deliver messages to rooms, **the bot must be joined to all rooms manually** - see Step 5 of the [Account and room preparation](#account-and-room-preparation) section. diff --git a/docs/configuring-playbook-appservice-double-puppet.md b/docs/configuring-playbook-appservice-double-puppet.md index 5e0886a30..814f34b9a 100644 --- a/docs/configuring-playbook-appservice-double-puppet.md +++ b/docs/configuring-playbook-appservice-double-puppet.md @@ -8,7 +8,7 @@ Previously, bridges supported performing [double-puppeting](https://docs.mau.fi/ ## Adjusting the playbook configuration -To enable the Appservice Double Puppet service, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the Appservice Double Puppet service, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yml matrix_appservice_double_puppet_enabled: true diff --git a/docs/configuring-playbook-appservice-draupnir-for-all.md b/docs/configuring-playbook-appservice-draupnir-for-all.md index 6205fd872..760c3e751 100644 --- a/docs/configuring-playbook-appservice-draupnir-for-all.md +++ b/docs/configuring-playbook-appservice-draupnir-for-all.md @@ -38,7 +38,7 @@ Give the room from step 1 an alias. This alias can be anything you want and its ### 3. Adjusting the playbook configuration. -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): You must replace `ALIAS_FROM_STEP_2_GOES_HERE` with the alias you created in step 2. @@ -83,7 +83,7 @@ You can refer to the upstream [documentation](https://github.com/the-draupnir-pr Please note that Config extension does not affect the appservices config as this config is not extensible in current Draupnir anyways. Config extension instead touches the config passed to the Draupnirs that your Appservice creates. So for example below makes all provisioned Draupnirs protect all joined rooms. -You can configure additional options by adding the `matrix_appservice_draupnir_for_all_extension_yaml` variable to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file. +You can configure additional options by adding the `matrix_appservice_draupnir_for_all_extension_yaml` variable to your `inventory/host_vars/matrix.example.com/vars.yml` file. For example to change draupnir's `protectAllJoinedRooms` option to `true` you would add the following to your `vars.yml` file. diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index a1158b5e5..cf5f66482 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -35,7 +35,7 @@ cat PUBKEY | ssh USER@HOST 'dd of=.ssh/authorized_keys oflag=append conv=notrunc ## Adjusting the playbook configuration -Minimal working configuration (`inventory/host_vars/matrix.DOMAIN/vars.yml`) to enable borg backup: +Minimal working configuration (`inventory/host_vars/matrix.example.com/vars.yml`) to enable borg backup: ```yaml backup_borg_enabled: true diff --git a/docs/configuring-playbook-base-domain-serving.md b/docs/configuring-playbook-base-domain-serving.md index e294a672c..f999d50fc 100644 --- a/docs/configuring-playbook-base-domain-serving.md +++ b/docs/configuring-playbook-base-domain-serving.md @@ -1,7 +1,7 @@ # Serving the base domain -This playbook sets up services on your Matrix server (`matrix.DOMAIN`). -To have this server officially be responsible for Matrix services for the base domain (`DOMAIN`), you need to set up [Server Delegation](howto-server-delegation.md). +This playbook sets up services on your Matrix server (`matrix.example.com`). +To have this server officially be responsible for Matrix services for the base domain (`example.com`), you need to set up [Server Delegation](howto-server-delegation.md). This is normally done by [configuring well-known](configuring-well-known.md) files on the base domain. People who don't have a separate server to dedicate to the base domain have trouble arranging this. @@ -14,7 +14,7 @@ Usually, there are 2 options: This documentation page tells you how to do the latter. With some easy changes, we make it possible to serve the base domain from the Matrix server via the integrated webserver. -Just **adjust your DNS records**, so that your base domain is pointed to the Matrix server's IP address (using a DNS `A` record) **and then add the following configuration** to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Just **adjust your DNS records**, so that your base domain is pointed to the Matrix server's IP address (using a DNS `A` record) **and then add the following configuration** to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_static_files_container_labels_base_domain_enabled: true @@ -26,7 +26,7 @@ Doing this, the playbook will: - serve the `/.well-known/matrix/*` files which are necessary for [Federation Server Discovery](configuring-well-known.md#introduction-to-client-server-discovery) (also see [Server Delegation](howto-server-delegation.md)) and [Client-Server discovery](configuring-well-known.md#introduction-to-client-server-discovery) -- serve a simple homepage at `https://DOMAIN` with content `Hello from DOMAIN` (configurable via the `matrix_static_files_file_index_html_template` variable). You can also [serve a more complicated static website](#serving-a-static-website-at-the-base-domain). +- serve a simple homepage at `https://example.com` with content `Hello from example.com` (configurable via the `matrix_static_files_file_index_html_template` variable). You can also [serve a more complicated static website](#serving-a-static-website-at-the-base-domain). ## Serving a static website at the base domain @@ -43,7 +43,7 @@ matrix_static_files_container_labels_base_domain_enabled: true # Prevent the default index.html file from being installed matrix_static_files_file_index_html_enabled: false -# Disable the automatic redirectin of `https://DOMAIN/` to `https://matrix.DOMAIN/`. +# Disable the automatic redirectin of `https://example.com/` to `https://matrix.example.com/`. # This gets automatically enabled when you disable `matrix_static_files_file_index_html_enabled`, as we're doing above. matrix_static_files_container_labels_base_domain_root_path_redirection_enabled: false ``` @@ -65,7 +65,7 @@ You have 2 options. - [configuring Matrix Delegation via well-known](./configuring-well-known.md) **Another way is to serve the base domain from another (your own) container on the Matrix server**. This involves: -- telling the playbook to only serve `BASE_DOMAIN/.well-known/matrix` files by adjusting your `vars.yml` configuration like this: +- telling the playbook to only serve `example.com/.well-known/matrix` files by adjusting your `vars.yml` configuration like this: - keep `matrix_static_files_container_labels_base_domain_enabled: true` - add an extra: `matrix_static_files_container_labels_base_domain_traefik_path_prefix: /.well-known/matrix` - building and running a new container on the Matrix server: diff --git a/docs/configuring-playbook-bot-baibot.md b/docs/configuring-playbook-bot-baibot.md index 86785d3c3..5b3c5af4d 100644 --- a/docs/configuring-playbook-bot-baibot.md +++ b/docs/configuring-playbook-bot-baibot.md @@ -33,7 +33,7 @@ Depending on your current `vars.yml` file and desired configuration, **you may r ### Base configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_bot_baibot_enabled: true @@ -82,7 +82,7 @@ To specify who is considered a bot [👮‍♂️ Administrator](https://github. If `matrix_admin` is already configured in your `vars.yml` configuration, you can skip this section. -**If necessary**, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +**If necessary**, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yml # Uncomment to add one or more admins to this bridge: @@ -111,7 +111,7 @@ Configuring `matrix_bot_baibot_config_initial_global_config_user_patterns` is op **Note**: Once initially configured, the allowed users list **cannot be managed via Ansible anymore**. It can only be managed subsequently via bot commands. -**If necessary**, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +**If necessary**, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yml # Uncomment and adjust the bot users if necessary: @@ -391,7 +391,7 @@ just run-tags install-all,ensure-matrix-users-created,start ## Usage -To use the bot, invite the `@baibot:DOMAIN` bot user into a room. +To use the bot, invite the `@baibot:example.com` bot user into a room. If you're an allowed bot [👥 user](https://github.com/etkecc/baibot/blob/main/docs/access.md#user) (see [👥 Initial users configuration](#-initial-users-configuration)), the bot will accept your invitation and join the room. diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index e04ce58e2..fb01bb2ae 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -7,12 +7,12 @@ Buscarron is bot that receives HTTP POST submissions of web forms and forwards t ## Decide on a domain and path -By default, Buscarron is configured to use its own dedicated domain (`buscarron.DOMAIN`) and requires you to [adjust your DNS records](#adjusting-dns-records). +By default, Buscarron is configured to use its own dedicated domain (`buscarron.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). You can override the domain and path like this: ```yaml -# Switch to the domain used for Matrix services (`matrix.DOMAIN`), +# Switch to the domain used for Matrix services (`matrix.example.com`), # so we won't need to add additional DNS records for Buscarron. matrix_bot_buscarron_hostname: "{{ matrix_server_fqn_matrix }}" @@ -30,7 +30,7 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_bot_buscarron_enabled: true @@ -43,9 +43,9 @@ matrix_bot_buscarron_password: PASSWORD_FOR_THE_BOT # Adjust accepted forms matrix_bot_buscarron_forms: - - name: contact # (mandatory) Your form name, will be used as endpoint, eg: buscarron.DOMAIN/contact + - name: contact # (mandatory) Your form name, will be used as endpoint, eg: buscarron.example.com/contact room: "!yourRoomID:{{ matrix_domain }}" # (mandatory) Room ID where form submission will be posted - redirect: https://DOMAIN # (mandatory) To what page user will be redirected after the form submission + redirect: https://example.com # (mandatory) To what page user will be redirected after the form submission ratelimit: 1r/m # (optional) rate limit of the form, format: r/, eg: 1r/s or 54r/m hasemail: 1 # (optional) form has "email" field that should be validated extensions: [] # (optional) list of form extensions (not used yet) @@ -71,10 +71,10 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-use ## Usage -To use the bot, invite the `@bot.buscarron:DOMAIN` to the room you specified in a config, after that any point your form to the form url, example for the `contact` form: +To use the bot, invite the `@bot.buscarron:example.com` to the room you specified in a config, after that any point your form to the form url, example for the `contact` form: ```html -
+
``` diff --git a/docs/configuring-playbook-bot-chatgpt.md b/docs/configuring-playbook-bot-chatgpt.md index eace08d66..100b1060c 100644 --- a/docs/configuring-playbook-bot-chatgpt.md +++ b/docs/configuring-playbook-bot-chatgpt.md @@ -31,7 +31,7 @@ To make sure the bot can read encrypted messages, it will need an encryption key ## 3. Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml matrix_bot_chatgpt_enabled: true @@ -66,6 +66,6 @@ ansible-playbook -i inventory/hosts setup.yml --tags=install-all,start ## Usage -To use the bot, invite the `@bot.chatgpt:DOMAIN` to the room you specified in a config, after that start speaking to it, use the prefix if you configured one or mention the bot. +To use the bot, invite the `@bot.chatgpt:example.com` to the room you specified in a config, after that start speaking to it, use the prefix if you configured one or mention the bot. You can also refer to the upstream [documentation](https://github.com/matrixgpt/matrix-chatgpt-bot). diff --git a/docs/configuring-playbook-bot-draupnir.md b/docs/configuring-playbook-bot-draupnir.md index 95540ffe9..a591f96ed 100644 --- a/docs/configuring-playbook-bot-draupnir.md +++ b/docs/configuring-playbook-bot-draupnir.md @@ -47,9 +47,9 @@ Using your own account, create a new invite only room that you will use to manag If you make the management room encrypted (E2EE), then you MUST enable and use Pantalaimon (see below). -Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!QvgVuKq0ha8glOLGMG:DOMAIN`. +Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!QvgVuKq0ha8glOLGMG:example.com`. -Finally invite the `@bot.draupnir:DOMAIN` account you created earlier into the room. +Finally invite the `@bot.draupnir:example.com` account you created earlier into the room. ## 5. Adjusting the playbook configuration @@ -60,7 +60,7 @@ Decide whether you want Draupnir to be capable of operating in end-to-end encryp When using Pantalaimon, Draupnir will log in to its bot account itself through Pantalaimon, so configure its username and password. -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml # Enable Pantalaimon. See docs/configuring-playbook-pantalaimon.md @@ -95,7 +95,7 @@ matrix_bot_draupnir_raw_homeserver_url: "{{ matrix_addons_homeserver_client_api_ When NOT using Pantalaimon, Draupnir does not log in by itself and you must give it an access token for its bot account. -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): You must replace `ACCESS_TOKEN_FROM_STEP_2_GOES_HERE` and `ROOM_ID_FROM_STEP_4_GOES_HERE` with the your own values. @@ -135,7 +135,7 @@ Draupnir can be told to self-join public rooms, but it's better to follow this f 2. [Give the bot permissions to do its job](#giving-draupnir-permissions-to-do-its-job) -3. Tell it to protect the room (using the [rooms command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#using-the-draupnir-rooms-command)) by sending the following command to the Management Room: `!draupnir rooms add !ROOM_ID:DOMAIN` +3. Tell it to protect the room (using the [rooms command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#using-the-draupnir-rooms-command)) by sending the following command to the Management Room: `!draupnir rooms add !ROOM_ID:example.com` To have Draupnir provide useful room protection, you need do to a bit more work (at least the first time around). You may wish to [Subscribe to a public policy list](#subscribing-to-a-public-policy-list), [Create your own own policy and rules](#creating-your-own-policy-lists-and-rules) and [Enabling built-in protections](#enabling-built-in-protections). @@ -158,7 +158,7 @@ You can tell Draupnir to subscribe to it by sending the following command to the We also recommend **creating your own policy lists** with the [list create](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-policy-lists#using-draupnirs-list-create-command-to-create-a-policy-room) command. -You can do so by sending the following command to the Management Room: `!draupnir list create my-bans my-bans-bl`. This will create a policy list having a name (shortcode) of `my-bans` and stored in a public `#my-bans-bl:DOMAIN` room on your server. As soon as you run this command, the bot will invite you to the policy list room. +You can do so by sending the following command to the Management Room: `!draupnir list create my-bans my-bans-bl`. This will create a policy list having a name (shortcode) of `my-bans` and stored in a public `#my-bans-bl:example.com` room on your server. As soon as you run this command, the bot will invite you to the policy list room. A policy list does nothing by itself, so the next step is **adding some rules to your policy list**. Policies target a so-called `entity` (one of: `user`, `room` or `server`). These entities are mentioned on the [policy lists](https://the-draupnir-project.github.io/draupnir-documentation/concepts/policy-lists) documentation page and in the Matrix Spec [here](https://spec.matrix.org/v1.11/client-server-api/#mban-recommendation). @@ -171,7 +171,7 @@ To create rules, you run commands in the Management Room (**not** in the policy As a result of running these commands, you may observe: -- Draupnir creating `m.policy.rule.user` state events in the `#my-bans-bl:DOMAIN` room on your server +- Draupnir creating `m.policy.rule.user` state events in the `#my-bans-bl:example.com` room on your server - applying these rules against all rooms that Draupnir is an Administrator in You can undo bans with the [unban command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-users#the-unban-command). @@ -193,7 +193,7 @@ To **disable a given protection**, send a command like this: `!draupnir disable ## Extending the configuration -You can configure additional options by adding the `matrix_bot_draupnir_configuration_extension_yaml` variable to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file. +You can configure additional options by adding the `matrix_bot_draupnir_configuration_extension_yaml` variable to your `inventory/host_vars/matrix.example.com/vars.yml` file. For example to change draupnir's `recordIgnoredInvites` option to `true` you would add the following to your `vars.yml` file. diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 5e01d83dd..8e5e08a5f 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -26,12 +26,12 @@ Once the user is created you can [obtain an access token](obtaining-access-token ## Decide on a domain and path -By default, Go-NEB is configured to use its own dedicated domain (`goneb.DOMAIN`) and requires you to [adjust your DNS records](#adjusting-dns-records). +By default, Go-NEB is configured to use its own dedicated domain (`goneb.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). You can override the domain and path like this: ```yaml -# Switch to the domain used for Matrix services (`matrix.DOMAIN`), +# Switch to the domain used for Matrix services (`matrix.example.com`), # so we won't need to add additional DNS records for Go-NEB. matrix_bot_go_neb_hostname: "{{ matrix_server_fqn_matrix }}" @@ -49,7 +49,7 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml matrix_bot_go_neb_enabled: true diff --git a/docs/configuring-playbook-bot-honoroit.md b/docs/configuring-playbook-bot-honoroit.md index 9f88ee8dd..496dc1b16 100644 --- a/docs/configuring-playbook-bot-honoroit.md +++ b/docs/configuring-playbook-bot-honoroit.md @@ -9,7 +9,7 @@ See the project's [documentation](https://github.com/etkecc/honoroit#how-it-look ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_bot_honoroit_enabled: true @@ -46,7 +46,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-use ## Usage -To use the bot, invite the `@honoroit:DOMAIN` to the room you specified in config, after that any matrix user can send a message to the `@honoroit:DOMAIN` to start a new thread in that room. +To use the bot, invite the `@honoroit:example.com` to the room you specified in config, after that any matrix user can send a message to the `@honoroit:example.com` to start a new thread in that room. Send `!ho help` to the room to see the bot's help menu for additional commands. diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index 5ce317ed6..17c12e8e2 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -11,12 +11,12 @@ does and why it might be useful to you. ## Configuration -To enable the bot, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bot, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_bot_matrix_registration_bot_enabled: true -# By default, the playbook will set use the bot with a username like this: `@bot.matrix-registration-bot:DOMAIN`. +# By default, the playbook will set use the bot with a username like this: `@bot.matrix-registration-bot:example.com`. # Uncomment and adjust this part if you'd like to use a username different than the default # matrix_bot_matrix_registration_bot_matrix_user_id_localpart: bot.matrix-registration-bot @@ -38,7 +38,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -To use the bot, start a chat with `@bot.matrix-registration-bot:DOMAIN` (where `DOMAIN` is your base domain, not the `matrix.` domain). +To use the bot, start a chat with `@bot.matrix-registration-bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). In this room send `help` and the bot will reply with all options. diff --git a/docs/configuring-playbook-bot-matrix-reminder-bot.md b/docs/configuring-playbook-bot-matrix-reminder-bot.md index 3336d191a..2bce34765 100644 --- a/docs/configuring-playbook-bot-matrix-reminder-bot.md +++ b/docs/configuring-playbook-bot-matrix-reminder-bot.md @@ -9,7 +9,7 @@ See the project's [documentation](https://github.com/anoadragon453/matrix-remind ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_bot_matrix_reminder_bot_enabled: true @@ -42,9 +42,9 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-use ## Usage -To use the bot, start a chat with `@bot.matrix-reminder-bot:DOMAIN` (where `example.com` is your base domain, not the `matrix.` domain). +To use the bot, start a chat with `@bot.matrix-reminder-bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). -You can also add the bot to any existing Matrix room (`/invite @bot.matrix-reminder-bot:DOMAIN`). +You can also add the bot to any existing Matrix room (`/invite @bot.matrix-reminder-bot:example.com`). Basic usage is like this: `!remindme in 2 minutes; This is a test` diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index f90dd6bf3..f435492c3 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -10,7 +10,7 @@ does and why it might be useful to you. ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_bot_maubot_enabled: true diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index dd7681d06..589850ee4 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -41,9 +41,9 @@ Using your own account, create a new invite only room that you will use to manag If you make the management room encrypted (E2EE), then you MUST enable and use Pantalaimon (see below). -Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!QvgVuKq0ha8glOLGMG:DOMAIN`. +Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!QvgVuKq0ha8glOLGMG:example.com`. -Finally invite the `@bot.mjolnir:DOMAIN` account you created earlier into the room. +Finally invite the `@bot.mjolnir:example.com` account you created earlier into the room. ## 5. Adjusting the playbook configuration @@ -54,7 +54,7 @@ Decide whether you want Mjolnir to be capable of operating in end-to-end encrypt When using Pantalaimon, Mjolnir will log in to its bot account itself through Pantalaimon, so configure its username and password. -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml # Enable Pantalaimon. See docs/configuring-playbook-pantalaimon.md @@ -89,7 +89,7 @@ matrix_bot_mjolnir_raw_homeserver_url: "{{ matrix_addons_homeserver_client_api_u When NOT using Pantalaimon, Mjolnir does not log in by itself and you must give it an access token for its bot account. -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): You must replace `ACCESS_TOKEN_FROM_STEP_2_GOES_HERE` and `ROOM_ID_FROM_STEP_4_GOES_HERE` with the your own values. @@ -103,7 +103,7 @@ matrix_bot_mjolnir_management_room: "ROOM_ID_FROM_STEP_4_GOES_HERE" ## 6. Adding Mjolnir synapse antispam module (optional) -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml @@ -128,7 +128,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start You can refer to the upstream [documentation](https://github.com/matrix-org/mjolnir) for additional ways to use and configure Mjolnir. Check out their [quickstart guide](https://github.com/matrix-org/mjolnir#quickstart-guide) for some basic commands you can give to the bot. -You can configure additional options by adding the `matrix_bot_mjolnir_configuration_extension_yaml` variable to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file. +You can configure additional options by adding the `matrix_bot_mjolnir_configuration_extension_yaml` variable to your `inventory/host_vars/matrix.example.com/vars.yml` file. For example to change Mjolnir's `recordIgnoredInvites` option to `true` you would add the following to your `vars.yml` file. diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 35f141a4d..4af99aba9 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -25,7 +25,7 @@ These port numbers are configurable via the `matrix_bot_postmoogle_smtp_host_bin ### Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_bot_postmoogle_enabled: true @@ -69,7 +69,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-use ## Usage -To use the bot, invite the `@postmoogle:DOMAIN` bot user into a room you want to use as a mailbox. +To use the bot, invite the `@postmoogle:example.com` bot user into a room you want to use as a mailbox. Then send `!pm mailbox NAME` to expose this Matrix room as an inbox with the email address `NAME@matrix.domain`. Emails sent to that email address will be forwarded to the room. diff --git a/docs/configuring-playbook-bridge-appservice-irc.md b/docs/configuring-playbook-bridge-appservice-irc.md index 4da559790..82623b998 100644 --- a/docs/configuring-playbook-bridge-appservice-irc.md +++ b/docs/configuring-playbook-bridge-appservice-irc.md @@ -8,7 +8,7 @@ See the project's [documentation](https://github.com/matrix-org/matrix-appservic ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_appservice_irc_enabled: true diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index 4a004eb1a..cbc52a6cc 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -9,7 +9,7 @@ See the project's [documentation](https://src.miscworks.net/fair/matrix-appservi ## Installing -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_appservice_kakaotalk_enabled: true diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index 5c970dcc5..4e1619b66 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -12,7 +12,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se 1. Create a new Matrix room to act as the administration control room. Note its internal room ID. This can be done in Element by sending a message, opening the options for that message and choosing "view source". The room ID will be displayed near the top. -2. Enable the bridge by adding the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +2. Enable the bridge by adding the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_appservice_slack_enabled: true @@ -40,7 +40,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se 6. Invite the bridge bot user into the admin room: ``` - /invite @slackbot:MY.DOMAIN + /invite @slackbot:MY.example.com ``` Note that the bot's domain is your server's domain **without the `matrix.` prefix.** @@ -53,7 +53,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se Click on bot users and add a new bot user. We will use this account to bridge the the rooms. -8. Click on Event Subscriptions and enable them and use the request url `https://matrix.DOMAIN/appservice-slack`. Then add the following events and save: +8. Click on Event Subscriptions and enable them and use the request url `https://matrix.example.com/appservice-slack`. Then add the following events and save: Bot User Events: @@ -81,7 +81,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se * Create a Matrix room in the usual manner for your client. Take a note of its Matrix room ID - it will look something like !aBcDeF:example.com. - * Invite the bot user to both the Slack and Matrix channels you would like to bridge using `/invite @matrixbot` for Slack and `/invite @slackbot:MY.DOMAIN` for Matrix. + * Invite the bot user to both the Slack and Matrix channels you would like to bridge using `/invite @matrixbot` for Slack and `/invite @slackbot:MY.example.com` for Matrix. * Determine the "channel ID" that Slack uses to identify the channel. You can see it when you open a given Slack channel in a browser. The URL reads like this: `https://app.slack.com/client/XXX//details/`. diff --git a/docs/configuring-playbook-bridge-beeper-linkedin.md b/docs/configuring-playbook-bridge-beeper-linkedin.md index 3aaa01520..5ba0233ec 100644 --- a/docs/configuring-playbook-bridge-beeper-linkedin.md +++ b/docs/configuring-playbook-bridge-beeper-linkedin.md @@ -6,7 +6,7 @@ See the project's [documentation](https://github.com/beeper/linkedin/blob/master ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_beeper_linkedin_enabled: true diff --git a/docs/configuring-playbook-bridge-go-skype-bridge.md b/docs/configuring-playbook-bridge-go-skype-bridge.md index c9001636a..10a244aa0 100644 --- a/docs/configuring-playbook-bridge-go-skype-bridge.md +++ b/docs/configuring-playbook-bridge-go-skype-bridge.md @@ -7,7 +7,7 @@ See the project page to learn what it does and why it might be useful to you. ## Adjusting the playbook configuration -To enable the [Skype](https://www.skype.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the [Skype](https://www.skype.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_go_skype_bridge_enabled: true diff --git a/docs/configuring-playbook-bridge-heisenbridge.md b/docs/configuring-playbook-bridge-heisenbridge.md index b6eb23634..75c6b1315 100644 --- a/docs/configuring-playbook-bridge-heisenbridge.md +++ b/docs/configuring-playbook-bridge-heisenbridge.md @@ -10,7 +10,7 @@ See the project's [README](https://github.com/hifi/heisenbridge/blob/master/READ Below are the common configuration options that you may want to set, exhaustive list is in [the bridge's defaults var file](../roles/custom/matrix-bridge-heisenbridge/defaults/main.yml). -At a minimum, you only need to enable the bridge to get it up and running (`inventory/host_vars/matrix.DOMAIN/vars.yml`): +At a minimum, you only need to enable the bridge to get it up and running (`inventory/host_vars/matrix.example.com/vars.yml`): ```yaml matrix_heisenbridge_enabled: true @@ -22,7 +22,7 @@ matrix_heisenbridge_owner: "@you:your-homeserver" matrix_heisenbridge_identd_enabled: true ``` -By default, Heisenbrdige would be exposed on the Matrix domain (`matrix.DOMAIN`, as specified in `matrix_server_fqn_matrix`) under the `/heisenbridge` path prefix. It would handle media requests there (see the [release notes for Heisenbridge v1.15.0](https://github.com/hifi/heisenbridge/releases/tag/v1.15.0)). +By default, Heisenbrdige would be exposed on the Matrix domain (`matrix.example.com`, as specified in `matrix_server_fqn_matrix`) under the `/heisenbridge` path prefix. It would handle media requests there (see the [release notes for Heisenbridge v1.15.0](https://github.com/hifi/heisenbridge/releases/tag/v1.15.0)). That's it! A registration file is automatically generated during the setup phase. diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 812697b9c..3bb1ba0ab 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -31,7 +31,7 @@ Should the crypto store be corrupted, you can reset it by executing this Ansible ## Usage -Create a room and invite the Hookshot bot (`@hookshot:DOMAIN`) to it. +Create a room and invite the Hookshot bot (`@hookshot:example.com`) to it. Make sure the bot is able to send state events (usually the Moderator power level in clients). @@ -92,7 +92,7 @@ Metrics are **only enabled by default** if the builtin [Prometheus](configuring- To explicitly enable metrics, use `matrix_hookshot_metrics_enabled: true`. This only exposes metrics over the container network, however. -**To collect metrics from an external Prometheus server**, besides enabling metrics as described above, you will also need to enable metrics exposure on `https://matrix.DOMAIN/metrics/hookshot` by: +**To collect metrics from an external Prometheus server**, besides enabling metrics as described above, you will also need to enable metrics exposure on `https://matrix.example.com/metrics/hookshot` by: - either enabling metrics exposure for Hookshot via `matrix_hookshot_metrics_proxying_enabled: true` - or enabling metrics exposure for all services via `matrix_metrics_exposure_enabled: true` diff --git a/docs/configuring-playbook-bridge-matrix-bridge-sms.md b/docs/configuring-playbook-bridge-matrix-bridge-sms.md index fe883abb5..f698ad986 100644 --- a/docs/configuring-playbook-bridge-matrix-bridge-sms.md +++ b/docs/configuring-playbook-bridge-matrix-bridge-sms.md @@ -8,7 +8,7 @@ See the project page to learn what it does and why it might be useful to you. ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_sms_bridge_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 184addf6b..d7da7878b 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -17,7 +17,7 @@ If this is a dealbreaker for you, consider using one of the other Discord bridge ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_discord_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index e20d1e2e6..50d23a0fd 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -8,7 +8,7 @@ See the project's [documentation](https://github.com/mautrix/facebook/blob/maste ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_facebook_enabled: true @@ -98,7 +98,7 @@ The easiest way to do this may be to use [sshuttle](https://sshuttle.readthedocs Example command for proxying your traffic through the Matrix server: ``` -sshuttle -r root@matrix.DOMAIN:22 0/0 +sshuttle -r root@matrix.example.com:22 0/0 ``` Once connected, you should be able to verify that you're browsing the web through the Matrix server's IP by checking [icanhazip](https://icanhazip.com/). diff --git a/docs/configuring-playbook-bridge-mautrix-gmessages.md b/docs/configuring-playbook-bridge-mautrix-gmessages.md index e07646743..6b44eeeee 100644 --- a/docs/configuring-playbook-bridge-mautrix-gmessages.md +++ b/docs/configuring-playbook-bridge-mautrix-gmessages.md @@ -6,7 +6,7 @@ See the project's [documentation](https://docs.mau.fi/bridges/go/gmessages/index ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_gmessages_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-googlechat.md b/docs/configuring-playbook-bridge-mautrix-googlechat.md index ed6270c8a..a62003cb2 100644 --- a/docs/configuring-playbook-bridge-mautrix-googlechat.md +++ b/docs/configuring-playbook-bridge-mautrix-googlechat.md @@ -6,7 +6,7 @@ See the project's [documentation](https://docs.mau.fi/bridges/python/googlechat/ ## Adjusting the playbook configuration -To enable the [Google Chat](https://chat.google.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the [Google Chat](https://chat.google.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_googlechat_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-hangouts.md b/docs/configuring-playbook-bridge-mautrix-hangouts.md index 62770fe0b..198d4c923 100644 --- a/docs/configuring-playbook-bridge-mautrix-hangouts.md +++ b/docs/configuring-playbook-bridge-mautrix-hangouts.md @@ -8,7 +8,7 @@ See the project's [documentation](https://docs.mau.fi/bridges/python/hangouts/in ## Adjusting the playbook configuration -To enable the [Google Hangouts](https://hangouts.google.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the [Google Hangouts](https://hangouts.google.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_hangouts_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-instagram.md b/docs/configuring-playbook-bridge-mautrix-instagram.md index 14d25f52f..ffafa25db 100644 --- a/docs/configuring-playbook-bridge-mautrix-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-instagram.md @@ -8,7 +8,7 @@ See the project's [documentation](https://docs.mau.fi/bridges/python/instagram/i ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_instagram_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-meta-instagram.md b/docs/configuring-playbook-bridge-mautrix-meta-instagram.md index 0a644d049..f7809090d 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-instagram.md @@ -23,7 +23,7 @@ Then, consider disabling the old bridge in your configuration, so it won't recre ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_meta_instagram_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md index ded925ce5..81aebfade 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md @@ -19,7 +19,7 @@ Then, consider disabling the old bridge in your configuration, so it won't recre ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_meta_messenger_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index 16227a186..ec9d18024 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -10,7 +10,7 @@ See the project's [documentation](https://docs.mau.fi/bridges/python/signal/inde ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_signal_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-slack.md b/docs/configuring-playbook-bridge-mautrix-slack.md index e2f00d467..43eaf274b 100644 --- a/docs/configuring-playbook-bridge-mautrix-slack.md +++ b/docs/configuring-playbook-bridge-mautrix-slack.md @@ -20,7 +20,7 @@ Note that neither of these methods are officially supported by Slack. [matrix-ap ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_slack_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index a556dcffa..3fc98eda6 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -6,7 +6,7 @@ See the project's [documentation](https://docs.mau.fi/bridges/python/telegram/in ## Adjusting the playbook configuration -You'll need to obtain API keys from [https://my.telegram.org/apps](https://my.telegram.org/apps) and then add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +You'll need to obtain API keys from [https://my.telegram.org/apps](https://my.telegram.org/apps) and then add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_telegram_enabled: true @@ -47,7 +47,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee You then need to start a chat with `@telegrambot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). -If you want to use the relay-bot feature ([relay bot documentation](https://docs.mau.fi/bridges/python/telegram/relay-bot.html)), which allows anonymous user to chat with telegram users, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +If you want to use the relay-bot feature ([relay bot documentation](https://docs.mau.fi/bridges/python/telegram/relay-bot.html)), which allows anonymous user to chat with telegram users, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_telegram_bot_token: YOUR_TELEGRAM_BOT_TOKEN @@ -62,7 +62,7 @@ You might also want to give permissions to administrate the bot: matrix_mautrix_telegram_configuration_extension_yaml: | bridge: permissions: - '@user:DOMAIN': admin + '@user:example.com': admin ``` More details about permissions in this example: diff --git a/docs/configuring-playbook-bridge-mautrix-twitter.md b/docs/configuring-playbook-bridge-mautrix-twitter.md index 60c1a745f..fe08c77bf 100644 --- a/docs/configuring-playbook-bridge-mautrix-twitter.md +++ b/docs/configuring-playbook-bridge-mautrix-twitter.md @@ -8,7 +8,7 @@ See the project's [documentation](https://github.com/mautrix/twitter) to learn w ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_twitter_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-whatsapp.md b/docs/configuring-playbook-bridge-mautrix-whatsapp.md index ae1d2ea3a..d65075c83 100644 --- a/docs/configuring-playbook-bridge-mautrix-whatsapp.md +++ b/docs/configuring-playbook-bridge-mautrix-whatsapp.md @@ -6,7 +6,7 @@ See the project's [documentation](https://docs.mau.fi/bridges/go/whatsapp/index. ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_whatsapp_enabled: true diff --git a/docs/configuring-playbook-bridge-mautrix-wsproxy.md b/docs/configuring-playbook-bridge-mautrix-wsproxy.md index 93ed9a5ad..2bff1ecda 100644 --- a/docs/configuring-playbook-bridge-mautrix-wsproxy.md +++ b/docs/configuring-playbook-bridge-mautrix-wsproxy.md @@ -7,12 +7,12 @@ See the project's [documentation](https://github.com/mautrix/wsproxy#readme) to ## DNS -You need to create a `wsproxy.DOMAIN` DNS record pointing to your Matrix server (a `CNAME` pointing to `matrix.DOMAIN`) to use wsproxy. +You need to create a `wsproxy.example.com` DNS record pointing to your Matrix server (a `CNAME` pointing to `matrix.example.com`) to use wsproxy. The hostname is configurable via a `matrix_mautrix_wsproxy_hostname` variable. ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mautrix_wsproxy_enabled: true diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index da987bf2e..56f05f307 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -13,7 +13,7 @@ See the project page to learn what it does and why it might be useful to you. ## Adjusting the playbook configuration -To enable the [Discord](https://discordapp.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the [Discord](https://discordapp.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mx_puppet_discord_enabled: true diff --git a/docs/configuring-playbook-bridge-mx-puppet-groupme.md b/docs/configuring-playbook-bridge-mx-puppet-groupme.md index ed38600e4..c10e386fc 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-groupme.md +++ b/docs/configuring-playbook-bridge-mx-puppet-groupme.md @@ -7,7 +7,7 @@ See the project page to learn what it does and why it might be useful to you. ## Adjusting the playbook configuration -To enable the [GroupMe](https://groupme.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the [GroupMe](https://groupme.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mx_puppet_groupme_enabled: true diff --git a/docs/configuring-playbook-bridge-mx-puppet-instagram.md b/docs/configuring-playbook-bridge-mx-puppet-instagram.md index 0a61d561f..b2546cb0a 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-instagram.md +++ b/docs/configuring-playbook-bridge-mx-puppet-instagram.md @@ -7,7 +7,7 @@ This allows you to bridge Instagram DirectMessages into Matrix. ## Adjusting the playbook configuration -To enable the [Instagram](https://www.instagram.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the [Instagram](https://www.instagram.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mx_puppet_instagram_enabled: true diff --git a/docs/configuring-playbook-bridge-mx-puppet-slack.md b/docs/configuring-playbook-bridge-mx-puppet-slack.md index a2e2fa3c3..d5f784cc5 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-slack.md +++ b/docs/configuring-playbook-bridge-mx-puppet-slack.md @@ -10,11 +10,11 @@ See the project page to learn what it does and why it might be useful to you. ## Prerequisite -Follow the [OAuth credentials](https://github.com/Sorunome/mx-puppet-slack#option-2-oauth) instructions to create a new Slack app, setting the redirect URL to `https://matrix.DOMAIN/slack/oauth`. +Follow the [OAuth credentials](https://github.com/Sorunome/mx-puppet-slack#option-2-oauth) instructions to create a new Slack app, setting the redirect URL to `https://matrix.example.com/slack/oauth`. ## Adjusting the playbook configuration -To enable the [Slack](https://slack.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the [Slack](https://slack.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mx_puppet_slack_enabled: true diff --git a/docs/configuring-playbook-bridge-mx-puppet-steam.md b/docs/configuring-playbook-bridge-mx-puppet-steam.md index 08b254259..60475929c 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-steam.md +++ b/docs/configuring-playbook-bridge-mx-puppet-steam.md @@ -7,7 +7,7 @@ See the project page to learn what it does and why it might be useful to you. ## Adjusting the playbook configuration -To enable the [Steam](https://steampowered.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the [Steam](https://steampowered.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mx_puppet_steam_enabled: true diff --git a/docs/configuring-playbook-bridge-mx-puppet-twitter.md b/docs/configuring-playbook-bridge-mx-puppet-twitter.md index 0d567c56e..783999ff8 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-twitter.md +++ b/docs/configuring-playbook-bridge-mx-puppet-twitter.md @@ -13,7 +13,7 @@ Make an app on [developer.twitter.com](https://developer.twitter.com/en/apps). ## Adjusting the playbook configuration -To enable the [Twitter](https://twitter.com) bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the [Twitter](https://twitter.com) bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_mx_puppet_twitter_enabled: true diff --git a/docs/configuring-playbook-bridge-wechat.md b/docs/configuring-playbook-bridge-wechat.md index c00b9a7fc..e5a1546c7 100644 --- a/docs/configuring-playbook-bridge-wechat.md +++ b/docs/configuring-playbook-bridge-wechat.md @@ -6,7 +6,7 @@ See the project page to learn what it does and why it might be useful to you. ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_wechat_enabled: true diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index 98ec896e8..f5e124c08 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -33,7 +33,7 @@ matrix_cactus_comments_enabled: true # matrix_synapse_allow_guest_access: true # matrix_dendrite_allow_guest_access: true -# This enables client assets static files serving on `https://matrix.DOMAIN/cactus-comments`. +# This enables client assets static files serving on `https://matrix.example.com/cactus-comments`. # When the backend (appservice) is enabled, this is also enabled automatically, # but we explicitly enable it here. matrix_cactus_comments_client_enabled: true diff --git a/docs/configuring-playbook-client-cinny.md b/docs/configuring-playbook-client-cinny.md index bcecff2d7..701d13fb6 100644 --- a/docs/configuring-playbook-client-cinny.md +++ b/docs/configuring-playbook-client-cinny.md @@ -6,11 +6,11 @@ Cinny can be installed alongside or instead of Element. ## DNS -You need to add a `cinny.DOMAIN` DNS record so that Cinny can be accessed. -By default Cinny will use https://cinny.DOMAIN so you will need to create an CNAME record +You need to add a `cinny.example.com` DNS record so that Cinny can be accessed. +By default Cinny will use https://cinny.example.com so you will need to create an CNAME record for `cinny`. See [Configuring DNS](configuring-dns.md). -If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (changing it to use your preferred domain): +If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (changing it to use your preferred domain): ```yaml matrix_server_fqn_cinny: "app.{{ matrix_domain }}" @@ -18,7 +18,7 @@ matrix_server_fqn_cinny: "app.{{ matrix_domain }}" ## Adjusting the playbook configuration -To enable Cinny, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable Cinny, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_client_cinny_enabled: true diff --git a/docs/configuring-playbook-client-hydrogen.md b/docs/configuring-playbook-client-hydrogen.md index 28ddb900a..2099299d5 100644 --- a/docs/configuring-playbook-client-hydrogen.md +++ b/docs/configuring-playbook-client-hydrogen.md @@ -6,11 +6,11 @@ Hydrogen can be installed alongside or instead of Element. ## DNS -You need to add a `hydrogen.DOMAIN` DNS record so that Hydrogen can be accessed. -By default Hydrogen will use https://hydrogen.DOMAIN so you will need to create an CNAME record +You need to add a `hydrogen.example.com` DNS record so that Hydrogen can be accessed. +By default Hydrogen will use https://hydrogen.example.com so you will need to create an CNAME record for `hydrogen`. See [Configuring DNS](configuring-dns.md). -If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (changing it to use your preferred domain): +If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (changing it to use your preferred domain): ```yaml matrix_server_fqn_hydrogen: "helium.{{ matrix_domain }}" @@ -18,7 +18,7 @@ matrix_server_fqn_hydrogen: "helium.{{ matrix_domain }}" ## Adjusting the playbook configuration -To enable Hydrogen, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable Hydrogen, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_client_hydrogen_enabled: true diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat.md index 81fe411d1..5272723cf 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat.md @@ -8,11 +8,11 @@ SchildiChat can be installed alongside or instead of Element. ## DNS -You need to add a `schildichat.DOMAIN` DNS record so that SchildiChat can be accessed. -By default SchildiChat will use https://schildichat.DOMAIN so you will need to create an CNAME record +You need to add a `schildichat.example.com` DNS record so that SchildiChat can be accessed. +By default SchildiChat will use https://schildichat.example.com so you will need to create an CNAME record for `schildichat`. See [Configuring DNS](configuring-dns.md). -If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (changing it to use your preferred domain): +If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (changing it to use your preferred domain): ```yaml matrix_server_fqn_schildichat: "sc.{{ matrix_domain }}" @@ -20,7 +20,7 @@ matrix_server_fqn_schildichat: "sc.{{ matrix_domain }}" ## Adjusting the playbook configuration -To enable SchildiChat, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable SchildiChat, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_client_schildichat_enabled: true diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index 045be3616..9deb41f27 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -10,7 +10,7 @@ If you're just installing Matrix services for the first time, please continue wi ## Decide on a domain and path -By default, Dimension is configured to use its own dedicated domain (`dimension.DOMAIN`) and requires you to [adjust your DNS records](#adjusting-dns-records). +By default, Dimension is configured to use its own dedicated domain (`dimension.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). You can override the domain and path like this: diff --git a/docs/configuring-playbook-dynamic-dns.md b/docs/configuring-playbook-dynamic-dns.md index bc58c2736..6d468a3c5 100644 --- a/docs/configuring-playbook-dynamic-dns.md +++ b/docs/configuring-playbook-dynamic-dns.md @@ -6,7 +6,7 @@ Most cloud providers / ISPs will charge you extra for a static IP address. If yo not hosting a highly reliable homeserver you can workaround this via dynamic DNS. To set this up, you'll need to get the username/password from your DNS provider. For google domains, this process is described [here](https://support.google.com/domains/answer/6147083). -After you've gotten the proper credentials you can add the following config to your `inventory/host_vars/matrix.DOMAIN/vars.yml`: +After you've gotten the proper credentials you can add the following config to your `inventory/host_vars/matrix.example.com/vars.yml`: ```yaml matrix_dynamic_dns_enabled: true diff --git a/docs/configuring-playbook-email.md b/docs/configuring-playbook-email.md index a7c500250..ab850e933 100644 --- a/docs/configuring-playbook-email.md +++ b/docs/configuring-playbook-email.md @@ -17,7 +17,7 @@ No matter whether you send email directly (the default) or you relay email throu ## Relaying email through another SMTP server -If you'd like to relay email through another SMTP server, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +If you'd like to relay email through another SMTP server, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml exim_relay_sender_address: "another.sender@example.com" diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index c410de559..ec9b78b6a 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -11,7 +11,7 @@ See the project's [documentation](https://github.com/devture/email2matrix/blob/m ### DNS configuration -It's not strictly necessary, but you may increase the chances that incoming emails reach your server by adding an `MX` record for `matrix.DOMAIN`, as described in the [Configuring DNS](configuring-dns.md) documentation page. +It's not strictly necessary, but you may increase the chances that incoming emails reach your server by adding an `MX` record for `matrix.example.com`, as described in the [Configuring DNS](configuring-dns.md) documentation page. ### Port availability @@ -43,7 +43,7 @@ In order for the sender user created above to be able to send messages to the ro ## Adjusting the playbook configuration -After doing the preparation steps above, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +After doing the preparation steps above, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml matrix_email2matrix_enabled: true @@ -85,4 +85,4 @@ Refer to the official documentation [here](https://github.com/devture/email2matr To enable Email2Matrix, run the [installation](installing.md) command (`--tags=setup-email2matrix,start`). -After installation, you may wish to send a test email to the email address assigned to `mailbox1` (default: `mailbox1@matrix.DOMAIN`) to make sure that Email2Matrix works as expected. +After installation, you may wish to send a test email to the email address assigned to `mailbox1` (default: `mailbox1@matrix.example.com`) to make sure that Email2Matrix works as expected. diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 08ec29243..a33976623 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -7,12 +7,12 @@ When enabled together with the Jitsi audio/video conferencing system (see [our d ## Decide on a domain and path -By default, Etherpad is configured to use its own dedicated domain (`etherpad.DOMAIN`) and requires you to [adjust your DNS records](#adjusting-dns-records). +By default, Etherpad is configured to use its own dedicated domain (`etherpad.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). You can override the domain and path like this: ```yaml -# Switch to the domain used for Matrix services (`matrix.DOMAIN`), +# Switch to the domain used for Matrix services (`matrix.example.com`), # so we won't need to add additional DNS records for Etherpad. etherpad_hostname: "{{ matrix_server_fqn_matrix }}" @@ -30,7 +30,7 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Adjusting the playbook configuration -[Etherpad](https://etherpad.org) installation is disabled by default. To enable Etherpad, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +[Etherpad](https://etherpad.org) installation is disabled by default. To enable Etherpad, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml etherpad_enabled: true @@ -48,7 +48,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` The Etherpad UI should be available at `https://etherpad.`, while the admin UI (if enabled) should then be available at `https://etherpad./admin`. -If you've [decided on another hostname or path-prefix](#decide-on-a-domain-and-path) (e.g. `https://matrix.DOMAIN/etherpad`), adjust these URLs accordingly before usage. +If you've [decided on another hostname or path-prefix](#decide-on-a-domain-and-path) (e.g. `https://matrix.example.com/etherpad`), adjust these URLs accordingly before usage. ### Managing / Deleting old pads @@ -62,7 +62,7 @@ Then from the plugin manager page (`https://etherpad./admin/plugins This is how it works in Element, it might work quite similar with other clients: -To integrate a standalone Etherpad in a room, create your pad by visiting `https://etherpad.DOMAIN`. When the pad opens, copy the URL and send a command like this to the room: `/addwidget URL`. You will then find your integrated Etherpad within the right sidebar in the `Widgets` section. +To integrate a standalone Etherpad in a room, create your pad by visiting `https://etherpad.example.com`. When the pad opens, copy the URL and send a command like this to the room: `/addwidget URL`. You will then find your integrated Etherpad within the right sidebar in the `Widgets` section. ### Set Dimension default to the self-hosted Etherpad (optional) diff --git a/docs/configuring-playbook-external-postgres.md b/docs/configuring-playbook-external-postgres.md index b8c8f8eb9..e922c8299 100644 --- a/docs/configuring-playbook-external-postgres.md +++ b/docs/configuring-playbook-external-postgres.md @@ -4,7 +4,7 @@ By default, this playbook would set up a PostgreSQL database server on your mach **Note**: using **an external Postgres server is currently [not very seamless](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1682#issuecomment-1061461683) when it comes to enabling various other playbook services** - you will need to create a new database/credentials for each service and to point each service to its corresponding database using custom `vars.yml` configuration. **For the best experience with the playbook, stick to using the integrated Postgres server**. -If you'd like to use an external Postgres server that you manage, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +If you'd like to use an external Postgres server that you manage, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml postgres_enabled: false diff --git a/docs/configuring-playbook-federation.md b/docs/configuring-playbook-federation.md index 548c55bef..6ebe32bbd 100644 --- a/docs/configuring-playbook-federation.md +++ b/docs/configuring-playbook-federation.md @@ -6,7 +6,7 @@ That is, people on your server can communicate with people on any other Matrix s ## Federating only with select servers -To make your server only federate with servers of your choosing, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +To make your server only federate with servers of your choosing, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml matrix_synapse_federation_domain_whitelist: diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index ce2280914..8d75cd29b 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -9,7 +9,7 @@ The setup done by the playbook is very similar to [docker-jitsi-meet](https://gi ## Prerequisites -Before installing Jitsi, make sure you've created the `jitsi.DOMAIN` DNS record (unless you've changed `jitsi_hostname`, as described below). See [Configuring DNS](configuring-dns.md) for details about DNS changes. +Before installing Jitsi, make sure you've created the `jitsi.example.com` DNS record (unless you've changed `jitsi_hostname`, as described below). See [Configuring DNS](configuring-dns.md) for details about DNS changes. You may also need to open the following ports to your server: @@ -19,7 +19,7 @@ You may also need to open the following ports to your server: ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml jitsi_enabled: true @@ -42,14 +42,14 @@ Currently, there are three supported authentication modes: 'internal' (default), **Note**: Authentication is not tested via the playbook's self-checks. We therefore recommend that you manually verify if authentication is required by jitsi. -For this, try to manually create a conference on jitsi.DOMAIN in your browser. +For this, try to manually create a conference on jitsi.example.com in your browser. ### Authenticate using Jitsi accounts (Auth-Type 'internal') The default authentication mechanism is 'internal' auth, which requires jitsi-accounts to be setup and is the recommended setup, as it also works in federated rooms. With authentication enabled, all meeting rooms have to be opened by a registered user, after which guests are free to join. If a registered host is not yet present, guests are put on hold in individual waiting rooms. -Add these lines to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration: +Add these lines to your `inventory/host_vars/matrix.example.com/vars.yml` configuration: ```yaml jitsi_enable_auth: true @@ -89,8 +89,8 @@ An example LDAP configuration could be: ```yaml jitsi_enable_auth: true jitsi_auth_type: ldap -jitsi_ldap_url: "ldap://ldap.DOMAIN" -jitsi_ldap_base: "OU=People,DC=DOMAIN" +jitsi_ldap_url: "ldap://ldap.example.com" +jitsi_ldap_base: "OU=People,DC=example.com" #jitsi_ldap_binddn: "" #jitsi_ldap_bindpw: "" jitsi_ldap_filter: "uid=%u" @@ -115,7 +115,7 @@ The reason is the Jitsi VideoBridge git to LAN client the IP address of the dock Here is how to do it in the playbook. -Add these two lines to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration: +Add these two lines to your `inventory/host_vars/matrix.example.com/vars.yml` configuration: ```yaml jitsi_jvb_container_extra_arguments: @@ -124,7 +124,7 @@ jitsi_jvb_container_extra_arguments: ## (Optional) Fine tune Jitsi -Sample **additional** `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration to save up resources (explained below): +Sample **additional** `inventory/host_vars/matrix.example.com/vars.yml` configuration to save up resources (explained below): ```yaml jitsi_web_custom_config_extension: | @@ -283,11 +283,11 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start You can use the self-hosted Jitsi server in multiple ways: -- **by adding a widget to a room via Element** (the one configured by the playbook at `https://element.DOMAIN`). Just start a voice or a video call in a room containing more than 2 members and that would create a Jitsi widget which utilizes your self-hosted Jitsi server. +- **by adding a widget to a room via Element** (the one configured by the playbook at `https://element.example.com`). Just start a voice or a video call in a room containing more than 2 members and that would create a Jitsi widget which utilizes your self-hosted Jitsi server. - **by adding a widget to a room via the Dimension Integration Manager**. You'll have to point the widget to your own Jitsi server manually. See our [Dimension](./configuring-playbook-dimension.md) documentation page for more details. Naturally, Dimension would need to be installed first (the playbook doesn't install it by default). -- **directly (without any Matrix integration)**. Just go to `https://jitsi.DOMAIN` +- **directly (without any Matrix integration)**. Just go to `https://jitsi.example.com` **Note**: Element apps on mobile devices currently [don't support joining meetings on a self-hosted Jitsi server](https://github.com/element-hq/riot-web/blob/601816862f7d84ac47547891bd53effa73d32957/docs/jitsi.md#mobile-app-support). diff --git a/docs/configuring-playbook-ldap-auth.md b/docs/configuring-playbook-ldap-auth.md index cc07f396f..451d386ba 100644 --- a/docs/configuring-playbook-ldap-auth.md +++ b/docs/configuring-playbook-ldap-auth.md @@ -4,7 +4,7 @@ The playbook can install and configure the [matrix-synapse-ldap3](https://github See that project's documentation to learn what it does and why it might be useful to you. -If you decide that you'd like to let this playbook install it for you, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +If you decide that you'd like to let this playbook install it for you, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml matrix_synapse_ext_password_provider_ldap_enabled: true diff --git a/docs/configuring-playbook-ma1sd.md b/docs/configuring-playbook-ma1sd.md index c7d163dca..fd65679e1 100644 --- a/docs/configuring-playbook-ma1sd.md +++ b/docs/configuring-playbook-ma1sd.md @@ -12,7 +12,7 @@ This server is private by default, potentially at the expense of user discoverab ## Adjusting the playbook configuration -To enable ma1sd, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable ma1sd, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_ma1sd_enabled: true @@ -53,7 +53,7 @@ To use the [Registration](https://github.com/ma1uta/ma1sd/blob/master/docs/featu - `matrix_ma1sd_configuration_extension_yaml` - to configure ma1sd as required. See the [Registration feature's docs](https://github.com/ma1uta/ma1sd/blob/master/docs/features/registration.md) for inspiration. Also see the [Additional features](#additional-features) section below to learn more about how to use `matrix_ma1sd_configuration_extension_yaml`. -**Note**: For this to work, either the homeserver needs to [federate](configuring-playbook-federation.md) or the `openid` APIs need to exposed on the federation port. When federation is disabled and ma1sd is enabled, we automatically expose the `openid` APIs (only!) on the federation port. Make sure the federation port (usually `https://matrix.DOMAIN:8448`) is whitelisted in your firewall (even if you don't actually use/need federation). +**Note**: For this to work, either the homeserver needs to [federate](configuring-playbook-federation.md) or the `openid` APIs need to exposed on the federation port. When federation is disabled and ma1sd is enabled, we automatically expose the `openid` APIs (only!) on the federation port. Make sure the federation port (usually `https://matrix.example.com:8448`) is whitelisted in your firewall (even if you don't actually use/need federation). ## Authentication @@ -129,7 +129,7 @@ If email address validation emails sent by ma1sd are not reaching you, you shoul If you'd like additional logging information, temporarily enable verbose logging for ma1sd. -Example configuration (`inventory/host_vars/matrix.DOMAIN/vars.yml`): +Example configuration (`inventory/host_vars/matrix.example.com/vars.yml`): ```yaml matrix_ma1sd_verbose_logging: true diff --git a/docs/configuring-playbook-matrix-corporal.md b/docs/configuring-playbook-matrix-corporal.md index ff762310e..220c6d8ef 100644 --- a/docs/configuring-playbook-matrix-corporal.md +++ b/docs/configuring-playbook-matrix-corporal.md @@ -18,7 +18,7 @@ If you decide that you'd like to let this playbook install it for you, you'd nee ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml # The Shared Secret Auth password provider module is required for Corporal to work. diff --git a/docs/configuring-playbook-matrix-ldap-registration-proxy.md b/docs/configuring-playbook-matrix-ldap-registration-proxy.md index 6ddcc0417..3e1b047be 100644 --- a/docs/configuring-playbook-matrix-ldap-registration-proxy.md +++ b/docs/configuring-playbook-matrix-ldap-registration-proxy.md @@ -9,7 +9,7 @@ implementation of a basic password registration. ## Quickstart -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_ldap_registration_proxy_enabled: true diff --git a/docs/configuring-playbook-matrix-media-repo.md b/docs/configuring-playbook-matrix-media-repo.md index a91f3e444..a935bcbea 100644 --- a/docs/configuring-playbook-matrix-media-repo.md +++ b/docs/configuring-playbook-matrix-media-repo.md @@ -14,7 +14,7 @@ For a simpler alternative (which allows you to offload your media repository sto ## Quickstart -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file and [re-run the installation process](./installing.md) for the playbook: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file and [re-run the installation process](./installing.md) for the playbook: ```yaml matrix_media_repo_enabled: true @@ -105,7 +105,7 @@ If you wish to manually generate the signing key and merge it with your homeserv ### Key backup and revoking -Since your homeserver signing key file is modified by the playbook, a backup will be created in `HOMESERVER_DIR/config/DOMAIN.signing.key.backup`. If you need to remove/revoke old keys, you can restore from this backup or remove the MMR key ID from your `DOMAIN.signing.key` file. +Since your homeserver signing key file is modified by the playbook, a backup will be created in `HOMESERVER_DIR/config/example.com.signing.key.backup`. If you need to remove/revoke old keys, you can restore from this backup or remove the MMR key ID from your `example.com.signing.key` file. Additionally, its recommended after revoking a signing key to update your homeserver config file (`old_signing_keys` field for Synapse and `old_private_keys` for Dendrite). See your homeserver config file for further documentation on how to populate the field. diff --git a/docs/configuring-playbook-matrix-registration.md b/docs/configuring-playbook-matrix-registration.md index 890c23273..cfd0b61c8 100644 --- a/docs/configuring-playbook-matrix-registration.md +++ b/docs/configuring-playbook-matrix-registration.md @@ -14,12 +14,12 @@ Use matrix-registration to **create unique registration links**, which people ca - **an API for creating registration tokens** (unique registration links). This API can be used via `curl` or via the playbook (see [Usage](#usage) below) -- **a user registration page**, where people can use these registration tokens. By default, exposed at `https://matrix.DOMAIN/matrix-registration` +- **a user registration page**, where people can use these registration tokens. By default, exposed at `https://matrix.example.com/matrix-registration` ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_registration_enabled: true @@ -39,7 +39,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -**matrix-registration** gets exposed at `https://matrix.DOMAIN/matrix-registration` +**matrix-registration** gets exposed at `https://matrix.example.com/matrix-registration` It provides various [APIs](https://github.com/ZerataX/matrix-registration/wiki/api) - for creating registration tokens, listing tokens, disabling tokens, etc. To make use of all of its capabilities, consider using `curl`. diff --git a/docs/configuring-playbook-mautrix-bridges.md b/docs/configuring-playbook-mautrix-bridges.md index ddb935809..04fda5b01 100644 --- a/docs/configuring-playbook-mautrix-bridges.md +++ b/docs/configuring-playbook-mautrix-bridges.md @@ -7,7 +7,7 @@ You can see each bridge's features at in the `ROADMAP.md` file in its correspond ## Adjusting the playbook configuration -To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml # Replace SERVICENAME with one of: twitter, facebook, instagram, .. @@ -16,7 +16,7 @@ matrix_mautrix_SERVICENAME_enabled: true There are some additional things you may wish to configure about the bridge before you continue. Each bridge may have additional requirements besides `_enabled: true`. For example, the mautrix-telegram bridge (our documentation page about it is [here](configuring-playbook-bridge-mautrix-telegram.md)) requires the `matrix_mautrix_telegram_api_id` and `matrix_mautrix_telegram_api_hash` variables to be defined. Refer to each bridge's individual documentation page for details about enabling bridges. -To **configure a user as an administrator for all bridges**, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To **configure a user as an administrator for all bridges**, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_admin: "@YOUR_USERNAME:{{ matrix_domain }}" @@ -33,7 +33,7 @@ matrix_mautrix_SERVICENAME_configuration_extension_yaml: | ## encryption -Encryption support is off by default. If you would like to enable encryption, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Encryption support is off by default. If you would like to enable encryption, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: **for all bridges with encryption support**: @@ -51,7 +51,7 @@ matrix_mautrix_SERVICENAME_bridge_encryption_default: true ## relay mode -Relay mode is off by default. If you would like to enable relay mode, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Relay mode is off by default. If you would like to enable relay mode, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: **for all bridges with relay mode support**: diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index 7f5252cc1..17977cf98 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -11,7 +11,7 @@ This role is intended to support UnifiedPush notifications for use with the Matr ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml # Enabling it is the only required setting @@ -56,7 +56,7 @@ You need to install the `ntfy` app on each device on which you want to receive p ### Setting up the `ntfy` Android app 1. Install the [ntfy Android app](https://ntfy.sh/docs/subscribe/phone/) from F-droid or Google Play. -2. In its Settings -> `General: Default server`, enter your ntfy server URL, such as `https://ntfy.DOMAIN`. +2. In its Settings -> `General: Default server`, enter your ntfy server URL, such as `https://ntfy.example.com`. 3. In its Settings -> `Advanced: Connection protocol`, choose `WebSockets`. That is all you need to do in the ntfy app. It has many other features, but for our purposes you can ignore them. In particular you do not need to follow any instructions about subscribing to a notification topic as UnifiedPush will do that automatically. diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index f7d1ab9d8..092128287 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -14,7 +14,7 @@ There are 2 ways to use Traefik with this playbook, as described below. ### Traefik managed by the playbook -To have the playbook install and use Traefik, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To have the playbook install and use Traefik, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_playbook_reverse_proxy_type: playbook-managed-traefik @@ -192,7 +192,7 @@ Your reverse-proxy configuration needs to send traffic to these ports. The [`exa It's important that these webservers proxy-pass requests to the correct place and also set the `Host` HTTP header appropriately. If you don't pass the `Host` header correctly, you would get a 404 not found error from Traefik. -To put it another way, `curl http://127.0.0.1:81` would give you a 404, but `curl -H 'Host: matrix.DOMAIN' http://127.0.0.1:81` should work. +To put it another way, `curl http://127.0.0.1:81` would give you a 404, but `curl -H 'Host: matrix.example.com' http://127.0.0.1:81` should work. ### Using no reverse-proxy on the Matrix side at all diff --git a/docs/configuring-playbook-pantalaimon.md b/docs/configuring-playbook-pantalaimon.md index 2663e2e27..4c2ad39ec 100644 --- a/docs/configuring-playbook-pantalaimon.md +++ b/docs/configuring-playbook-pantalaimon.md @@ -8,7 +8,7 @@ This role exposes Pantalaimon's API only within the container network, so bots a ## 1. Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml matrix_pantalaimon_enabled: true diff --git a/docs/configuring-playbook-postgres-backup.md b/docs/configuring-playbook-postgres-backup.md index c40e4d0c5..dfb31ba13 100644 --- a/docs/configuring-playbook-postgres-backup.md +++ b/docs/configuring-playbook-postgres-backup.md @@ -7,7 +7,7 @@ For a more complete backup solution (one that includes not only Postgres, but al ## Adjusting the playbook configuration -To enable Postgres backup, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable Postgres backup, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml postgres_backup_enabled: true diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index 6f096da43..c984c86f7 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -61,7 +61,7 @@ Most of our docker containers run with limited system access, but the `prometheu When you'd like **to collect metrics from an external Prometheus server**, you need to expose service metrics outside of the container network. -The playbook provides a single endpoint (`https://matrix.DOMAIN/metrics/*`), under which various services may expose their metrics (e.g. `/metrics/node-exporter`, `/metrics/postgres-exporter`, `/metrics/hookshot`, etc). To expose all services on this `/metrics/*` feature, use `matrix_metrics_exposure_enabled`. To protect access using [Basic Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication), see `matrix_metrics_exposure_http_basic_auth_enabled` and `matrix_metrics_exposure_http_basic_auth_users` below. +The playbook provides a single endpoint (`https://matrix.example.com/metrics/*`), under which various services may expose their metrics (e.g. `/metrics/node-exporter`, `/metrics/postgres-exporter`, `/metrics/hookshot`, etc). To expose all services on this `/metrics/*` feature, use `matrix_metrics_exposure_enabled`. To protect access using [Basic Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication), see `matrix_metrics_exposure_http_basic_auth_enabled` and `matrix_metrics_exposure_http_basic_auth_users` below. When using `matrix_metrics_exposure_enabled`, you don't need to expose metrics for individual services one by one. @@ -69,26 +69,26 @@ The following variables may be of interest: Name | Description -----|---------- -`matrix_metrics_exposure_enabled`|Set this to `true` to **enable metrics exposure for all services** on `https://matrix.DOMAIN/metrics/*`. If you think this is too much, refer to the helpful (but nonexhaustive) list of individual `matrix_SERVICE_metrics_proxying_enabled` (or similar) variables below for exposing metrics on a per-service basis. -`matrix_metrics_exposure_http_basic_auth_enabled`|Set this to `true` to protect all `https://matrix.DOMAIN/metrics/*` endpoints with [Basic Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) (see the other variables below for supplying the actual credentials). When enabled, all endpoints beneath `/metrics` will be protected with the same credentials +`matrix_metrics_exposure_enabled`|Set this to `true` to **enable metrics exposure for all services** on `https://matrix.example.com/metrics/*`. If you think this is too much, refer to the helpful (but nonexhaustive) list of individual `matrix_SERVICE_metrics_proxying_enabled` (or similar) variables below for exposing metrics on a per-service basis. +`matrix_metrics_exposure_http_basic_auth_enabled`|Set this to `true` to protect all `https://matrix.example.com/metrics/*` endpoints with [Basic Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) (see the other variables below for supplying the actual credentials). When enabled, all endpoints beneath `/metrics` will be protected with the same credentials `matrix_metrics_exposure_http_basic_auth_users`|Set this to the Basic Authentication credentials (raw `htpasswd` file content) used to protect `/metrics/*`. This htpasswd-file needs to be generated with the `htpasswd` tool and can include multiple username/password pairs. `matrix_synapse_metrics_enabled`|Set this to `true` to make Synapse expose metrics (locally, on the container network) -`matrix_synapse_metrics_proxying_enabled`|Set this to `true` to expose Synapse's metrics on `https://matrix.DOMAIN/metrics/synapse/main-process` and `https://matrix.DOMAIN/metrics/synapse/worker/TYPE-ID`. Read [below](#collecting-synapse-worker-metrics-to-an-external-prometheus-server) if you're running a Synapse worker setup (`matrix_synapse_workers_enabled: true`). To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. +`matrix_synapse_metrics_proxying_enabled`|Set this to `true` to expose Synapse's metrics on `https://matrix.example.com/metrics/synapse/main-process` and `https://matrix.example.com/metrics/synapse/worker/TYPE-ID`. Read [below](#collecting-synapse-worker-metrics-to-an-external-prometheus-server) if you're running a Synapse worker setup (`matrix_synapse_workers_enabled: true`). To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. `prometheus_node_exporter_enabled`|Set this to `true` to enable the node (general system stats) exporter (locally, on the container network) -`prometheus_node_exporter_container_labels_traefik_enabled`|Set this to `true` to expose the node (general system stats) metrics on `https://matrix.DOMAIN/metrics/node-exporter`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. +`prometheus_node_exporter_container_labels_traefik_enabled`|Set this to `true` to expose the node (general system stats) metrics on `https://matrix.example.com/metrics/node-exporter`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. `prometheus_postgres_exporter_enabled`|Set this to `true` to enable the [Postgres exporter](configuring-playbook-prometheus-postgres.md) (locally, on the container network) -`prometheus_postgres_exporter_container_labels_traefik_enabled`|Set this to `true` to expose the [Postgres exporter](configuring-playbook-prometheus-postgres.md) metrics on `https://matrix.DOMAIN/metrics/postgres-exporter`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. +`prometheus_postgres_exporter_container_labels_traefik_enabled`|Set this to `true` to expose the [Postgres exporter](configuring-playbook-prometheus-postgres.md) metrics on `https://matrix.example.com/metrics/postgres-exporter`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. `matrix_prometheus_nginxlog_exporter_enabled`|Set this to `true` to enable the [NGINX Log exporter](configuring-playbook-prometheus-nginxlog.md) (locally, on the container network) `matrix_sliding_sync_metrics_enabled`|Set this to `true` to make [Sliding Sync](configuring-playbook-sliding-sync-proxy.md) expose metrics (locally, on the container network) -`matrix_sliding_sync_metrics_proxying_enabled`|Set this to `true` to expose the [Sliding Sync](configuring-playbook-sliding-sync-proxy.md) metrics on `https://matrix.DOMAIN/metrics/sliding-sync`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. +`matrix_sliding_sync_metrics_proxying_enabled`|Set this to `true` to expose the [Sliding Sync](configuring-playbook-sliding-sync-proxy.md) metrics on `https://matrix.example.com/metrics/sliding-sync`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. `matrix_bridge_hookshot_metrics_enabled`|Set this to `true` to make [Hookshot](configuring-playbook-bridge-hookshot.md) expose metrics (locally, on the container network) -`matrix_bridge_hookshot_metrics_proxying_enabled`|Set this to `true` to expose the [Hookshot](configuring-playbook-bridge-hookshot.md) metrics on `https://matrix.DOMAIN/metrics/hookshot`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. +`matrix_bridge_hookshot_metrics_proxying_enabled`|Set this to `true` to expose the [Hookshot](configuring-playbook-bridge-hookshot.md) metrics on `https://matrix.example.com/metrics/hookshot`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. `matrix_SERVICE_metrics_proxying_enabled`|Various other services/roles may provide similar `_metrics_enabled` and `_metrics_proxying_enabled` variables for exposing their metrics. Refer to each role for details. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above or `matrix_SERVICE_container_labels_metrics_middleware_basic_auth_enabled`/`matrix_SERVICE_container_labels_metrics_middleware_basic_auth_users` variables provided by each role. `matrix_media_repo_metrics_enabled`|Set this to `true` to make media-repo expose metrics (locally, on the container network) ### Collecting Synapse worker metrics to an external Prometheus server -If you are using workers (`matrix_synapse_workers_enabled: true`) and have enabled `matrix_synapse_metrics_proxying_enabled` as described above, the playbook will also automatically expose all Synapse worker threads' metrics to `https://matrix.DOMAIN/metrics/synapse/worker/ID`, where `ID` corresponds to the worker `id` as exemplified in `matrix_synapse_workers_enabled_list`. +If you are using workers (`matrix_synapse_workers_enabled: true`) and have enabled `matrix_synapse_metrics_proxying_enabled` as described above, the playbook will also automatically expose all Synapse worker threads' metrics to `https://matrix.example.com/metrics/synapse/worker/ID`, where `ID` corresponds to the worker `id` as exemplified in `matrix_synapse_workers_enabled_list`. The playbook also generates an exemplary config file (`/matrix/synapse/external_prometheus.yml.template`) with all the correct paths which you can copy to your Prometheus server and adapt to your needs. Make sure to edit the specified `password_file` path and contents and path to your `synapse-v2.rules`. It will look a bit like this: @@ -101,7 +101,7 @@ scrape_configs: username: prometheus password_file: /etc/prometheus/password.pwd static_configs: - - targets: ['matrix.DOMAIN:443'] + - targets: ['matrix.example.com:443'] labels: job: "master" index: 1 @@ -112,7 +112,7 @@ scrape_configs: username: prometheus password_file: /etc/prometheus/password.pwd static_configs: - - targets: ['matrix.DOMAIN:443'] + - targets: ['matrix.example.com:443'] labels: job: "generic_worker" index: 18111 diff --git a/docs/configuring-playbook-prometheus-nginxlog.md b/docs/configuring-playbook-prometheus-nginxlog.md index 3923fb685..d7b4ca3bb 100644 --- a/docs/configuring-playbook-prometheus-nginxlog.md +++ b/docs/configuring-playbook-prometheus-nginxlog.md @@ -14,7 +14,7 @@ If your setup includes [Grafana](./configuring-playbook-prometheus-grafana.md), ## Configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_prometheus_nginxlog_exporter_enabled: true @@ -49,6 +49,6 @@ When using an external Prometheus server, you'll need to expose metrics publicly You can either use `matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled: true` to expose just this one service, or `matrix_metrics_exposure_enabled: true` to expose all services. -Whichever way you go with, this service will expose its metrics endpoint **without password-protection** at `https://matrix.DOMAIN/metrics/nginxlog` by default. +Whichever way you go with, this service will expose its metrics endpoint **without password-protection** at `https://matrix.example.com/metrics/nginxlog` by default. For password-protection, use (`matrix_metrics_exposure_http_basic_auth_enabled` and `matrix_metrics_exposure_http_basic_auth_users`) or (`matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_enabled` and `matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_users`). diff --git a/docs/configuring-playbook-prometheus-postgres.md b/docs/configuring-playbook-prometheus-postgres.md index 51ed9bbd1..f24bc0818 100644 --- a/docs/configuring-playbook-prometheus-postgres.md +++ b/docs/configuring-playbook-prometheus-postgres.md @@ -4,7 +4,7 @@ Expanding on the metrics exposed by the [synapse exporter and the node exporter] ## Adjusting the playbook configuration -To enable the postgres exporter, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable the postgres exporter, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml prometheus_postgres_exporter_enabled: true @@ -21,7 +21,7 @@ Name | Description `prometheus_postgres_exporter_enabled`|Enable the postgres prometheus exporter. This sets up the docker container, connects it to the database and adds a 'job' to the prometheus config which tells prometheus about this new exporter. The default is 'false' `prometheus_postgres_exporter_database_username`| The 'username' for the user that the exporter uses to connect to the database. The default is 'matrix_prometheus_postgres_exporter' `prometheus_postgres_exporter_database_password`| The 'password' for the user that the exporter uses to connect to the database. By default, this is auto-generated by the playbook -`prometheus_postgres_exporter_container_labels_traefik_enabled`|If set to `true`, exposes the Postgres exporter metrics on `https://matrix.DOMAIN/metrics/postgres-exporter` for usage with an [external Prometheus server](configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server). To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` on that other documentation page. +`prometheus_postgres_exporter_container_labels_traefik_enabled`|If set to `true`, exposes the Postgres exporter metrics on `https://matrix.example.com/metrics/postgres-exporter` for usage with an [external Prometheus server](configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server). To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` on that other documentation page. ## More information diff --git a/docs/configuring-playbook-rageshake.md b/docs/configuring-playbook-rageshake.md index ae33a0817..34fd08633 100644 --- a/docs/configuring-playbook-rageshake.md +++ b/docs/configuring-playbook-rageshake.md @@ -7,12 +7,12 @@ This is useful if you're developing your own applications and would like to coll ## Decide on a domain and path -By default, Rageshake is configured to use its own dedicated domain (`rageshake.DOMAIN`) and requires you to [adjust your DNS records](#adjusting-dns-records). +By default, Rageshake is configured to use its own dedicated domain (`rageshake.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). You can override the domain and path like this: ```yaml -# Switch to the domain used for Matrix services (`matrix.DOMAIN`), +# Switch to the domain used for Matrix services (`matrix.example.com`), # so we won't need to add additional DNS records for Rageshake. matrix_rageshake_hostname: "{{ matrix_server_fqn_matrix }}" @@ -30,7 +30,7 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Enabling the Rageshake service -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml matrix_rageshake_enabled: true diff --git a/docs/configuring-playbook-rest-auth.md b/docs/configuring-playbook-rest-auth.md index d1dce0e51..c9352c6c6 100644 --- a/docs/configuring-playbook-rest-auth.md +++ b/docs/configuring-playbook-rest-auth.md @@ -6,7 +6,7 @@ See that project's documentation to learn what it does and why it might be usefu ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml matrix_synapse_ext_password_provider_rest_auth_enabled: true diff --git a/docs/configuring-playbook-riot-web.md b/docs/configuring-playbook-riot-web.md index 5ce3a7a2b..f2ffb869a 100644 --- a/docs/configuring-playbook-riot-web.md +++ b/docs/configuring-playbook-riot-web.md @@ -12,20 +12,20 @@ Riot has since been [renamed to Element](https://element.io/blog/welcome-to-elem ### Migrating your custom settings -If you have custom `matrix_riot_web_` variables in your `inventory/host_vars/matrix.DOMAIN/vars.yml` file, you'll need to rename them (`matrix_riot_web_` -> `matrix_client_element_`). +If you have custom `matrix_riot_web_` variables in your `inventory/host_vars/matrix.example.com/vars.yml` file, you'll need to rename them (`matrix_riot_web_` -> `matrix_client_element_`). Some other playbook variables (but not all) with `riot` in their name are also renamed. The playbook checks and warns if you are using the old name for some commonly used ones. ### Domain migration -We used to set up Riot at the `riot.DOMAIN` domain. The playbook now sets up Element at `element.DOMAIN` by default. +We used to set up Riot at the `riot.example.com` domain. The playbook now sets up Element at `element.example.com` by default. There are a few options for handling this: -- (**avoiding changes** - using the old `riot.DOMAIN` domain and avoiding DNS changes) -- to keep using `riot.DOMAIN` instead of `element.DOMAIN`, override the domain at which the playbook serves Element: `matrix_server_fqn_element: "riot.{{ matrix_domain }}"` +- (**avoiding changes** - using the old `riot.example.com` domain and avoiding DNS changes) -- to keep using `riot.example.com` instead of `element.example.com`, override the domain at which the playbook serves Element: `matrix_server_fqn_element: "riot.{{ matrix_domain }}"` -- (**embracing changes** - using only `element.DOMAIN`) - set up the `element.DOMAIN` DNS record (see [Configuring DNS](configuring-dns.md)). You can drop the `riot.DOMAIN` in this case. +- (**embracing changes** - using only `element.example.com`) - set up the `element.example.com` DNS record (see [Configuring DNS](configuring-dns.md)). You can drop the `riot.example.com` in this case. ### Re-running the playbook diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md index 4181cecea..ac32c698c 100644 --- a/docs/configuring-playbook-s3-goofys.md +++ b/docs/configuring-playbook-s3-goofys.md @@ -11,7 +11,7 @@ If you'd like to move your locally-stored media store data to Amazon S3 (or anot ## Adjusting the playbook configuration -After [creating the S3 bucket and configuring it](configuring-playbook-s3.md#bucket-creation-and-security-configuration), add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +After [creating the S3 bucket and configuring it](configuring-playbook-s3.md#bucket-creation-and-security-configuration), add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml matrix_s3_media_store_enabled: true diff --git a/docs/configuring-playbook-s3.md b/docs/configuring-playbook-s3.md index 48f44883d..f29f1e3bd 100644 --- a/docs/configuring-playbook-s3.md +++ b/docs/configuring-playbook-s3.md @@ -75,11 +75,11 @@ You [can't easily change which region (US, Europe) your Backblaze account stores After logging in to Backblaze: -- create a new **private** bucket through its user interface (you can call it something like `matrix-DOMAIN-media-store`) +- create a new **private** bucket through its user interface (you can call it something like `matrix-example.com-media-store`) - note the **Endpoint** for your bucket (something like `s3.us-west-002.backblazeb2.com`). - adjust its Lifecycle Rules to: Keep only the last version of the file - go to [App Keys](https://secure.backblaze.com/app_keys.htm) and use the **Add a New Application Key** to create a new one - - restrict it to the previously created bucket (e.g. `matrix-DOMAIN-media-store`) + - restrict it to the previously created bucket (e.g. `matrix-example.com-media-store`) - give it *Read & Write* access The `keyID` value is your **Access Key** and `applicationKey` is your **Secret Key**. diff --git a/docs/configuring-playbook-shared-secret-auth.md b/docs/configuring-playbook-shared-secret-auth.md index 542cd3cee..0c11df290 100644 --- a/docs/configuring-playbook-shared-secret-auth.md +++ b/docs/configuring-playbook-shared-secret-auth.md @@ -6,7 +6,7 @@ See that project's documentation to learn what it does and why it might be usefu ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_synapse_ext_password_provider_shared_secret_auth_enabled: true diff --git a/docs/configuring-playbook-sliding-sync-proxy.md b/docs/configuring-playbook-sliding-sync-proxy.md index 4a1dd521e..0368f4a3a 100644 --- a/docs/configuring-playbook-sliding-sync-proxy.md +++ b/docs/configuring-playbook-sliding-sync-proxy.md @@ -14,7 +14,7 @@ Element X Android is [available on the Github Releases page](https://github.com/ ## Decide on a domain and path -By default, the Sliding Sync proxy is configured to be served on the Matrix domain (`matrix.DOMAIN`, controlled by `matrix_server_fqn_matrix`), under the `/sliding-sync` path. +By default, the Sliding Sync proxy is configured to be served on the Matrix domain (`matrix.example.com`, controlled by `matrix_server_fqn_matrix`), under the `/sliding-sync` path. This makes it easy to set it up, **without** having to [adjust your DNS records](#adjusting-dns-records). @@ -28,7 +28,7 @@ If you've changed the default hostname, **you may need to adjust your DNS** reco ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_sliding_sync_enabled: true @@ -56,6 +56,6 @@ matrix_sliding_sync_database_name: 'matrix_sliding_sync' You **don't need to do anything special** to make use of the Sliding Sync Proxy. Simply open your client which supports Sliding Sync (like Element X) and log in. -When the Sliding Sync proxy is [installed](#installing), your `/.well-known/matrix/client` file is also updated. A new `org.matrix.msc3575.proxy` section and `url` property are added there and made to point to your Sliding Sync proxy's base URL (e.g. `https://matrix.DOMAIN/sliding-sync`). +When the Sliding Sync proxy is [installed](#installing), your `/.well-known/matrix/client` file is also updated. A new `org.matrix.msc3575.proxy` section and `url` property are added there and made to point to your Sliding Sync proxy's base URL (e.g. `https://matrix.example.com/sliding-sync`). This allows clients which support Sliding Sync to detect the Sliding Sync Proxy's URL and make use of it. diff --git a/docs/configuring-playbook-ssl-certificates.md b/docs/configuring-playbook-ssl-certificates.md index 0f1b9e509..583bc0b11 100644 --- a/docs/configuring-playbook-ssl-certificates.md +++ b/docs/configuring-playbook-ssl-certificates.md @@ -9,7 +9,7 @@ This guide is about using the integrated Traefik server and doesn't apply if you For testing purposes, you may wish to use staging certificates provide by Let's Encrypt. -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml traefik_config_certificatesResolvers_acme_use_staging: true @@ -20,7 +20,7 @@ traefik_config_certificatesResolvers_acme_use_staging: true For testing or other purposes, you may wish to install services without SSL termination and have services exposed to `http://` instead of `https://`. -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml traefik_config_entrypoint_web_secure_enabled: false diff --git a/docs/configuring-playbook-sygnal.md b/docs/configuring-playbook-sygnal.md index 77e2f38a9..d7382c3d0 100644 --- a/docs/configuring-playbook-sygnal.md +++ b/docs/configuring-playbook-sygnal.md @@ -13,12 +13,12 @@ This optional playbook component is only useful to people who develop/build thei ## Decide on a domain and path -By default, Sygnal is configured to use its own dedicated domain (`sygnal.DOMAIN`) and requires you to [adjust your DNS records](#adjusting-dns-records). +By default, Sygnal is configured to use its own dedicated domain (`sygnal.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). You can override the domain and path like this: ```yaml -# Switch to the domain used for Matrix services (`matrix.DOMAIN`), +# Switch to the domain used for Matrix services (`matrix.example.com`), # so we won't need to add additional DNS records for Sygnal. matrix_sygnal_hostname: "{{ matrix_server_fqn_matrix }}" @@ -36,7 +36,7 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml matrix_sygnal_enabled: true @@ -87,6 +87,6 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -To make use of your Sygnal installation, you'd need to build your own Matrix client application, which uses the same API keys (for [GCM/FCM](https://firebase.google.com/docs/cloud-messaging/)) and certificates (for [APNS](https://developer.apple.com/notifications/)) and is to your Sygnal URL endpoint (e.g. `https://sygnal.DOMAIN`). +To make use of your Sygnal installation, you'd need to build your own Matrix client application, which uses the same API keys (for [GCM/FCM](https://firebase.google.com/docs/cloud-messaging/)) and certificates (for [APNS](https://developer.apple.com/notifications/)) and is to your Sygnal URL endpoint (e.g. `https://sygnal.example.com`). Refer to Sygnal's [Notes for application developers](https://github.com/matrix-org/sygnal/blob/master/docs/applications.md) document. diff --git a/docs/configuring-playbook-synapse-admin.md b/docs/configuring-playbook-synapse-admin.md index 1371ea93a..d62423a31 100644 --- a/docs/configuring-playbook-synapse-admin.md +++ b/docs/configuring-playbook-synapse-admin.md @@ -9,7 +9,7 @@ See the project's [documentation](https://github.com/etkecc/synapse-admin) to le ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_synapse_admin_enabled: true @@ -30,6 +30,6 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -After installation, Synapse Admin will be accessible at: `https://matrix.DOMAIN/synapse-admin/` +After installation, Synapse Admin will be accessible at: `https://matrix.example.com/synapse-admin/` To use Synapse Admin, you need to have [registered at least one administrator account](registering-users.md) on your server. diff --git a/docs/configuring-playbook-synapse-auto-accept-invite.md b/docs/configuring-playbook-synapse-auto-accept-invite.md index 057d79d70..4aca475a2 100644 --- a/docs/configuring-playbook-synapse-auto-accept-invite.md +++ b/docs/configuring-playbook-synapse-auto-accept-invite.md @@ -10,7 +10,7 @@ In short, it automatically accepts room invites. You can specify that only 1:1 r ## Configuration -If you decide that you'd like to let this playbook install the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite module for you, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +If you decide that you'd like to let this playbook install the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite module for you, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_synapse_ext_synapse_auto_accept_invite_enabled: true diff --git a/docs/configuring-playbook-synapse-auto-compressor.md b/docs/configuring-playbook-synapse-auto-compressor.md index 1d22aa535..da279d9e3 100644 --- a/docs/configuring-playbook-synapse-auto-compressor.md +++ b/docs/configuring-playbook-synapse-auto-compressor.md @@ -9,7 +9,7 @@ See the project's [documentation](https://github.com/matrix-org/rust-synapse-com ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_synapse_auto_compressor_enabled: true diff --git a/docs/configuring-playbook-synapse-simple-antispam.md b/docs/configuring-playbook-synapse-simple-antispam.md index a5ba1033d..4c13b987a 100644 --- a/docs/configuring-playbook-synapse-simple-antispam.md +++ b/docs/configuring-playbook-synapse-simple-antispam.md @@ -7,7 +7,7 @@ In short, it lets you fight invite-spam by automatically blocking invitiations f ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs): +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): ```yaml matrix_synapse_ext_spam_checker_synapse_simple_antispam_enabled: true diff --git a/docs/configuring-playbook-synapse-usage-exporter.md b/docs/configuring-playbook-synapse-usage-exporter.md index a67becdf4..85c455b0f 100644 --- a/docs/configuring-playbook-synapse-usage-exporter.md +++ b/docs/configuring-playbook-synapse-usage-exporter.md @@ -13,13 +13,13 @@ Enabling this service will automatically: ## Quickstart -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file and [re-run the installation process](./installing.md) for the playbook: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file and [re-run the installation process](./installing.md) for the playbook: ```yaml matrix_synapse_usage_exporter_enabled: true # (Optional) Expose endpoint if you want to collect statistics from outside (from other homeservers). -# If enabled, synapse-usage-exporter will be exposed publicly at `matrix.DOMAIN/report-usage-stats/push`. +# If enabled, synapse-usage-exporter will be exposed publicly at `matrix.example.com/report-usage-stats/push`. # When collecting usage statistics for Synapse running on the same host, you don't need to enable this. # You can adjust the hostname and path via `matrix_synapse_usage_exporter_hostname` and `matrix_synapse_usage_exporter_path_prefix`. # matrix_synapse_usage_exporter_proxying_enabled: true diff --git a/docs/configuring-playbook-synapse.md b/docs/configuring-playbook-synapse.md index 60f764bc7..f5a08ae5a 100644 --- a/docs/configuring-playbook-synapse.md +++ b/docs/configuring-playbook-synapse.md @@ -21,7 +21,7 @@ Alternatively, **if there is no pre-defined variable** for a Synapse setting you To have Synapse gracefully handle thousands of users, worker support should be enabled. It factors out some homeserver tasks and spreads the load of incoming client and server-to-server traffic between multiple processes. More information can be found in the [official Synapse workers documentation](https://github.com/element-hq/synapse/blob/master/docs/workers.md) and [Tom Foster](https://github.com/tcpipuk)'s [Synapse homeserver guide](https://tcpipuk.github.io/synapse/index.html). -To enable Synapse worker support, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable Synapse worker support, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_synapse_workers_enabled: true @@ -126,7 +126,7 @@ If template customization is enabled, the playbook will build a custom container Your custom templates need to live in a public or private git repository. This repository will be cloned during Synapse image customization (during the playbook run). -To enable template customizations, use a configuration (`inventory/host_vars/matrix.DOMAIN/vars.yml`) like this: +To enable template customizations, use a configuration (`inventory/host_vars/matrix.example.com/vars.yml`) like this: ```yaml # If you'd like to ensure that the customized image is built each time the playbook runs, enable this. diff --git a/docs/configuring-playbook-telemetry.md b/docs/configuring-playbook-telemetry.md index 3d2efde68..a4a9117fd 100644 --- a/docs/configuring-playbook-telemetry.md +++ b/docs/configuring-playbook-telemetry.md @@ -9,7 +9,7 @@ growth of the Matrix community, and helps to make Matrix a success. ## Enabling Telemetry -If you'd like to **help by enabling submission of general usage statistics** for your homeserver, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +If you'd like to **help by enabling submission of general usage statistics** for your homeserver, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_synapse_report_stats: true # for synapse diff --git a/docs/configuring-playbook-traefik.md b/docs/configuring-playbook-traefik.md index 3b49a8bb9..aeab79dbf 100644 --- a/docs/configuring-playbook-traefik.md +++ b/docs/configuring-playbook-traefik.md @@ -25,7 +25,7 @@ traefik_config_accessLog_enabled: false ## Enable Traefik Dashboard -This will enable a Traefik [Dashboard](https://doc.traefik.io/traefik/operations/dashboard/) UI at `https://matrix.DOMAIN/dashboard/` (note the trailing `/`). +This will enable a Traefik [Dashboard](https://doc.traefik.io/traefik/operations/dashboard/) UI at `https://matrix.example.com/dashboard/` (note the trailing `/`). ```yaml traefik_dashboard_enabled: true diff --git a/docs/configuring-playbook-turn.md b/docs/configuring-playbook-turn.md index d41ead932..b347c1309 100644 --- a/docs/configuring-playbook-turn.md +++ b/docs/configuring-playbook-turn.md @@ -7,7 +7,7 @@ By default, the Synapse chat server is configured, so that it points to the Cotu ## Disabling Coturn -If, for some reason, you'd like to prevent the playbook from installing Coturn, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +If, for some reason, you'd like to prevent the playbook from installing Coturn, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_coturn_enabled: false diff --git a/docs/configuring-playbook-user-verification-service.md b/docs/configuring-playbook-user-verification-service.md index ccac883a3..62b3ec00b 100644 --- a/docs/configuring-playbook-user-verification-service.md +++ b/docs/configuring-playbook-user-verification-service.md @@ -31,7 +31,7 @@ In order to use UVS, an admin token for the configured homeserver must be suppli ## Enable [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) installation is disabled by default. -To enable it, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +To enable it, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_user_verification_service_enabled: true diff --git a/docs/faq.md b/docs/faq.md index 50dcdaaf6..24b2f9c35 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -74,9 +74,9 @@ To get started with the playbook, start at the [Prerequisites](prerequisites.md) We have written these automated tasks for you and all you need to do is execute them using the Ansible program. -You can install Ansible and this playbook code repository on your own computer and tell it to install Matrix services at the server living at `matrix.DOMAIN`. We recommend installing Ansible on your own computer. +You can install Ansible and this playbook code repository on your own computer and tell it to install Matrix services at the server living at `matrix.example.com`. We recommend installing Ansible on your own computer. -Alternatively, you can download Ansible and the playbook itself directly on the `matrix.DOMAIN` server. +Alternatively, you can download Ansible and the playbook itself directly on the `matrix.example.com` server. To learn more, see our [dedicated Ansible documentation page](ansible.md). @@ -218,61 +218,61 @@ If your distro runs within an [LXC container](https://linuxcontainers.org/), you ## Configuration -### Why install my server at matrix.DOMAIN and not at the base DOMAIN? +### Why install my server at matrix.example.com and not at the base domain? It's the same with email servers. Your email address is likely `name@company.com`, not `name@mail.company.com`, even though it's `mail.company.com` that is really handling your data for `@company.com` email to work. Using a separate domain name is easier to manage (although it's a little hard to get right at first) and keeps your Matrix server isolated from your website (if you have one), from your email server (if you have one), etc. -We allow `matrix.DOMAIN` to be the Matrix server handling Matrix stuff for `DOMAIN` by [Server Delegation](howto-server-delegation.md). During the installation procedure, we recommend that you set up server delegation using the [.well-known](configuring-well-known.md) method. +We allow `matrix.example.com` to be the Matrix server handling Matrix stuff for `example.com` by [Server Delegation](howto-server-delegation.md). During the installation procedure, we recommend that you set up server delegation using the [.well-known](configuring-well-known.md) method. -If you'd really like to install Matrix services directly on the base domain, see [How do I install on matrix.DOMAIN without involving the base DOMAIN?](#how-do-i-install-on-matrixdomain-without-involving-the-base-domain) +If you'd really like to install Matrix services directly on the base domain, see [How do I install on matrix.example.com without involving the base domain?](#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) -### I don't control anything on the base domain and can't set up delegation to matrix.DOMAIN. What do I do? +### I don't control anything on the base domain and can't set up delegation to matrix.example.com. What do I do? -If you're not in control of your base domain (or the server handling it) at all, you can take a look at [How do I install on matrix.DOMAIN without involving the base DOMAIN?](#how-do-i-install-on-matrixdomain-without-involving-the-base-domain) +If you're not in control of your base domain (or the server handling it) at all, you can take a look at [How do I install on matrix.example.com without involving the base domain?](#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) ### I can't set up HTTPS on the base domain. How will I get Matrix federating? -If you really can't obtain an HTTPS certificate for your base domain, you can take a look at [How do I install on matrix.DOMAIN without involving the base DOMAIN?](#how-do-i-install-on-matrixdomain-without-involving-the-base-domain) +If you really can't obtain an HTTPS certificate for your base domain, you can take a look at [How do I install on matrix.example.com without involving the base domain?](#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) -### How do I install on matrix.DOMAIN without involving the base DOMAIN? +### How do I install on matrix.example.com without involving the base domain? -This Ansible playbook guides you into installing a server for `DOMAIN` (user identifiers are like this: `@user:DOMAIN`), while the server is at `matrix.DOMAIN`. +This Ansible playbook guides you into installing a server for `example.com` (user identifiers are like this: `@user:example.com`), while the server is at `matrix.example.com`. -We allow `matrix.DOMAIN` to be the Matrix server handling Matrix stuff for `DOMAIN` by [Server Delegation](howto-server-delegation.md). During the installation procedure, we recommend that you set up server delegation using the [.well-known](configuring-well-known.md) method. +We allow `matrix.example.com` to be the Matrix server handling Matrix stuff for `example.com` by [Server Delegation](howto-server-delegation.md). During the installation procedure, we recommend that you set up server delegation using the [.well-known](configuring-well-known.md) method. -If you're fine with uglier identifiers (`@user:matrix.DOMAIN`, which is the equivalent of having an email address like `bob@mail.company.com`, instead of just `bob@company.com`), you can do that as well using the following configuration in your `vars.yml` file: +If you're fine with uglier identifiers (`@user:matrix.example.com`, which is the equivalent of having an email address like `bob@mail.company.com`, instead of just `bob@company.com`), you can do that as well using the following configuration in your `vars.yml` file: ```yaml -# This is what your identifiers are like (e.g. `@bob:matrix.YOUR_BASE_DOMAIN`). -matrix_domain: "matrix.YOUR_BASE_DOMAIN" +# This is what your identifiers are like (e.g. `@bob:matrix.example.com`). +matrix_domain: "matrix.example.com" # This is where Matrix services -matrix_server_fqn_matrix: "matrix.YOUR_BASE_DOMAIN" +matrix_server_fqn_matrix: "matrix.example.com" # This is where you access the Element web UI from (if enabled via `matrix_client_element_enabled: true`; enabled by default). # This and the Matrix FQN (see above) are expected to be on the same server. # -# Feel free to use `element.matrix.YOUR_BASE_DOMAIN`, if you'd prefer that. -matrix_server_fqn_element: "element.YOUR_BASE_DOMAIN" +# Feel free to use `element.matrix.example.com`, if you'd prefer that. +matrix_server_fqn_element: "element.example.com" # This is where you access Dimension (if enabled via `matrix_dimension_enabled: true`; NOT enabled by default). # -# Feel free to use `dimension.matrix.YOUR_BASE_DOMAIN`, if you'd prefer that. -matrix_server_fqn_dimension: "dimension.YOUR_BASE_DOMAIN" +# Feel free to use `dimension.matrix.example.com`, if you'd prefer that. +matrix_server_fqn_dimension: "dimension.example.com" # This is where you access Jitsi (if enabled via `jitsi_enabled: true`; NOT enabled by default). # -# Feel free to use `jitsi.matrix.YOUR_BASE_DOMAIN`, if you'd prefer that. -matrix_server_fqn_jitsi: "jitsi.YOUR_BASE_DOMAIN" +# Feel free to use `jitsi.matrix.example.com`, if you'd prefer that. +matrix_server_fqn_jitsi: "jitsi.example.com" ``` ### I don't use the base domain for anything. How am I supposed to set up Server Delegation for Matrix services? If you don't use your base domain for anything, then it's hard for you to "serve files over HTTPS" on it -- something we ask you to do for the [.well-known](configuring-well-known.md) setup (needed for [Server Delegation](howto-server-delegation.md)). -Luckily, the playbook can set up your Matrix server (at `matrix.DOMAIN`) to also handle traffic for the base domain (`DOMAIN`). +Luckily, the playbook can set up your Matrix server (at `matrix.example.com`) to also handle traffic for the base domain (`example.com`). See [Serving the base domain](configuring-playbook-base-domain-serving.md). @@ -332,7 +332,7 @@ Configuration variables are defined in multiple places in this playbook and are - then, there are overrides in `group_vars/matrix_servers`, which aim to adjust these "standalone role defaults" to something which better fits the playbook in its entirety. -- finally, there's your `inventory/host_vars/matrix.DOMAIN/vars.yml` file, which is the ultimate override +- finally, there's your `inventory/host_vars/matrix.example.com/vars.yml` file, which is the ultimate override ### What configuration variables are available? @@ -340,7 +340,7 @@ You can discover the variables you can override in each role (`roles/*/*/default As described in [How is the effective configuration determined?](#how-is-the-effective-configuration-determined), these role-defaults may be overriden by values defined in `group_vars/matrix_servers`. -Refer to both of these for inspiration. Still, as mentioned in [Configuring the playbook](configuring-playbook.md), you're only ever supposed to edit your own `inventory/host_vars/matrix.DOMAIN/vars.yml` file and nothing else inside the playbook (unless you're meaning to contribute new features). +Refer to both of these for inspiration. Still, as mentioned in [Configuring the playbook](configuring-playbook.md), you're only ever supposed to edit your own `inventory/host_vars/matrix.example.com/vars.yml` file and nothing else inside the playbook (unless you're meaning to contribute new features). **Note**: some of the roles (`roles/galaxy/*`) live in separate repositories and are only installed after your run `just roles` (or `make roles`) or `just update` (which automatically does `git pull` and `just roles`). @@ -373,7 +373,7 @@ Yes, you can. You generally need to do a playbook installation (start at the [Prerequisites](prerequisites.md) page), followed by importing your existing data into it. -This Ansible playbook guides you into installing a server for `DOMAIN` (user identifiers are like this: `@user:DOMAIN`), while the server is at `matrix.DOMAIN`. If your existing setup has a server name (`server_name` configuration setting in Synapse's `homeserver.yaml` file) other than the base `DOMAIN`, you may need to tweak some additional variables. This FAQ entry may be of use if you're dealing with a more complicated setup - [How do I install on matrix.DOMAIN without involving the base DOMAIN?](#how-do-i-install-on-matrixdomain-without-involving-the-base-domain) +This Ansible playbook guides you into installing a server for `example.com` (user identifiers are like this: `@user:example.com`), while the server is at `matrix.example.com`. If your existing setup has a server name (`server_name` configuration setting in Synapse's `homeserver.yaml` file) other than the base `example.com`, you may need to tweak some additional variables. This FAQ entry may be of use if you're dealing with a more complicated setup - [How do I install on matrix.example.com without involving the base domain?](#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) After configuring the playbook and installing and **before starting** services (done with `ansible-playbook ... --tags=start`) you'd import [your SQLite](importing-synapse-sqlite.md) (or [Postgres](importing-postgres.md)) database and also [import your media store](importing-synapse-media-store.md). diff --git a/docs/maintenance-and-troubleshooting.md b/docs/maintenance-and-troubleshooting.md index aea32cd8e..b6262a63a 100644 --- a/docs/maintenance-and-troubleshooting.md +++ b/docs/maintenance-and-troubleshooting.md @@ -28,7 +28,7 @@ Because the [Synapse](https://github.com/element-hq/synapse) Matrix server is or If you'd like to debug an issue or [report a Synapse bug](https://github.com/matrix-org/synapse/issues/new/choose) to the developers, it'd be better if you temporarily increasing the logging level to `INFO`. -Example configuration (`inventory/host_vars/matrix.DOMAIN/vars.yml`): +Example configuration (`inventory/host_vars/matrix.example.com/vars.yml`): ```yaml matrix_synapse_log_level: "INFO" diff --git a/docs/maintenance-migrating.md b/docs/maintenance-migrating.md index 638b3c0cb..d71a13e3d 100644 --- a/docs/maintenance-migrating.md +++ b/docs/maintenance-migrating.md @@ -4,7 +4,7 @@ # Migrating to new server -1. Prepare by lowering DNS TTL for your domains (`matrix.DOMAIN`, etc.), so that DNS record changes (step 4 below) would happen faster, leading to less downtime +1. Prepare by lowering DNS TTL for your domains (`matrix.example.com`, etc.), so that DNS record changes (step 4 below) would happen faster, leading to less downtime 2. Stop all services on the old server and make sure they won't be starting again. Execute this on the old server: `systemctl disable --now matrix*` (you might have to cd to /etc/systemd/system/ first) 3. Copy directory `/matrix` from the old server to the new server. Make sure to preserve ownership and permissions (use `cp -p` or `rsync -ar`)! 4. Make sure your DNS records are adjusted to point to the new server's IP address diff --git a/docs/maintenance-synapse.md b/docs/maintenance-synapse.md index f89594a45..b81f91937 100644 --- a/docs/maintenance-synapse.md +++ b/docs/maintenance-synapse.md @@ -55,7 +55,7 @@ First, set up an SSH tunnel to your matrix server (skip if it is your local mach ``` # you may replace 1799 with an arbitrary port unbound on both machines -ssh -L 1799:localhost:1799 matrix.DOMAIN +ssh -L 1799:localhost:1799 matrix.example.com ``` Then start up an ephemeral [adminer](https://www.adminer.org/) container on the Matrix server, connecting it to the `matrix` network and linking the postgresql container: diff --git a/docs/obtaining-access-tokens.md b/docs/obtaining-access-tokens.md index 7db2ef1bf..913f1b90c 100644 --- a/docs/obtaining-access-tokens.md +++ b/docs/obtaining-access-tokens.md @@ -31,9 +31,9 @@ curl -XPOST -d '{ "password": "PASSWORD", "type": "m.login.password", "device_id": "YOURDEVICEID" -}' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login' +}' 'https://matrix.example.com/_matrix/client/r0/login' ``` -Change `USERNAME`, `PASSWORD`, and `YOURDOMAIN` accordingly. +Change `USERNAME`, `PASSWORD`, and `example.com` accordingly. `YOURDEVICEID` is optional and can be used to more easily identify the session later. When omitted (mind the commas in the JSON payload if you'll be omitting it), a random device ID will be generated. @@ -41,9 +41,9 @@ Your response will look like this (prettified): ``` { - "user_id":"@USERNAME:YOURDOMAIN", + "user_id":"@USERNAME:example.com", "access_token":">>>YOUR_ACCESS_TOKEN_IS_HERE<<<", - "home_server":"YOURDOMAIN", + "home_server":"example.com", "device_id":"YOURDEVICEID" } ``` diff --git a/docs/registering-users.md b/docs/registering-users.md index 1fddafbbd..b6cd32852 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -71,13 +71,13 @@ If you're opening up registrations publicly like this, you might also wish to [c To change the admin privileges for a user, you need to run an SQL query like this against the `synapse` database: ```sql -UPDATE users SET admin=ADMIN_VALUE WHERE name = '@USER:DOMAIN'; +UPDATE users SET admin=ADMIN_VALUE WHERE name = '@USER:example.com'; ``` where: - `ADMIN_VALUE` being either `0` (regular user) or `1` (admin) -- `USER` and `DOMAIN` pointing to a valid user on your server +- `USER` and `example.com` pointing to a valid user on your server If you're using the integrated Postgres server and not an [external Postgres server](configuring-playbook-external-postgres.md), you can launch a Postgres into the `synapse` database by: diff --git a/examples/reverse-proxies/apache/README.md b/examples/reverse-proxies/apache/README.md index a25ba2017..939df3f22 100644 --- a/examples/reverse-proxies/apache/README.md +++ b/examples/reverse-proxies/apache/README.md @@ -10,5 +10,5 @@ To get started, first follow the [front the integrated reverse-proxy webserver w `matrix-domain.conf` contains configuration for the Matrix domain, which handles both the Client-Server API (port `443`) and the Matrix Federation API (port `8448`). -`matrix-client-element.conf` is an example for when you're hosting Element at `element.DOMAIN`. -This configuration can also be used as an example for handling other domains, depending on the services you enable with the playbook (e.g. `dimension.DOMAIN`, etc). +`matrix-client-element.conf` is an example for when you're hosting Element at `element.example.com`. +This configuration can also be used as an example for handling other domains, depending on the services you enable with the playbook (e.g. `dimension.example.com`, etc). diff --git a/examples/reverse-proxies/apache/matrix-client-element.conf b/examples/reverse-proxies/apache/matrix-client-element.conf index 005a9fc28..6ae104ea4 100644 --- a/examples/reverse-proxies/apache/matrix-client-element.conf +++ b/examples/reverse-proxies/apache/matrix-client-element.conf @@ -1,23 +1,23 @@ -# This is a sample file demonstrating how to set up reverse-proxy for element.DOMAIN. +# This is a sample file demonstrating how to set up reverse-proxy for element.example.com. # If you're not using Element (`matrix_client_element_enabled: false`), you won't need this. - ServerName element.DOMAIN + ServerName element.example.com # You may wish to handle the /.well-known/acme-challenge paths here somehow, # if you're using ACME (Let's Encrypt) certificates. - Redirect permanent / https://element.DOMAIN/ + Redirect permanent / https://element.example.com/ - ServerName element.DOMAIN + ServerName element.example.com SSLEngine On # If you manage SSL certificates by yourself, these paths will differ. - SSLCertificateFile /matrix/ssl/config/live/element.DOMAIN/fullchain.pem - SSLCertificateKeyFile /matrix/ssl/config/live/element.DOMAIN/privkey.pem + SSLCertificateFile /matrix/ssl/config/live/element.example.com/fullchain.pem + SSLCertificateKeyFile /matrix/ssl/config/live/element.example.com/privkey.pem SSLProxyEngine on SSLProxyProtocol +TLSv1.2 +TLSv1.3 @@ -30,6 +30,6 @@ ProxyPass / http://127.0.0.1:81/ ProxyPassReverse / http://127.0.0.1:81/ - ErrorLog ${APACHE_LOG_DIR}/element.DOMAIN-error.log - CustomLog ${APACHE_LOG_DIR}/element.DOMAIN-access.log combined + ErrorLog ${APACHE_LOG_DIR}/element.example.com-error.log + CustomLog ${APACHE_LOG_DIR}/element.example.com-access.log combined diff --git a/examples/reverse-proxies/apache/matrix-domain.conf b/examples/reverse-proxies/apache/matrix-domain.conf index 4c79558b2..18aaabd25 100644 --- a/examples/reverse-proxies/apache/matrix-domain.conf +++ b/examples/reverse-proxies/apache/matrix-domain.conf @@ -1,23 +1,23 @@ -# This is a sample file demonstrating how to set up reverse-proxy for matrix.DOMAIN +# This is a sample file demonstrating how to set up reverse-proxy for matrix.example.com - ServerName matrix.DOMAIN + ServerName matrix.example.com # You may wish to handle the /.well-known/acme-challenge paths here somehow, # if you're using ACME (Let's Encrypt) certificates. - Redirect permanent / https://matrix.DOMAIN/ + Redirect permanent / https://matrix.example.com/ # Client-Server API - ServerName matrix.DOMAIN + ServerName matrix.example.com SSLEngine On # If you manage SSL certificates by yourself, these paths will differ. - SSLCertificateFile /path/to/matrix.DOMAIN/fullchain.pem - SSLCertificateKeyFile /path/to/matrix.DOMAIN/privkey.pem + SSLCertificateFile /path/to/matrix.example.com/fullchain.pem + SSLCertificateKeyFile /path/to/matrix.example.com/privkey.pem SSLProxyEngine on SSLProxyProtocol +TLSv1.2 +TLSv1.3 @@ -32,20 +32,20 @@ ProxyPass / http://127.0.0.1:81/ retry=0 nocanon ProxyPassReverse / http://127.0.0.1:81/ - ErrorLog ${APACHE_LOG_DIR}/matrix.DOMAIN-error.log - CustomLog ${APACHE_LOG_DIR}/matrix.DOMAIN-access.log combined + ErrorLog ${APACHE_LOG_DIR}/matrix.example.com-error.log + CustomLog ${APACHE_LOG_DIR}/matrix.example.com-access.log combined # Server-Server (federation) API Listen 8448 - ServerName matrix.DOMAIN + ServerName matrix.example.com SSLEngine On # If you manage SSL certificates by yourself, these paths will differ. - SSLCertificateFile /matrix/ssl/config/live/matrix.DOMAIN/fullchain.pem - SSLCertificateKeyFile /matrix/ssl/config/live/matrix.DOMAIN/privkey.pem + SSLCertificateFile /matrix/ssl/config/live/matrix.example.com/fullchain.pem + SSLCertificateKeyFile /matrix/ssl/config/live/matrix.example.com/privkey.pem SSLProxyEngine on SSLProxyProtocol +TLSv1.2 +TLSv1.3 @@ -60,6 +60,6 @@ Listen 8448 ProxyPass / http://127.0.0.1:8449/ retry=0 nocanon ProxyPassReverse / http://127.0.0.1:8449/ - ErrorLog ${APACHE_LOG_DIR}/matrix.DOMAIN-error.log - CustomLog ${APACHE_LOG_DIR}/matrix.DOMAIN-access.log combined + ErrorLog ${APACHE_LOG_DIR}/matrix.example.com-error.log + CustomLog ${APACHE_LOG_DIR}/matrix.example.com-access.log combined diff --git a/examples/reverse-proxies/nginx-proxy-manager/README.md b/examples/reverse-proxies/nginx-proxy-manager/README.md index b4bce8846..aa7a7b53e 100644 --- a/examples/reverse-proxies/nginx-proxy-manager/README.md +++ b/examples/reverse-proxies/nginx-proxy-manager/README.md @@ -21,14 +21,14 @@ Open the 'Proxy Hosts' page in the NPM web interface and select `Add Proxy Host` ```md # Details # Matrix web proxy config -Domain Names: matrix.DOMAIN +Domain Names: matrix.example.com Scheme: http Forward Hostname/IP: IP-ADDRESS-OF-YOUR-MATRIX Forward Port: 81 # SSL # Either 'Request a new certificate' or select an existing one -SSL Certificate: matrix.DOMAIN or *.DOMAIN +SSL Certificate: matrix.example.com or *.example.com Force SSL: true HTTP/2 Support: true @@ -42,14 +42,14 @@ Again, under the 'Proxy Hosts' page select `Add Proxy Host`, this time for your ```md # Details # Matrix Federation proxy config -Domain Names: matrix.DOMAIN:8448 +Domain Names: matrix.example.com:8448 Scheme: http Forward Hostname/IP: IP-ADDRESS-OF-YOUR-MATRIX Forward Port: 8449 # SSL # Either 'Request a new certificate' or select an existing one -SSL Certificate: matrix.DOMAIN or *.DOMAIN +SSL Certificate: matrix.example.com or *.example.com Force SSL: true HTTP/2 Support: true @@ -60,4 +60,4 @@ Custom Nginx Configuration: client_max_body_size 50M; ``` -Also note, NPM would need to be configured for whatever other services you are using. For example, you would need to create additional proxy hosts for `element.DOMAIN` or `jitsi.DOMAIN`, which would use the forwarding port `81`. +Also note, NPM would need to be configured for whatever other services you are using. For example, you would need to create additional proxy hosts for `element.example.com` or `jitsi.example.com`, which would use the forwarding port `81`. diff --git a/examples/reverse-proxies/nginx/README.md b/examples/reverse-proxies/nginx/README.md index be52550e5..b57d4557d 100644 --- a/examples/reverse-proxies/nginx/README.md +++ b/examples/reverse-proxies/nginx/README.md @@ -12,6 +12,6 @@ To get started, first follow the [front the integrated reverse-proxy webserver w Copy the [matrix.conf](matrix.conf) file to your nginx server's filesystem, modify it to your needs and include it in your nginx configuration (e.g. `include /path/to/matrix.conf;`). -This configuration **disables SSL certificate retrieval**, so you will **need to obtain SSL certificates manually** (e.g. by using [certbot](https://certbot.eff.org/)) and set the appropriate path in `matrix.conf`. In the example nginx configuration, a single certificate is used for all subdomains (`matrix.DOMAIN`, `element.DOMAIN`, etc.). For your setup, may wish to change this and use separate `server` blocks and separate certificate files for each host. +This configuration **disables SSL certificate retrieval**, so you will **need to obtain SSL certificates manually** (e.g. by using [certbot](https://certbot.eff.org/)) and set the appropriate path in `matrix.conf`. In the example nginx configuration, a single certificate is used for all subdomains (`matrix.example.com`, `element.example.com`, etc.). For your setup, may wish to change this and use separate `server` blocks and separate certificate files for each host. Also note that your copy of the `matrix.conf` file has to be adapted to whatever services you are using. For example, remove `element.example.com` from the `server_name` list if you don't use [Element](../../../docs/configuring-playbook-client-element.md) web client or add `dimension.example.com` to it if you do use the [Dimension](../../../docs/configuring-playbook-dimension.md) integration manager. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 0fbda0089..e0f7f907b 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -258,7 +258,7 @@ matrix_homeserver_sliding_sync_url: "{{ matrix_sliding_sync_base_url if matrix_s # - Coturn gets a higher level if `devture_systemd_service_manager_service_restart_mode == 'one-by-one'` to intentionally delay it, because: # - starting services one by one means that the service manager role waits for each service to fully start before proceeding to the next one # - if Coturn has a lower priority than the homeserver, it would be started before it -# - since Coturn is started before the homeserver, there's no container label telling Traefik to get a `matrix.DOMAIN` certificate +# - since Coturn is started before the homeserver, there's no container label telling Traefik to get a `matrix.example.com` certificate # - thus, Coturn would spin and wait for a certificate until it fails. We'd get a playbook failure due to it, but service manager will proceed to start all other services anyway. # - only later, when the homeserver actually starts, would that certificate be fetched and dumped # - reverse-proxying services get level 3000 diff --git a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml index ee23b09b7..adc43220a 100644 --- a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml +++ b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml @@ -41,7 +41,7 @@ matrix_alertmanager_receiver_container_additional_networks_default: [] matrix_alertmanager_receiver_container_additional_networks_auto: [] matrix_alertmanager_receiver_container_additional_networks_custom: [] -# Controls whether matrix-alertmanager-receiver metrics should be proxied (exposed) on `matrix.DOMAIN/metrics/matrix-alertmanager-receiver` +# Controls whether matrix-alertmanager-receiver metrics should be proxied (exposed) on `matrix.example.com/metrics/matrix-alertmanager-receiver` matrix_alertmanager_receiver_metrics_proxying_enabled: false matrix_alertmanager_receiver_metrics_proxying_hostname: '' matrix_alertmanager_receiver_metrics_proxying_path: /metrics/matrix-alertmanager-receiver diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 5dce05582..9cc9850cd 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -289,7 +289,7 @@ matrix_playbook_public_matrix_federation_api_traefik_entrypoint_definition: # may wish to register their routes with this additional entrypoint and provide their services on it for internal (no-public-network and non-TLS) use. # # This entrypoint provides local addons (e.g. bridges, bots, etc.) with the ability to easily & quickly communicate with the homeserver and/or related software. -# Such services can reach the homeserver over the public internet (e.g. https://matrix.DOMAIN), but this is slow due to networking and SSL-termination. +# Such services can reach the homeserver over the public internet (e.g. https://matrix.example.com), but this is slow due to networking and SSL-termination. # Talking directly to the homeserver (e.g. `http://matrix-synapse:8008`) is another option, but does not allow other homeserver-related software # (e.g. identity servers like ma1sd, media repository servers like matrix-media-repo, firewalls like matrix-corporal) # to register itself for certain homeserver routes. diff --git a/roles/custom/matrix-base/tasks/validate_config.yml b/roles/custom/matrix-base/tasks/validate_config.yml index 3ca6061b4..fd389cd1c 100644 --- a/roles/custom/matrix-base/tasks/validate_config.yml +++ b/roles/custom/matrix-base/tasks/validate_config.yml @@ -30,7 +30,7 @@ If you're observing this error on a new installation, you should ensure that the `matrix_homeserver_generic_secret_key` is defined. If you think you've defined it, but are still getting this error, then it's likely that you have a typo - in your domain name in `inventory/hosts` or in one of the directories leading up to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file. + in your domain name in `inventory/hosts` or in one of the directories leading up to your `inventory/host_vars/matrix.example.com/vars.yml` file. If you're observing this error on an existing homeserver installation, you can fix it easily and in a backward-compatible way by adding `{% raw %}matrix_homeserver_generic_secret_key: "{{ matrix_synapse_macaroon_secret_key }}"{% endraw %}` diff --git a/roles/custom/matrix-bot-chatgpt/defaults/main.yml b/roles/custom/matrix-bot-chatgpt/defaults/main.yml index 8d1bc733c..aab8a5d90 100644 --- a/roles/custom/matrix-bot-chatgpt/defaults/main.yml +++ b/roles/custom/matrix-bot-chatgpt/defaults/main.yml @@ -57,7 +57,7 @@ matrix_bot_chatgpt_keyv_bot_storage: true # Matrix Static Settings (required, see notes) # Defaults to "https://matrix.org" matrix_bot_chatgpt_matrix_homeserver_url: "" # MATRIX_HOMESERVER_URL= -# With the @ and :DOMAIN, ie @SOMETHING:DOMAIN, needs to be set, created manually beforehand. +# With the @ and :example.com, ie @SOMETHING:example.com, needs to be set, created manually beforehand. matrix_bot_chatgpt_matrix_bot_username_localpart: 'bot.chatgpt' matrix_bot_chatgpt_matrix_bot_username: "@{{ matrix_bot_chatgpt_matrix_bot_username_localpart }}:{{ matrix_domain }}" # MATRIX_BOT_USERNAME= # Set `MATRIX_BOT_PASSWORD` the bot will print an `MATRIX_ACCESS_TOKEN` to the terminal diff --git a/roles/custom/matrix-bot-chatgpt/templates/env.j2 b/roles/custom/matrix-bot-chatgpt/templates/env.j2 index d9ca2d50c..a6f62cc67 100644 --- a/roles/custom/matrix-bot-chatgpt/templates/env.j2 +++ b/roles/custom/matrix-bot-chatgpt/templates/env.j2 @@ -10,7 +10,7 @@ KEYV_URL={{ matrix_bot_chatgpt_keyv_url }} KEYV_BOT_ENCRYPTION={{ matrix_bot_chatgpt_keyv_bot_encryption|lower }} KEYV_BOT_STORAGE={{ matrix_bot_chatgpt_keyv_bot_storage|lower }} -# With the @ and :DOMAIN, ie @SOMETHING:DOMAIN +# With the @ and :example.com, ie @SOMETHING:example.com MATRIX_BOT_USERNAME={{ matrix_bot_chatgpt_matrix_bot_username }} MATRIX_BOT_PASSWORD={{ matrix_bot_chatgpt_matrix_bot_password }} diff --git a/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml b/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml index 9a0f38353..33871b77b 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml @@ -102,7 +102,7 @@ ansible.builtin.fail: msg: >- Your configuration contains a variable (`{{ item }}`), which refers to the old metrics collection system for Hookshot, - which exposed metrics on `https://stats.DOMAIN/hookshot/metrics`. + which exposed metrics on `https://stats.example.com/hookshot/metrics`. We now recommend exposing Hookshot metrics in another way, from another URL. Refer to the changelog for more details: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#2022-06-22 diff --git a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml index 33d16a94a..327e8b0ab 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml @@ -114,10 +114,10 @@ matrix_mautrix_meta_instagram_appservice_address: "http://{{ matrix_mautrix_meta matrix_mautrix_meta_instagram_appservice_id: "{{ matrix_mautrix_meta_instagram_meta_mode }}" -# For Facebook/Messenger, we use the same `@messengerbot:DOMAIN` username regardless of how bridging happens for multiple reasons: +# For Facebook/Messenger, we use the same `@messengerbot:example.com` username regardless of how bridging happens for multiple reasons: # - it's consistent - regardless of how bridging happens, the bridged service is actually Messenger -# - it's easy for users - you may change the mode, but the bot is always at `@messengerbot:DOMAIN` -# - it doesn't conflict with mautrix-facebook which uses `@facebookbot:DOMAIN` +# - it's easy for users - you may change the mode, but the bot is always at `@messengerbot:example.com` +# - it doesn't conflict with mautrix-facebook which uses `@facebookbot:example.com` # - `matrix_mautrix_meta_instagram_appservice_avatar` only has icons for Messenger and Instagram, not Facebook matrix_mautrix_meta_instagram_appservice_username_prefix: |- {{ diff --git a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml index 7c99f5d33..9b561f2df 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml @@ -114,10 +114,10 @@ matrix_mautrix_meta_messenger_appservice_address: "http://{{ matrix_mautrix_meta matrix_mautrix_meta_messenger_appservice_id: "{{ matrix_mautrix_meta_messenger_meta_mode }}" -# For Facebook/Messenger, we use the same `@messengerbot:DOMAIN` username regardless of how bridging happens for multiple reasons: +# For Facebook/Messenger, we use the same `@messengerbot:example.com` username regardless of how bridging happens for multiple reasons: # - it's consistent - regardless of how bridging happens, the bridged service is actually Messenger -# - it's easy for users - you may change the mode, but the bot is always at `@messengerbot:DOMAIN` -# - it doesn't conflict with mautrix-facebook which uses `@facebookbot:DOMAIN` +# - it's easy for users - you may change the mode, but the bot is always at `@messengerbot:example.com` +# - it doesn't conflict with mautrix-facebook which uses `@facebookbot:example.com` # - `matrix_mautrix_meta_messenger_appservice_avatar` only has icons for Messenger and Instagram, not Facebook matrix_mautrix_meta_messenger_appservice_username_prefix: |- {{ diff --git a/roles/custom/matrix-media-repo/defaults/main.yml b/roles/custom/matrix-media-repo/defaults/main.yml index 7f1ce62c4..aef4eb04b 100755 --- a/roles/custom/matrix-media-repo/defaults/main.yml +++ b/roles/custom/matrix-media-repo/defaults/main.yml @@ -44,7 +44,7 @@ matrix_media_repo_container_network: "{{ matrix_media_repo_identifier }}" # Use this to expose this container to another reverse proxy, which runs in a different container network. matrix_media_repo_container_additional_networks: [] -# Controls whether media repo metrics should be proxied (exposed) on `matrix.DOMAIN/metrics/matrix-media-repo` +# Controls whether media repo metrics should be proxied (exposed) on `matrix.example.com/metrics/matrix-media-repo` matrix_media_repo_metrics_proxying_enabled: false matrix_media_repo_metrics_proxying_hostname: "" matrix_media_repo_metrics_proxying_path: "/metrics/matrix-media-repo" diff --git a/roles/custom/matrix-registration/defaults/main.yml b/roles/custom/matrix-registration/defaults/main.yml index f2b87d942..008b9b75c 100644 --- a/roles/custom/matrix-registration/defaults/main.yml +++ b/roles/custom/matrix-registration/defaults/main.yml @@ -114,7 +114,7 @@ matrix_registration_api_token_endpoint: "{{ matrix_registration_scheme }}://{{ m matrix_registration_api_validate_certs: true -# The URL to your homeserver (e.g.: `https://matrix.DOMAIN`). +# The URL to your homeserver (e.g.: `https://matrix.example.com`). # A local (in-container address) is preferable. matrix_registration_server_location: "" diff --git a/roles/custom/matrix-sliding-sync/defaults/main.yml b/roles/custom/matrix-sliding-sync/defaults/main.yml index 65f51be4c..81e5a44a2 100644 --- a/roles/custom/matrix-sliding-sync/defaults/main.yml +++ b/roles/custom/matrix-sliding-sync/defaults/main.yml @@ -43,7 +43,7 @@ matrix_sliding_sync_container_additional_networks: [] matrix_sliding_sync_metrics_enabled: false matrix_sliding_sync_metrics_port: 2112 -# Controls whether Sliding Sync metrics should be proxied (exposed) on `matrix.DOMAIN/metrics/sliding-sync` +# Controls whether Sliding Sync metrics should be proxied (exposed) on `matrix.example.com/metrics/sliding-sync` matrix_sliding_sync_metrics_proxying_enabled: false matrix_sliding_sync_metrics_proxying_hostname: '' matrix_sliding_sync_metrics_proxying_path: /metrics/sliding-sync diff --git a/roles/custom/matrix-static-files/defaults/main.yml b/roles/custom/matrix-static-files/defaults/main.yml index 51a996dc0..09e9d4215 100644 --- a/roles/custom/matrix-static-files/defaults/main.yml +++ b/roles/custom/matrix-static-files/defaults/main.yml @@ -386,6 +386,6 @@ matrix_static_files_self_check_well_known_matrix_client_follow_redirects: none # TODO - review this one # Specifies where requests for the root URI (`/`) on the `matrix.` domain should be redirected. # If this has an empty value, they're just passed to the homeserver, which serves a static page. -# If you'd like to make `https://matrix.DOMAIN` redirect to `https://element.DOMAIN` (or something of that sort), specify the domain name here. -# Example value: `element.DOMAIN` (or `{{ matrix_server_fqn_element }}`). +# If you'd like to make `https://matrix.example.com` redirect to `https://element.example.com` (or something of that sort), specify the domain name here. +# Example value: `element.example.com` (or `{{ matrix_server_fqn_element }}`). matrix_static_files_client_redirect_root_uri_to_domain: "" diff --git a/roles/custom/matrix-synapse-usage-exporter/defaults/main.yml b/roles/custom/matrix-synapse-usage-exporter/defaults/main.yml index c207e4b1c..71f7b7423 100644 --- a/roles/custom/matrix-synapse-usage-exporter/defaults/main.yml +++ b/roles/custom/matrix-synapse-usage-exporter/defaults/main.yml @@ -51,7 +51,7 @@ matrix_synapse_usage_exporter_container_extra_arguments: [] # Controls whether the synapse-usage-exporter's web services should be proxied (exposed publicly). # -# Exposure happens on `matrix.DOMAIN/report-usage-stats/push` by default. +# Exposure happens on `matrix.example.com/report-usage-stats/push` by default. # See: `matrix_synapse_usage_exporter_hostname` and `matrix_synapse_usage_exporter_path_prefix`. matrix_synapse_usage_exporter_proxying_enabled: false diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index c7489fa50..e9cf89e7b 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -733,8 +733,8 @@ matrix_synapse_grafana_dashboard_urls: - https://raw.githubusercontent.com/element-hq/synapse/master/contrib/grafana/synapse.json # Controls whether Synapse metrics should be proxied (exposed) on: -# - `matrix.DOMAIN/metrics/synapse/main-process` for the main process -# - `matrix.DOMAIN/metrics/synapse/worker/{type}-{id}` for each worker process +# - `matrix.example.com/metrics/synapse/main-process` for the main process +# - `matrix.example.com/metrics/synapse/worker/{type}-{id}` for each worker process matrix_synapse_metrics_proxying_enabled: false matrix_synapse_metrics_proxying_hostname: '' matrix_synapse_metrics_proxying_path_prefix: /metrics/synapse From f9cff0ff472d283f7206310df25dd2ea05c73bdf Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 00:14:52 +0900 Subject: [PATCH 091/404] Replace MY.example.com with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-slack.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index 4e1619b66..b2829eed7 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -40,7 +40,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se 6. Invite the bridge bot user into the admin room: ``` - /invite @slackbot:MY.example.com + /invite @slackbot:example.com ``` Note that the bot's domain is your server's domain **without the `matrix.` prefix.** @@ -81,7 +81,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se * Create a Matrix room in the usual manner for your client. Take a note of its Matrix room ID - it will look something like !aBcDeF:example.com. - * Invite the bot user to both the Slack and Matrix channels you would like to bridge using `/invite @matrixbot` for Slack and `/invite @slackbot:MY.example.com` for Matrix. + * Invite the bot user to both the Slack and Matrix channels you would like to bridge using `/invite @matrixbot` for Slack and `/invite @slackbot:example.com` for Matrix. * Determine the "channel ID" that Slack uses to identify the channel. You can see it when you open a given Slack channel in a browser. The URL reads like this: `https://app.slack.com/client/XXX//details/`. From d45657df70ea7bf52fce54e2aeb0ebd6a05de3e3 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 01:02:24 +0900 Subject: [PATCH 092/404] Replace YOUR_BARE_DOMAIN_NAME_HERE with example.com Remove an explanation about example as it is self-explanatory Signed-off-by: Suguru Hirahara --- examples/vars.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/examples/vars.yml b/examples/vars.yml index 3eaf20de4..20ab37a43 100644 --- a/examples/vars.yml +++ b/examples/vars.yml @@ -7,9 +7,7 @@ # # If you've deployed using the wrong domain, you'll have to run the Uninstalling step, # because you can't change the Domain after deployment. -# -# Example value: example.com -matrix_domain: YOUR_BARE_DOMAIN_NAME_HERE +matrix_domain: example.com # The Matrix homeserver software to install. # See: From faa441029c37d7743ba47f684270f3e1f4cdf0e4 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 01:04:56 +0900 Subject: [PATCH 093/404] Replace with example.com Signed-off-by: Suguru Hirahara --- examples/vars.yml | 4 ++-- roles/custom/matrix-base/defaults/main.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/examples/vars.yml b/examples/vars.yml index 20ab37a43..b8be5f7a3 100644 --- a/examples/vars.yml +++ b/examples/vars.yml @@ -1,9 +1,9 @@ --- # The bare domain name which represents your Matrix identity. -# Matrix user ids for your server will be of the form (`@user:`). +# Matrix user ids for your server will be of the form (`@user:example.com`). # # Note: this playbook does not touch the server referenced here. -# Installation happens on another server ("matrix."). +# Installation happens on another server ("matrix.example.com"). # # If you've deployed using the wrong domain, you'll have to run the Uninstalling step, # because you can't change the Domain after deployment. diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 9cc9850cd..8bd7571b3 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -1,10 +1,10 @@ --- # The bare domain name which represents your Matrix identity. -# Matrix user ids for your server will be of the form (`@user:`). +# Matrix user ids for your server will be of the form (`@user:example.com`). # # Note: this playbook does not touch the server referenced here. -# Installation happens on another server ("matrix.", see `matrix_server_fqn_matrix`). +# Installation happens on another server ("matrix.example.com", see `matrix_server_fqn_matrix`). # # Example value: example.com matrix_domain: ~ From 1c5a8871d563ba3e8cdb19f9f34579855ac13c3c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:19:28 +0900 Subject: [PATCH 094/404] Replace with example.com Signed-off-by: Suguru Hirahara --- README.md | 2 +- docs/configuring-dns.md | 70 +++++++++---------- docs/configuring-playbook-bot-maubot.md | 4 +- docs/configuring-playbook-client-element.md | 4 +- ...configuring-playbook-client-schildichat.md | 2 +- docs/configuring-playbook-dendrite.md | 2 +- docs/configuring-playbook-dimension.md | 6 +- docs/configuring-playbook-etherpad.md | 6 +- docs/configuring-playbook-federation.md | 6 +- docs/configuring-playbook-ntfy.md | 2 +- ...configuring-playbook-prometheus-grafana.md | 8 +-- docs/configuring-playbook-ssl-certificates.md | 2 +- ...ng-playbook-synapse-s3-storage-provider.md | 2 +- docs/configuring-playbook-synapse.md | 2 +- docs/configuring-playbook.md | 6 +- docs/configuring-well-known.md | 8 +-- docs/howto-server-delegation.md | 22 +++--- docs/prerequisites.md | 4 +- docs/registering-users.md | 2 +- docs/updating-users-passwords.md | 2 +- examples/hosts | 2 +- examples/reverse-proxies/apache/README.md | 2 +- .../caddy2-in-container/README.md | 2 +- examples/reverse-proxies/caddy2/README.md | 2 +- .../nginx-proxy-manager/README.md | 2 +- examples/reverse-proxies/nginx/README.md | 2 +- group_vars/matrix_servers | 2 +- 27 files changed, 88 insertions(+), 88 deletions(-) diff --git a/README.md b/README.md index 0fa118225..401c79d3e 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ This [Ansible](https://www.ansible.com/) playbook is meant to help you run your own [Matrix](http://matrix.org/) homeserver, along with the [various services](#supported-services) related to that. -That is, it lets you join the Matrix network using your own `@:` identifier, all hosted on your own server (see [prerequisites](docs/prerequisites.md)). +That is, it lets you join the Matrix network using your own `@:example.com` identifier, all hosted on your own server (see [prerequisites](docs/prerequisites.md)). We run all services in [Docker](https://www.docker.com/) containers (see [the container images we use](docs/container-images.md)), which lets us have a predictable and up-to-date setup, across multiple supported distros (see [prerequisites](docs/prerequisites.md)) and [architectures](docs/alternative-architectures.md) (x86/amd64 being recommended). diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index c6c18d24d..3ecf05b83 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -2,14 +2,14 @@ To set up Matrix on your domain, you'd need to do some DNS configuration. -To use an identifier like `@:`, you don't actually need -to install anything on the actual `` server. +To use an identifier like `@:example.com`, you don't actually need +to install anything on the actual `example.com` server. -You do, however need to instruct the Matrix network that Matrix services for `` are delegated -over to `matrix.`. +You do, however need to instruct the Matrix network that Matrix services for `example.com` are delegated +over to `matrix.example.com`. As we discuss in [Server Delegation](howto-server-delegation.md), there are 2 different ways to set up such delegation: -- either by serving a `https:///.well-known/matrix/server` file (from the base domain!) +- either by serving a `https://example.com/.well-known/matrix/server` file (from the base domain!) - or by using a `_matrix._tcp` DNS SRV record (don't confuse this with the `_matrix-identity._tcp` SRV record described below) This playbook mostly discusses the well-known file method, because it's easier to manage with regard to certificates. @@ -20,7 +20,7 @@ If you decide to go with the alternative method ([Server Delegation via a DNS SR | Type | Host | Priority | Weight | Port | Target | | ----- | ---------------------------- | -------- | ------ | ---- | ---------------------- | | A | `matrix` | - | - | - | `matrix-server-IP` | -| CNAME | `element` | - | - | - | `matrix.` | +| CNAME | `element` | - | - | - | `matrix.example.com` | Be mindful as to how long it will take for the DNS records to propagate. @@ -32,20 +32,20 @@ When you're done configuring DNS, proceed to [Configuring the playbook](configur | Used by component | Type | Host | Priority | Weight | Port | Target | | ----------------------------------------------------------------------------------------------------------------------- | ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | -| [ma1sd](configuring-playbook-ma1sd.md) identity server | SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | -| [Dimension](configuring-playbook-dimension.md) integration server | CNAME | `dimension` | - | - | - | `matrix.` | -| [Jitsi](configuring-playbook-jitsi.md) video-conferencing platform | CNAME | `jitsi` | - | - | - | `matrix.` | -| [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) monitoring system | CNAME | `stats` | - | - | - | `matrix.` | -| [Go-NEB](configuring-playbook-bot-go-neb.md) bot | CNAME | `goneb` | - | - | - | `matrix.` | -| [Sygnal](configuring-playbook-sygnal.md) push notification gateway | CNAME | `sygnal` | - | - | - | `matrix.` | -| [ntfy](configuring-playbook-ntfy.md) push notifications server | CNAME | `ntfy` | - | - | - | `matrix.` | -| [Etherpad](configuring-playbook-etherpad.md) collaborative text editor | CNAME | `etherpad` | - | - | - | `matrix.` | -| [Hydrogen](configuring-playbook-client-hydrogen.md) web client | CNAME | `hydrogen` | - | - | - | `matrix.` | -| [Cinny](configuring-playbook-client-cinny.md) web client | CNAME | `cinny` | - | - | - | `matrix.` | -| [SchildiChat](configuring-playbook-client-schildichat.md) web client | CNAME | `schildichat` | - | - | - | `matrix.` | -| [wsproxy](configuring-playbook-bridge-mautrix-wsproxy.md) sms bridge | CNAME | `wsproxy` | - | - | - | `matrix.` | -| [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.` | -| [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | MX | `matrix` | 10 | 0 | - | `matrix.` | +| [ma1sd](configuring-playbook-ma1sd.md) identity server | SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.example.com` | +| [Dimension](configuring-playbook-dimension.md) integration server | CNAME | `dimension` | - | - | - | `matrix.example.com` | +| [Jitsi](configuring-playbook-jitsi.md) video-conferencing platform | CNAME | `jitsi` | - | - | - | `matrix.example.com` | +| [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) monitoring system | CNAME | `stats` | - | - | - | `matrix.example.com` | +| [Go-NEB](configuring-playbook-bot-go-neb.md) bot | CNAME | `goneb` | - | - | - | `matrix.example.com` | +| [Sygnal](configuring-playbook-sygnal.md) push notification gateway | CNAME | `sygnal` | - | - | - | `matrix.example.com` | +| [ntfy](configuring-playbook-ntfy.md) push notifications server | CNAME | `ntfy` | - | - | - | `matrix.example.com` | +| [Etherpad](configuring-playbook-etherpad.md) collaborative text editor | CNAME | `etherpad` | - | - | - | `matrix.example.com` | +| [Hydrogen](configuring-playbook-client-hydrogen.md) web client | CNAME | `hydrogen` | - | - | - | `matrix.example.com` | +| [Cinny](configuring-playbook-client-cinny.md) web client | CNAME | `cinny` | - | - | - | `matrix.example.com` | +| [SchildiChat](configuring-playbook-client-schildichat.md) web client | CNAME | `schildichat` | - | - | - | `matrix.example.com` | +| [wsproxy](configuring-playbook-bridge-mautrix-wsproxy.md) sms bridge | CNAME | `wsproxy` | - | - | - | `matrix.example.com` | +| [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.example.com` | +| [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | MX | `matrix` | 10 | 0 | - | `matrix.example.com` | | [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | | [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | | [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | @@ -54,38 +54,38 @@ When setting up a SRV record, if you are asked for a service and protocol instea ## Subdomains setup -As the table above illustrates, you need to create 2 subdomains (`matrix.` and `element.`) and point both of them to your new server's IP address (DNS `A` record or `CNAME` record is fine). +As the table above illustrates, you need to create 2 subdomains (`matrix.example.com` and `element.example.com`) and point both of them to your new server's IP address (DNS `A` record or `CNAME` record is fine). -The `element.` subdomain may be necessary, because this playbook installs the [Element](https://github.com/element-hq/element-web) web client for you. -If you'd rather instruct the playbook not to install Element (`matrix_client_element_enabled: false` when [Configuring the playbook](configuring-playbook.md) later), feel free to skip the `element.` DNS record. +The `element.example.com` subdomain may be necessary, because this playbook installs the [Element](https://github.com/element-hq/element-web) web client for you. +If you'd rather instruct the playbook not to install Element (`matrix_client_element_enabled: false` when [Configuring the playbook](configuring-playbook.md) later), feel free to skip the `element.example.com` DNS record. -The `dimension.` subdomain may be necessary, because this playbook could install the [Dimension integrations manager](http://dimension.t2bot.io/) for you. Dimension installation is disabled by default, because it's only possible to install it after the other Matrix services are working (see [Setting up Dimension](configuring-playbook-dimension.md) later). If you do not wish to set up Dimension, feel free to skip the `dimension.` DNS record. +The `dimension.example.com` subdomain may be necessary, because this playbook could install the [Dimension integrations manager](http://dimension.t2bot.io/) for you. Dimension installation is disabled by default, because it's only possible to install it after the other Matrix services are working (see [Setting up Dimension](configuring-playbook-dimension.md) later). If you do not wish to set up Dimension, feel free to skip the `dimension.example.com` DNS record. -The `jitsi.` subdomain may be necessary, because this playbook could install the [Jitsi video-conferencing platform](https://jitsi.org/) for you. Jitsi installation is disabled by default, because it may be heavy and is not a core required component. To learn how to install it, see our [Jitsi](configuring-playbook-jitsi.md) guide. If you do not wish to set up Jitsi, feel free to skip the `jitsi.` DNS record. +The `jitsi.example.com` subdomain may be necessary, because this playbook could install the [Jitsi video-conferencing platform](https://jitsi.org/) for you. Jitsi installation is disabled by default, because it may be heavy and is not a core required component. To learn how to install it, see our [Jitsi](configuring-playbook-jitsi.md) guide. If you do not wish to set up Jitsi, feel free to skip the `jitsi.example.com` DNS record. -The `stats.` subdomain may be necessary, because this playbook could install [Grafana](https://grafana.com/) and setup performance metrics for you. Grafana installation is disabled by default, it is not a core required component. To learn how to install it, see our [metrics and graphs guide](configuring-playbook-prometheus-grafana.md). If you do not wish to set up Grafana, feel free to skip the `stats.` DNS record. It is possible to install Prometheus without installing Grafana, this would also not require the `stats.` subdomain. +The `stats.example.com` subdomain may be necessary, because this playbook could install [Grafana](https://grafana.com/) and setup performance metrics for you. Grafana installation is disabled by default, it is not a core required component. To learn how to install it, see our [metrics and graphs guide](configuring-playbook-prometheus-grafana.md). If you do not wish to set up Grafana, feel free to skip the `stats.example.com` DNS record. It is possible to install Prometheus without installing Grafana, this would also not require the `stats.example.com` subdomain. -The `goneb.` subdomain may be necessary, because this playbook could install the [Go-NEB](https://github.com/matrix-org/go-neb) bot. The installation of Go-NEB is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Go-NEB guide](configuring-playbook-bot-go-neb.md). If you do not wish to set up Go-NEB, feel free to skip the `goneb.` DNS record. +The `goneb.example.com` subdomain may be necessary, because this playbook could install the [Go-NEB](https://github.com/matrix-org/go-neb) bot. The installation of Go-NEB is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Go-NEB guide](configuring-playbook-bot-go-neb.md). If you do not wish to set up Go-NEB, feel free to skip the `goneb.example.com` DNS record. -The `sygnal.` subdomain may be necessary, because this playbook could install the [Sygnal](https://github.com/matrix-org/sygnal) push gateway. The installation of Sygnal is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Sygnal guide](configuring-playbook-sygnal.md). If you do not wish to set up Sygnal (you probably don't, unless you're also developing/building your own Matrix apps), feel free to skip the `sygnal.` DNS record. +The `sygnal.example.com` subdomain may be necessary, because this playbook could install the [Sygnal](https://github.com/matrix-org/sygnal) push gateway. The installation of Sygnal is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Sygnal guide](configuring-playbook-sygnal.md). If you do not wish to set up Sygnal (you probably don't, unless you're also developing/building your own Matrix apps), feel free to skip the `sygnal.example.com` DNS record. -The `ntfy.` subdomain may be necessary, because this playbook could install the [ntfy](https://ntfy.sh/) UnifiedPush-compatible push notifications server. The installation of ntfy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring ntfy guide](configuring-playbook-ntfy.md). If you do not wish to set up ntfy, feel free to skip the `ntfy.` DNS record. +The `ntfy.example.com` subdomain may be necessary, because this playbook could install the [ntfy](https://ntfy.sh/) UnifiedPush-compatible push notifications server. The installation of ntfy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring ntfy guide](configuring-playbook-ntfy.md). If you do not wish to set up ntfy, feel free to skip the `ntfy.example.com` DNS record. -The `etherpad.` subdomain may be necessary, because this playbook could install the [Etherpad](https://etherpad.org/) a highly customizable open source online editor providing collaborative editing in really real-time. The installation of Etherpad is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Etherpad guide](configuring-playbook-etherpad.md). If you do not wish to set up Etherpad, feel free to skip the `etherpad.` DNS record. +The `etherpad.example.com` subdomain may be necessary, because this playbook could install the [Etherpad](https://etherpad.org/) a highly customizable open source online editor providing collaborative editing in really real-time. The installation of Etherpad is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Etherpad guide](configuring-playbook-etherpad.md). If you do not wish to set up Etherpad, feel free to skip the `etherpad.example.com` DNS record. -The `hydrogen.` subdomain may be necessary, because this playbook could install the [Hydrogen](https://github.com/element-hq/hydrogen-web) web client. The installation of Hydrogen is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Hydrogen guide](configuring-playbook-client-hydrogen.md). If you do not wish to set up Hydrogen, feel free to skip the `hydrogen.` DNS record. +The `hydrogen.example.com` subdomain may be necessary, because this playbook could install the [Hydrogen](https://github.com/element-hq/hydrogen-web) web client. The installation of Hydrogen is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Hydrogen guide](configuring-playbook-client-hydrogen.md). If you do not wish to set up Hydrogen, feel free to skip the `hydrogen.example.com` DNS record. -The `cinny.` subdomain may be necessary, because this playbook could install the [Cinny](https://github.com/ajbura/cinny) web client. The installation of Cinny is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Cinny guide](configuring-playbook-client-cinny.md). If you do not wish to set up Cinny, feel free to skip the `cinny.` DNS record. +The `cinny.example.com` subdomain may be necessary, because this playbook could install the [Cinny](https://github.com/ajbura/cinny) web client. The installation of Cinny is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Cinny guide](configuring-playbook-client-cinny.md). If you do not wish to set up Cinny, feel free to skip the `cinny.example.com` DNS record. -The `wsproxy.` subdomain may be necessary, because this playbook could install the [wsproxy](https://github.com/mautrix/wsproxy) web client. The installation of wsproxy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring wsproxy guide](configuring-playbook-bridge-mautrix-wsproxy.md). If you do not wish to set up wsproxy, feel free to skip the `wsproxy.` DNS record. +The `wsproxy.example.com` subdomain may be necessary, because this playbook could install the [wsproxy](https://github.com/mautrix/wsproxy) web client. The installation of wsproxy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring wsproxy guide](configuring-playbook-bridge-mautrix-wsproxy.md). If you do not wish to set up wsproxy, feel free to skip the `wsproxy.example.com` DNS record. -The `buscarron.` subdomain may be necessary, because this playbook could install the [buscarron](https://github.com/etkecc/buscarron) bot. The installation of buscarron is disabled by default, it is not a core required component. To learn how to install it, see our [configuring buscarron guide](configuring-playbook-bot-buscarron.md). If you do not wish to set up buscarron, feel free to skip the `buscarron.` DNS record. +The `buscarron.example.com` subdomain may be necessary, because this playbook could install the [buscarron](https://github.com/etkecc/buscarron) bot. The installation of buscarron is disabled by default, it is not a core required component. To learn how to install it, see our [configuring buscarron guide](configuring-playbook-bot-buscarron.md). If you do not wish to set up buscarron, feel free to skip the `buscarron.example.com` DNS record. ## `_matrix-identity._tcp` SRV record setup To make the [ma1sd](https://github.com/ma1uta/ma1sd) Identity Server (which this playbook may optionally install for you) enable its federation features, set up an SRV record that looks like this: - Name: `_matrix-identity._tcp` (use this text as-is) -- Content: `10 0 443 matrix.` (replace `` with your own) +- Content: `10 0 443 matrix.example.com` (replace `example.com` with your own) This is an optional feature for the optionally-installed [ma1sd service](configuring-playbook-ma1sd.md). See [ma1sd's documentation](https://github.com/ma1uta/ma1sd/wiki/mxisd-and-your-privacy#choices-are-never-easy) for information on the privacy implications of setting up this SRV record. diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index f435492c3..a48ab158c 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -3,7 +3,7 @@ The playbook can install and configure [maubot](https://github.com/maubot/maubot) for you. After setting up maubot, you can use the web management interface to make it do things. -The default location of the management interface is `matrix./_matrix/maubot/` +The default location of the management interface is `matrix.example.com/_matrix/maubot/` See the project's [documentation](https://docs.mau.fi/maubot/usage/basic.html) to learn what it does and why it might be useful to you. @@ -38,7 +38,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -You can visit `matrix./_matrix/maubot/` to manage your available plugins, clients and instances. +You can visit `matrix.example.com/_matrix/maubot/` to manage your available plugins, clients and instances. You should start in the following order 1. **Create one or more clients**: A client is a matrix account which the bot will use to message. By default, the playbook creates a `bot.maubot` account (as per the configuration above). You only need to [obtain an access token](#obtaining-an-access-token) for it diff --git a/docs/configuring-playbook-client-element.md b/docs/configuring-playbook-client-element.md index 1e4ef79e5..65ff2f577 100644 --- a/docs/configuring-playbook-client-element.md +++ b/docs/configuring-playbook-client-element.md @@ -5,7 +5,7 @@ By default, this playbook installs the [Element](https://github.com/element-hq/e ## Disabling Element -If you'd like for the playbook to not install Element (or to uninstall it if it was previously installed), you can disable it in your configuration file (`inventory/host_vars/matrix./vars.yml`): +If you'd like for the playbook to not install Element (or to uninstall it if it was previously installed), you can disable it in your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): ```yaml matrix_client_element_enabled: false @@ -18,7 +18,7 @@ The playbook provides some customization variables you could use to change Eleme Their defaults are defined in [`roles/custom/matrix-client-element/defaults/main.yml`](../roles/custom/matrix-client-element/defaults/main.yml) and they ultimately end up in the generated `/matrix/element/config.json` file (on the server). This file is generated from the [`roles/custom/matrix-client-element/templates/config.json.j2`](../roles/custom/matrix-client-element/templates/config.json.j2) template. -**If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix./vars.yml`) and [re-run the playbook](installing.md) to apply the changes. +**If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`) and [re-run the playbook](installing.md) to apply the changes. Alternatively, **if there is no pre-defined variable** for an Element setting you wish to change: diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat.md index 5272723cf..2a4a085f9 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat.md @@ -30,7 +30,7 @@ The playbook provides some customization variables you could use to change Schil Their defaults are defined in [`roles/custom/matrix-client-schildichat/defaults/main.yml`](../roles/custom/matrix-client-schildichat/defaults/main.yml) and they ultimately end up in the generated `/matrix/schildichat/config.json` file (on the server). This file is generated from the [`roles/custom/matrix-client-schildichat/templates/config.json.j2`](../roles/custom/matrix-client-schildichat/templates/config.json.j2) template. -**If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix./vars.yml`) and [re-run the playbook](installing.md) to apply the changes. +**If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`) and [re-run the playbook](installing.md) to apply the changes. Alternatively, **if there is no pre-defined variable** for a SchildiChat setting you wish to change: diff --git a/docs/configuring-playbook-dendrite.md b/docs/configuring-playbook-dendrite.md index 01c80cff5..0b72ed0fa 100644 --- a/docs/configuring-playbook-dendrite.md +++ b/docs/configuring-playbook-dendrite.md @@ -10,7 +10,7 @@ By default, this playbook configures the [Synapse](https://github.com/element-hq The playbook provided settings for Dendrite are defined in [`roles/custom/matrix-dendrite/defaults/main.yml`](../roles/custom/matrix-dendrite/defaults/main.yml) and they ultimately end up in the generated `/matrix/dendrite/config/dendrite.yaml` file (on the server). This file is generated from the [`roles/custom/matrix-dendrite/templates/dendrite/dendrite.yaml.j2`](../roles/custom/matrix-dendrite/templates/dendrite/dendrite.yaml.j2) template. -**If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix./vars.yml`) and [re-run the playbook](installing.md) to apply the changes. +**If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`) and [re-run the playbook](installing.md) to apply the changes. Alternatively, **if there is no pre-defined variable** for a Dendrite setting you wish to change: diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index 9deb41f27..2099ccf0c 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -30,7 +30,7 @@ Once you've decided on the domain and path, **you may need to adjust your DNS** ## Enable -To enable Dimension, add this to your configuration file (`inventory/host_vars/matrix./vars.yml`): +To enable Dimension, add this to your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): ```yaml matrix_dimension_enabled: true @@ -40,7 +40,7 @@ matrix_dimension_enabled: true ## Define admin users These users can modify the integrations this Dimension supports. -Add this to your configuration file (`inventory/host_vars/matrix./vars.yml`): +Add this to your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): ```yaml matrix_dimension_admins: @@ -60,7 +60,7 @@ To get an access token for the Dimension user, you can follow the documentation **Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.** -Add access token to your configuration file (`inventory/host_vars/matrix./vars.yml`): +Add access token to your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): ```yaml matrix_dimension_access_token: "YOUR ACCESS TOKEN HERE" diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index a33976623..4810c24d6 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -46,7 +46,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -The Etherpad UI should be available at `https://etherpad.`, while the admin UI (if enabled) should then be available at `https://etherpad./admin`. +The Etherpad UI should be available at `https://etherpad.example.com`, while the admin UI (if enabled) should then be available at `https://etherpad.example.com/admin`. If you've [decided on another hostname or path-prefix](#decide-on-a-domain-and-path) (e.g. `https://matrix.example.com/etherpad`), adjust these URLs accordingly before usage. @@ -55,7 +55,7 @@ If you've [decided on another hostname or path-prefix](#decide-on-a-domain-and-p If you want to manage and remove old unused pads from Etherpad, you will first need to able Admin access as described above. -Then from the plugin manager page (`https://etherpad./admin/plugins`, install the `adminpads2` plugin. Once installed, you should have a "Manage pads" section in the Admin web-UI. +Then from the plugin manager page (`https://etherpad.example.com/admin/plugins`, install the `adminpads2` plugin. Once installed, you should have a "Manage pads" section in the Admin web-UI. ### How to use Etherpad widgets without an Integration Manager (like Dimension) @@ -76,7 +76,7 @@ The Dimension configuration menu can be accessed with the sprocket icon as you b If you wish to disable the Etherpad chat button, you can do it by appending `?showChat=false` to the end of the pad URL, or the template. -Example: `https://etherpad./p/$roomId_$padName?showChat=false` +Example: `https://etherpad.example.com/p/$roomId_$padName?showChat=false` ## Known issues diff --git a/docs/configuring-playbook-federation.md b/docs/configuring-playbook-federation.md index 6ebe32bbd..54ec6b4b0 100644 --- a/docs/configuring-playbook-federation.md +++ b/docs/configuring-playbook-federation.md @@ -21,7 +21,7 @@ If you wish to disable federation, you can do that with an empty list (`[]`), or By default, your server's public rooms directory is not exposed to other servers via federation. -If you wish to expose it, add this to your configuration file (`inventory/host_vars/matrix./vars.yml`): +If you wish to expose it, add this to your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): ```yaml matrix_synapse_allow_public_rooms_over_federation: true @@ -30,7 +30,7 @@ matrix_synapse_allow_public_rooms_over_federation: true ## Disabling federation -To completely disable federation, isolating your server from the rest of the Matrix network, add this to your configuration file (`inventory/host_vars/matrix./vars.yml`): +To completely disable federation, isolating your server from the rest of the Matrix network, add this to your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): ```yaml matrix_homeserver_federation_enabled: false @@ -55,7 +55,7 @@ matrix_synapse_reverse_proxy_companion_federation_api_enabled: false Why? This change could be useful for people running small Synapse instances on small severs/VPSes to avoid being impacted by a simple DOS/DDOS when bandwidth, RAM, an CPU resources are limited and if your hosting provider does not provide a DOS/DDOS protection. -The following changes in the configuration file (`inventory/host_vars/matrix./vars.yml`) will allow this and make it possible to proxy the federation through a CDN such as CloudFlare or any other: +The following changes in the configuration file (`inventory/host_vars/matrix.example.com/vars.yml`) will allow this and make it possible to proxy the federation through a CDN such as CloudFlare or any other: ``` matrix_synapse_http_listener_resource_names: ["client","federation"] diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index 17977cf98..ad227d3ff 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -35,7 +35,7 @@ For a complete list of ntfy config options that you could put in `ntfy_configura ## Installing -Don't forget to add `ntfy.` to DNS as described in [Configuring DNS](configuring-dns.md) before running the playbook. +Don't forget to add `ntfy.example.com` to DNS as described in [Configuring DNS](configuring-dns.md) before running the playbook. After configuring the playbook, run the [installation](installing.md) command: diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index c984c86f7..d1f2e2fa5 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -2,9 +2,9 @@ It can be useful to have some (visual) insight into the performance of your homeserver. -You can enable this with the following settings in your configuration file (`inventory/host_vars/matrix./vars.yml`): +You can enable this with the following settings in your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): -Remember to add `stats.` to DNS as described in [Configuring DNS](configuring-dns.md) before running the playbook. +Remember to add `stats.example.com` to DNS as described in [Configuring DNS](configuring-dns.md) before running the playbook. ```yaml prometheus_enabled: true @@ -30,7 +30,7 @@ grafana_default_admin_user: "some_username_chosen_by_you" grafana_default_admin_password: "some_strong_password_chosen_by_you" ``` -By default, a [Grafana](https://grafana.com/) web user-interface will be available at `https://stats.`. +By default, a [Grafana](https://grafana.com/) web user-interface will be available at `https://stats.example.com`. The retention policy of Prometheus metrics is [15 days by default](https://prometheus.io/docs/prometheus/latest/storage/#operational-aspects). Older data gets deleted automatically. @@ -43,7 +43,7 @@ Name | Description `prometheus_node_exporter_enabled`|[Node Exporter](https://prometheus.io/docs/guides/node-exporter/) is an addon of sorts to Prometheus that collects generic system information such as CPU, memory, filesystem, and even system temperatures `prometheus_postgres_exporter_enabled`|[Postgres Exporter](configuring-playbook-prometheus-postgres.md) is an addon of sorts to expose Postgres database metrics to Prometheus. `matrix_prometheus_nginxlog_exporter_enabled`|[NGINX Log Exporter](configuring-playbook-prometheus-nginxlog.md) is an addon of sorts to expose NGINX logs to Prometheus. -`grafana_enabled`|[Grafana](https://grafana.com/) is the visual component. It shows (on the `stats.` subdomain) the dashboards with the graphs that we're interested in +`grafana_enabled`|[Grafana](https://grafana.com/) is the visual component. It shows (on the `stats.example.com` subdomain) the dashboards with the graphs that we're interested in `grafana_anonymous_access`|By default you need to log in to see graphs. If you want to publicly share your graphs (e.g. when asking for help in [`#synapse:matrix.org`](https://matrix.to/#/#synapse:matrix.org?via=matrix.org&via=privacytools.io&via=mozilla.org)) you'll want to enable this option. `grafana_default_admin_user`
`grafana_default_admin_password`|By default Grafana creates a user with `admin` as the username and password. If you feel this is insecure and you want to change it beforehand, you can do that here diff --git a/docs/configuring-playbook-ssl-certificates.md b/docs/configuring-playbook-ssl-certificates.md index 583bc0b11..31799b37f 100644 --- a/docs/configuring-playbook-ssl-certificates.md +++ b/docs/configuring-playbook-ssl-certificates.md @@ -1,6 +1,6 @@ # Adjusting SSL certificate retrieval (optional, advanced) -By default, this playbook retrieves and auto-renews free SSL certificates from [Let's Encrypt](https://letsencrypt.org/) for the domains it needs (e.g. `matrix.` and others) +By default, this playbook retrieves and auto-renews free SSL certificates from [Let's Encrypt](https://letsencrypt.org/) for the domains it needs (e.g. `matrix.example.com` and others) This guide is about using the integrated Traefik server and doesn't apply if you're using [your own webserver](configuring-playbook-own-webserver.md). diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index a5887a33d..718588b18 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -26,7 +26,7 @@ While you will need some local disk space around, it's only to accommodate usage ## Installing -After [creating the S3 bucket and configuring it](configuring-playbook-s3.md#bucket-creation-and-security-configuration), you can proceed to configure `s3-storage-provider` in your configuration file (`inventory/host_vars/matrix./vars.yml`): +After [creating the S3 bucket and configuring it](configuring-playbook-s3.md#bucket-creation-and-security-configuration), you can proceed to configure `s3-storage-provider` in your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): ```yaml matrix_synapse_ext_synapse_s3_storage_provider_enabled: true diff --git a/docs/configuring-playbook-synapse.md b/docs/configuring-playbook-synapse.md index f5a08ae5a..e0e04cf07 100644 --- a/docs/configuring-playbook-synapse.md +++ b/docs/configuring-playbook-synapse.md @@ -6,7 +6,7 @@ The playbook provides lots of customization variables you could use to change Sy Their defaults are defined in [`roles/custom/matrix-synapse/defaults/main.yml`](../roles/custom/matrix-synapse/defaults/main.yml) and they ultimately end up in the generated `/matrix/synapse/config/homeserver.yaml` file (on the server). This file is generated from the [`roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2`](../roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2) template. -**If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix./vars.yml`) and [re-run the playbook](installing.md) to apply the changes. +**If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`) and [re-run the playbook](installing.md) to apply the changes. Alternatively, **if there is no pre-defined variable** for a Synapse setting you wish to change: diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 4b4a3366b..d79c9491e 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -8,11 +8,11 @@ To configure the playbook, you need to have done the following things: You can then follow these steps inside the playbook directory: -1. create a directory to hold your configuration (`mkdir -p inventory/host_vars/matrix.`) +1. create a directory to hold your configuration (`mkdir -p inventory/host_vars/matrix.example.com`) -1. copy the sample configuration file (`cp examples/vars.yml inventory/host_vars/matrix./vars.yml`) +1. copy the sample configuration file (`cp examples/vars.yml inventory/host_vars/matrix.example.com/vars.yml`) -1. edit the configuration file (`inventory/host_vars/matrix./vars.yml`) to your liking. You may also take a look at the various `roles/*/ROLE_NAME_HERE/defaults/main.yml` files and see if there's something you'd like to copy over and override in your `vars.yml` configuration file. +1. edit the configuration file (`inventory/host_vars/matrix.example.com/vars.yml`) to your liking. You may also take a look at the various `roles/*/ROLE_NAME_HERE/defaults/main.yml` files and see if there's something you'd like to copy over and override in your `vars.yml` configuration file. 1. copy the sample inventory hosts file (`cp examples/hosts inventory/hosts`) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index fb5ec1b18..3bd8c5be3 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -11,11 +11,11 @@ There are 2 types of well-known service discovery that Matrix makes use of: ## Introduction to Federation Server Discovery -All services created by this playbook are meant to be installed on their own server (such as `matrix.`). +All services created by this playbook are meant to be installed on their own server (such as `matrix.example.com`). -As [per the Server-Server specification](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery), to use a Matrix user identifier like `@:` while hosting services on a subdomain like `matrix.`, the Matrix network needs to be instructed of such delegation/redirection. +As [per the Server-Server specification](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery), to use a Matrix user identifier like `@:example.com` while hosting services on a subdomain like `matrix.example.com`, the Matrix network needs to be instructed of such delegation/redirection. -Server delegation can be configured using DNS SRV records or by setting up a `/.well-known/matrix/server` file on the base domain (``). +Server delegation can be configured using DNS SRV records or by setting up a `/.well-known/matrix/server` file on the base domain (`example.com`). Both methods have their place and will continue to do so. You only need to use just one of these delegation methods. For simplicity reasons, our setup advocates for the `/.well-known/matrix/server` method and guides you into using that. @@ -178,7 +178,7 @@ backend matrix-backend **For AWS CloudFront** - 1. Add a custom origin with matrix. to your distribution + 1. Add a custom origin with matrix.example.com to your distribution 1. Add two behaviors, one for `.well-known/matrix/client` and one for `.well-known/matrix/server` and point them to your new origin. Make sure to: diff --git a/docs/howto-server-delegation.md b/docs/howto-server-delegation.md index 38374d4c6..d4386fb04 100644 --- a/docs/howto-server-delegation.md +++ b/docs/howto-server-delegation.md @@ -1,6 +1,6 @@ # Server Delegation -To have a server on a subdomain (e.g. `matrix.`) handle Matrix federation traffic for the base domain (``), we need to instruct the Matrix network of such a delegation. +To have a server on a subdomain (e.g. `matrix.example.com`) handle Matrix federation traffic for the base domain (`example.com`), we need to instruct the Matrix network of such a delegation. By default, this playbook guides you into setting up [Server Delegation via a well-known file](#server-delegation-via-a-well-known-file). However, that method may have some downsides that are not to your liking. Hence this guide about alternative ways to set up Server Delegation. @@ -13,7 +13,7 @@ It is a complicated matter, so unless you are affected by the [Downsides of well Serving a `/.well-known/matrix/server` file from the base domain is the most straightforward way to set up server delegation, but it suffers from some problems that we list in [Downsides of well-known-based Server Delegation](#downsides-of-well-known-based-server-delegation). As we already mention in [Configuring DNS](configuring-dns.md) and [Configuring Service Discovery via .well-known](configuring-well-known.md), -this playbook already properly guides you into setting up such delegation by means of a `/.well-known/matrix/server` file served from the base domain (``). +this playbook already properly guides you into setting up such delegation by means of a `/.well-known/matrix/server` file served from the base domain (`example.com`). If this is okay with you, feel free to not read ahead. @@ -22,9 +22,9 @@ If this is okay with you, feel free to not read ahead. Server Delegation by means of a `/.well-known/matrix/server` file is the most straightforward, but suffers from the following downsides: -- you need to have a working HTTPS server for the base domain (``). If you don't have any server for the base domain at all, you can easily solve it by making the playbook [serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md). +- you need to have a working HTTPS server for the base domain (`example.com`). If you don't have any server for the base domain at all, you can easily solve it by making the playbook [serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md). -- any downtime on the base domain (``) or network trouble between the matrix subdomain (`matrix.`) and the base `` may cause Matrix Federation outages. As the [Server-Server spec says](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery): +- any downtime on the base domain (`example.com`) or network trouble between the matrix subdomain (`matrix.example.com`) and the base `` may cause Matrix Federation outages. As the [Server-Server spec says](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery): > Errors are recommended to be cached for up to an hour, and servers are encouraged to exponentially back off for repeated failures. @@ -45,25 +45,25 @@ To use DNS SRV record validation, you need to: - ensure that `/.well-known/matrix/server` is **not served** from the base domain, as that would interfere with DNS SRV record Server Delegation. To make the playbook **not** generate and serve the file, use the following configuration: `matrix_static_files_file_matrix_server_enabled: false`. -- ensure that you have a `_matrix._tcp` DNS SRV record for your base domain (``) with a value of `10 0 8448 matrix.` +- ensure that you have a `_matrix._tcp` DNS SRV record for your base domain (`example.com`) with a value of `10 0 8448 matrix.example.com` -- ensure that you are serving the Matrix Federation API (tcp/8448) with a certificate for `` (not `matrix.`!). Getting this certificate to the `matrix.` server may be complicated. The playbook's automatic SSL obtaining/renewal flow will likely not work and you'll need to copy certificates around manually. See below. +- ensure that you are serving the Matrix Federation API (tcp/8448) with a certificate for `example.com` (not `matrix.example.com`!). Getting this certificate to the `matrix.example.com` server may be complicated. The playbook's automatic SSL obtaining/renewal flow will likely not work and you'll need to copy certificates around manually. See below. For more details on [how to configure the playbook to work with SRV delegation](howto-srv-server-delegation.md) ### Obtaining certificates -How you can obtain a valid certificate for `` on the `matrix.` server is up to you. +How you can obtain a valid certificate for `example.com` on the `matrix.example.com` server is up to you. -If `` and `matrix.` are hosted on the same machine, you can let the playbook obtain the certificate for you, by following our [Obtaining SSL certificates for additional domains](configuring-playbook-ssl-certificates.md#obtaining-ssl-certificates-for-additional-domains) guide. +If `example.com` and `matrix.example.com` are hosted on the same machine, you can let the playbook obtain the certificate for you, by following our [Obtaining SSL certificates for additional domains](configuring-playbook-ssl-certificates.md#obtaining-ssl-certificates-for-additional-domains) guide. -If `` and `matrix.` are not hosted on the same machine, you can copy over the certificate files manually. +If `example.com` and `matrix.example.com` are not hosted on the same machine, you can copy over the certificate files manually. Don't forget that they may get renewed once in a while, so you may also have to transfer them periodically. How often you do that is up to you, as long as the certificate files don't expire. ### Serving the Federation API with your certificates -Regardless of which method for obtaining certificates you've used, once you've managed to get certificates for your base domain onto the `matrix.` machine you can put them to use. +Regardless of which method for obtaining certificates you've used, once you've managed to get certificates for your base domain onto the `matrix.example.com` machine you can put them to use. Based on your setup, you have different ways to go about it: @@ -82,7 +82,7 @@ Based on your setup, you have different ways to go about it: ### Serving the Federation API with your certificates and another webserver **If you are using some other webserver**, you can set up reverse-proxying for the `tcp/8448` port by yourself. -Make sure to use the proper certificates for `` (not for `matrix.`) when serving the `tcp/8448` port. +Make sure to use the proper certificates for `example.com` (not for `matrix.example.com`) when serving the `tcp/8448` port. As recommended in our [Fronting the integrated reverse-proxy webserver with another reverse-proxy](./configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) documentation section, we recommend you to expose the Matrix Federation entrypoint from traffic at a local port (e.g. `127.0.0.1:8449`), so your reverese-proxy should send traffic there. diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 1db7338df..24baabedb 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -28,9 +28,9 @@ To install Matrix services using this Ansible playbook, you need: - [`just`](https://github.com/casey/just) for running `just roles`, `just update`, etc. (see [`justfile`](../justfile)), although you can also run these commands manually -- An HTTPS-capable web server at the base domain name (``) which is capable of serving static files. Unless you decide to [Serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md) or alternatively, to use DNS SRV records for [Server Delegation](howto-server-delegation.md). +- An HTTPS-capable web server at the base domain name (`example.com`) which is capable of serving static files. Unless you decide to [Serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md) or alternatively, to use DNS SRV records for [Server Delegation](howto-server-delegation.md). -- Properly configured DNS records for `` (details in [Configuring DNS](configuring-dns.md)). +- Properly configured DNS records for `example.com` (details in [Configuring DNS](configuring-dns.md)). - Some TCP/UDP ports open. This playbook (actually [Docker itself](https://docs.docker.com/network/iptables/)) configures the server's internal firewall for you. In most cases, you don't need to do anything special. But **if your server is running behind another firewall**, you'd need to open these ports: diff --git a/docs/registering-users.md b/docs/registering-users.md index b6cd32852..d725e8486 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -34,7 +34,7 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username= ``` -**Note**: `` is just a plain username (like `john`), not your full `@:` identifier. +**Note**: `` is just a plain username (like `john`), not your full `@:example.com` identifier. **You can then log in with that user** via the Element service that this playbook has created for you at a URL like this: `https://element./`. diff --git a/docs/updating-users-passwords.md b/docs/updating-users-passwords.md index 953045b3a..5dd764788 100644 --- a/docs/updating-users-passwords.md +++ b/docs/updating-users-passwords.md @@ -8,7 +8,7 @@ You can reset a user's password via the Ansible playbook (make sure to edit the ansible-playbook -i inventory/hosts setup.yml --extra-vars='username= password=' --tags=update-user-password ``` -**Note**: `` is just a plain username (like `john`), not your full `@:` identifier. +**Note**: `` is just a plain username (like `john`), not your full `@:example.com` identifier. **You can then log in with that user** via the Element service that this playbook has created for you at a URL like this: `https://element./`. diff --git a/examples/hosts b/examples/hosts index cb6459f97..d9407b2ab 100644 --- a/examples/hosts +++ b/examples/hosts @@ -18,4 +18,4 @@ # to the host line below. [matrix_servers] -matrix. ansible_host= ansible_ssh_user=root +matrix.example.com ansible_host= ansible_ssh_user=root diff --git a/examples/reverse-proxies/apache/README.md b/examples/reverse-proxies/apache/README.md index 939df3f22..da349db74 100644 --- a/examples/reverse-proxies/apache/README.md +++ b/examples/reverse-proxies/apache/README.md @@ -4,7 +4,7 @@ This directory contains sample files that show you how to front the integrated [ ## Prerequisite configuration -To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix./vars.yml`). +To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix.example.com/vars.yml`). ## Using the Apache configuration diff --git a/examples/reverse-proxies/caddy2-in-container/README.md b/examples/reverse-proxies/caddy2-in-container/README.md index 925547f4e..be654f0d5 100644 --- a/examples/reverse-proxies/caddy2-in-container/README.md +++ b/examples/reverse-proxies/caddy2-in-container/README.md @@ -7,7 +7,7 @@ This directory contains a sample config that shows you how to front the integrat ## Prerequisite configuration -To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix./vars.yml`). +To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix.example.com/vars.yml`). Then, adjust your Caddy `docker-compose.yaml` file (if you're using docker-compose for running your Caddy container). See [examples/reverse-proxies/caddy2-in-container/docker-compose.yaml](./docker-compose.yaml). diff --git a/examples/reverse-proxies/caddy2/README.md b/examples/reverse-proxies/caddy2/README.md index 0c73fce5d..06500f095 100644 --- a/examples/reverse-proxies/caddy2/README.md +++ b/examples/reverse-proxies/caddy2/README.md @@ -5,7 +5,7 @@ This directory contains a sample config that shows you how to front the integrat ## Prerequisite configuration -To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix./vars.yml`). +To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix.example.com/vars.yml`). ## Using the Caddyfile diff --git a/examples/reverse-proxies/nginx-proxy-manager/README.md b/examples/reverse-proxies/nginx-proxy-manager/README.md index aa7a7b53e..5a3e3cc96 100644 --- a/examples/reverse-proxies/nginx-proxy-manager/README.md +++ b/examples/reverse-proxies/nginx-proxy-manager/README.md @@ -7,7 +7,7 @@ This page summarizes how to use Nginx Proxy Manager (NPM) to front the integrate ## Prerequisite configuration -To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix./vars.yml`). +To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix.example.com/vars.yml`). If Matrix federation is enabled, then you will need to make changes to [NPM's Docker configuration](https://nginxproxymanager.com/guide/#quick-setup). By default NPM already exposes ports `80` and `443`, but you would also need to **additionally expose the Matrix Federation port** (as it appears on the public side): `8448`. diff --git a/examples/reverse-proxies/nginx/README.md b/examples/reverse-proxies/nginx/README.md index b57d4557d..67381c4f2 100644 --- a/examples/reverse-proxies/nginx/README.md +++ b/examples/reverse-proxies/nginx/README.md @@ -5,7 +5,7 @@ This directory contains a sample config that shows you how to use the [nginx](ht ## Prerequisite configuration -To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix./vars.yml`). +To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix.example.com/vars.yml`). ## Using the nginx configuration diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index e0f7f907b..44d9c1360 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -7,7 +7,7 @@ # to connect them all together. It does so by overriding role variables. # # You can also override ANY variable (seen here or in any given role), -# by re-defining it in your own configuration file (`inventory/host_vars/matrix.`). +# by re-defining it in your own configuration file (`inventory/host_vars/matrix.example.com`). ######################################################################## # # From 3fb2752714e2e644881dff942298585816502953 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 02:22:34 +0900 Subject: [PATCH 095/404] Replace (your.)server.name with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-conduit.md | 2 +- .../matrix-bridge-appservice-irc/templates/config.yaml.j2 | 2 +- roles/custom/matrix-conduit/templates/conduit.toml.j2 | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-conduit.md b/docs/configuring-playbook-conduit.md index 88e1d883f..6d807c558 100644 --- a/docs/configuring-playbook-conduit.md +++ b/docs/configuring-playbook-conduit.md @@ -36,7 +36,7 @@ You will have to manually register appservices using the the [register-appservic Find the `registration.yaml` in the `/matrix` directory, for example `/matrix/mautrix-signal/bridge/registration.yaml`, then pass the content to Conduit: - @conduit:your.server.name: register-appservice + @conduit:example.com: register-appservice ``` as_token: de.sorunome.msc2409.push_ephemeral: true diff --git a/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 index 94bbda7b8..65af4ddcf 100644 --- a/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 @@ -41,7 +41,7 @@ ircService: # # The path to the RSA PEM-formatted private key to use when encrypting IRC passwords # for storage in the database. Passwords are stored by using the admin room command - # `!storepass server.name passw0rd. When a connection is made to IRC on behalf of + # `!storepass example.com passw0rd. When a connection is made to IRC on behalf of # the Matrix user, this password will be sent as the server password (PASS command). passwordEncryptionKeyPath: "/data/passkey.pem" # does not typically need modification diff --git a/roles/custom/matrix-conduit/templates/conduit.toml.j2 b/roles/custom/matrix-conduit/templates/conduit.toml.j2 index be490cd2a..42f215f5a 100644 --- a/roles/custom/matrix-conduit/templates/conduit.toml.j2 +++ b/roles/custom/matrix-conduit/templates/conduit.toml.j2 @@ -10,7 +10,7 @@ # and room IDs. Examples: matrix.org, conduit.rs # The Conduit server needs all /_matrix/ requests to be reachable at -# https://your.server.name/ on port 443 (client-server) and 8448 (federation). +# https://example.com/ on port 443 (client-server) and 8448 (federation). # If that's not possible for you, you can create /.well-known files to redirect # requests. See From ff4155e0333c4b925829d19c31c087337b5c06dd Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 02:32:31 +0900 Subject: [PATCH 096/404] Replace yourserver.com with example.com Signed-off-by: Suguru Hirahara --- .../custom/matrix-bridge-mx-puppet-discord/defaults/main.yml | 4 ++-- .../custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml | 4 ++-- .../matrix-bridge-mx-puppet-instagram/defaults/main.yml | 4 ++-- roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml | 4 ++-- roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml | 4 ++-- .../custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml index 8d328521d..8bd1320b3 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml @@ -34,14 +34,14 @@ matrix_mx_puppet_discord_appservice_address: 'http://matrix-mx-puppet-discord:{{ matrix_mx_puppet_discord_bridge_mediaUrl: "{{ matrix_homeserver_url }}" # noqa var-naming # "@user:server.com" to allow specific user -# "@.*:yourserver.com" to allow users on a specific homeserver +# "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_discord_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist # "@user:server.com" disallow a specific user -# "@.*:yourserver.com" disallow users on a specific homeserver +# "@.*:example.com" disallow users on a specific homeserver matrix_mx_puppet_discord_provisioning_blacklist: [] matrix_mx_puppet_discord_container_network: "" diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml index c8277aa6a..09cd5ee59 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml @@ -30,14 +30,14 @@ matrix_mx_puppet_groupme_homeserver_domain: '{{ matrix_domain }}' matrix_mx_puppet_groupme_appservice_address: 'http://matrix-mx-puppet-groupme:{{ matrix_mx_puppet_groupme_appservice_port }}' # "@user:server.com" to allow specific user -# "@.*:yourserver.com" to allow users on a specific homeserver +# "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_groupme_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist # "@user:server.com" disallow a specific user -# "@.*:yourserver.com" disallow users on a specific homeserver +# "@.*:example.com" disallow users on a specific homeserver matrix_mx_puppet_groupme_provisioning_blacklist: [] matrix_mx_puppet_groupme_container_network: "" diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml index 9d86b5d08..ba7f993df 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml @@ -25,14 +25,14 @@ matrix_mx_puppet_instagram_homeserver_domain: '{{ matrix_domain }}' matrix_mx_puppet_instagram_appservice_address: 'http://matrix-mx-puppet-instagram:{{ matrix_mx_puppet_instagram_appservice_port }}' # "@user:server.com" to allow specific user -# "@.*:yourserver.com" to allow users on a specific homeserver +# "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_instagram_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist # "@user:server.com" disallow a specific user -# "@.*:yourserver.com" disallow users on a specific homeserver +# "@.*:example.com" disallow users on a specific homeserver matrix_mx_puppet_instagram_provisioning_blacklist: [] matrix_mx_puppet_instagram_container_network: "" diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml index 322f16031..9d9189a84 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -43,14 +43,14 @@ matrix_mx_puppet_slack_oauth_redirect_path: "{{ matrix_mx_puppet_slack_path_pref matrix_mx_puppet_slack_oauth_redirect_uri: '{{ matrix_mx_puppet_slack_scheme }}://{{ matrix_mx_puppet_slack_hostname }}{{ matrix_mx_puppet_slack_oauth_redirect_path }}' # "@user:server.com" to allow specific user -# "@.*:yourserver.com" to allow users on a specific homeserver +# "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_slack_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist # "@user:server.com" disallow a specific user -# "@.*:yourserver.com" disallow users on a specific homeserver +# "@.*:example.com" disallow users on a specific homeserver matrix_mx_puppet_slack_provisioning_blacklist: [] matrix_mx_puppet_slack_container_network: "" diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml index 73cb131f0..5c28aaad3 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml @@ -31,14 +31,14 @@ matrix_mx_puppet_steam_homeserver_domain: '{{ matrix_domain }}' matrix_mx_puppet_steam_appservice_address: 'http://matrix-mx-puppet-steam:{{ matrix_mx_puppet_steam_appservice_port }}' # "@user:server.com" to allow specific user -# "@.*:yourserver.com" to allow users on a specific homeserver +# "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_steam_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist # "@user:server.com" disallow a specific user -# "@.*:yourserver.com" disallow users on a specific homeserver +# "@.*:example.com" disallow users on a specific homeserver matrix_mx_puppet_steam_provisioning_blacklist: [] matrix_mx_puppet_steam_container_network: "" diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml index 1ba4a9920..a09ba4afa 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml @@ -43,14 +43,14 @@ matrix_mx_puppet_twitter_server_path: "{{ matrix_mx_puppet_twitter_path_prefix } matrix_mx_puppet_twitter_server_url: '{{ matrix_homeserver_url }}{{ matrix_mx_puppet_twitter_server_path }}' # "@user:server.com" to allow specific user -# "@.*:yourserver.com" to allow users on a specific homeserver +# "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_twitter_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist # "@user:server.com" disallow a specific user -# "@.*:yourserver.com" disallow users on a specific homeserver +# "@.*:example.com" disallow users on a specific homeserver matrix_mx_puppet_twitter_provisioning_blacklist: [] matrix_mx_puppet_twitter_container_network: "" From ee55138f5755a4fbc03e3566abb323b5b03f3730 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 02:33:36 +0900 Subject: [PATCH 097/404] Replace your-homeserver.com with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-cactus-comments.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index f5e124c08..8f18b1a84 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -52,7 +52,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` Upon starting Cactus Comments, a `bot.cactusbot` user account is created automatically. -To get started, send a `help` message to the `@bot.cactusbot:your-homeserver.com` bot to confirm it's working. +To get started, send a `help` message to the `@bot.cactusbot:example.com` bot to confirm it's working. Then, register a site by typing: `register `. You will then be invited into a moderation room. From 9089963fa8071a41b53db13973d3635ba7734c8b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 02:35:17 +0900 Subject: [PATCH 098/404] Replace server.com with example.com Signed-off-by: Suguru Hirahara --- docs/updating-users-passwords.md | 2 +- .../custom/matrix-bridge-mx-puppet-discord/defaults/main.yml | 4 ++-- .../custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml | 4 ++-- .../matrix-bridge-mx-puppet-instagram/defaults/main.yml | 4 ++-- roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml | 4 ++-- roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml | 4 ++-- .../custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml | 4 ++-- roles/custom/matrix-dendrite/defaults/main.yml | 2 +- roles/custom/matrix-synapse/defaults/main.yml | 2 +- .../matrix-synapse/templates/synapse/homeserver.yaml.j2 | 4 ++-- 10 files changed, 17 insertions(+), 17 deletions(-) diff --git a/docs/updating-users-passwords.md b/docs/updating-users-passwords.md index 5dd764788..bfa74ce44 100644 --- a/docs/updating-users-passwords.md +++ b/docs/updating-users-passwords.md @@ -24,7 +24,7 @@ docker exec -it matrix-synapse /usr/local/bin/hash_password -c /data/homeserver. and then connecting to the postgres server and executing: ``` -UPDATE users SET password_hash = '' WHERE name = '@someone:server.com' +UPDATE users SET password_hash = '' WHERE name = '@someone:example.com' ``` where `` is the hash returned by the docker command above. diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml index 8bd1320b3..deecd4555 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml @@ -33,14 +33,14 @@ matrix_mx_puppet_discord_appservice_address: 'http://matrix-mx-puppet-discord:{{ matrix_mx_puppet_discord_bridge_mediaUrl: "{{ matrix_homeserver_url }}" # noqa var-naming -# "@user:server.com" to allow specific user +# "@user:example.com" to allow specific user # "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_discord_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist -# "@user:server.com" disallow a specific user +# "@user:example.com" disallow a specific user # "@.*:example.com" disallow users on a specific homeserver matrix_mx_puppet_discord_provisioning_blacklist: [] diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml index 09cd5ee59..68e5e4250 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml @@ -29,14 +29,14 @@ matrix_mx_puppet_groupme_homeserver_address: "" matrix_mx_puppet_groupme_homeserver_domain: '{{ matrix_domain }}' matrix_mx_puppet_groupme_appservice_address: 'http://matrix-mx-puppet-groupme:{{ matrix_mx_puppet_groupme_appservice_port }}' -# "@user:server.com" to allow specific user +# "@user:example.com" to allow specific user # "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_groupme_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist -# "@user:server.com" disallow a specific user +# "@user:example.com" disallow a specific user # "@.*:example.com" disallow users on a specific homeserver matrix_mx_puppet_groupme_provisioning_blacklist: [] diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml index ba7f993df..ccee80ec9 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml @@ -24,14 +24,14 @@ matrix_mx_puppet_instagram_homeserver_address: "" matrix_mx_puppet_instagram_homeserver_domain: '{{ matrix_domain }}' matrix_mx_puppet_instagram_appservice_address: 'http://matrix-mx-puppet-instagram:{{ matrix_mx_puppet_instagram_appservice_port }}' -# "@user:server.com" to allow specific user +# "@user:example.com" to allow specific user # "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_instagram_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist -# "@user:server.com" disallow a specific user +# "@user:example.com" disallow a specific user # "@.*:example.com" disallow users on a specific homeserver matrix_mx_puppet_instagram_provisioning_blacklist: [] diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml index 9d9189a84..c9067eb97 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -42,14 +42,14 @@ matrix_mx_puppet_slack_oauth_enabled: true matrix_mx_puppet_slack_oauth_redirect_path: "{{ matrix_mx_puppet_slack_path_prefix }}" matrix_mx_puppet_slack_oauth_redirect_uri: '{{ matrix_mx_puppet_slack_scheme }}://{{ matrix_mx_puppet_slack_hostname }}{{ matrix_mx_puppet_slack_oauth_redirect_path }}' -# "@user:server.com" to allow specific user +# "@user:example.com" to allow specific user # "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_slack_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist -# "@user:server.com" disallow a specific user +# "@user:example.com" disallow a specific user # "@.*:example.com" disallow users on a specific homeserver matrix_mx_puppet_slack_provisioning_blacklist: [] diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml index 5c28aaad3..73e019384 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml @@ -30,14 +30,14 @@ matrix_mx_puppet_steam_homeserver_address: "" matrix_mx_puppet_steam_homeserver_domain: '{{ matrix_domain }}' matrix_mx_puppet_steam_appservice_address: 'http://matrix-mx-puppet-steam:{{ matrix_mx_puppet_steam_appservice_port }}' -# "@user:server.com" to allow specific user +# "@user:example.com" to allow specific user # "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_steam_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist -# "@user:server.com" disallow a specific user +# "@user:example.com" disallow a specific user # "@.*:example.com" disallow users on a specific homeserver matrix_mx_puppet_steam_provisioning_blacklist: [] diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml index a09ba4afa..60bc075f3 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml @@ -42,14 +42,14 @@ matrix_mx_puppet_twitter_environment: '' matrix_mx_puppet_twitter_server_path: "{{ matrix_mx_puppet_twitter_path_prefix }}" matrix_mx_puppet_twitter_server_url: '{{ matrix_homeserver_url }}{{ matrix_mx_puppet_twitter_server_path }}' -# "@user:server.com" to allow specific user +# "@user:example.com" to allow specific user # "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_twitter_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist -# "@user:server.com" disallow a specific user +# "@user:example.com" disallow a specific user # "@.*:example.com" disallow users on a specific homeserver matrix_mx_puppet_twitter_provisioning_blacklist: [] diff --git a/roles/custom/matrix-dendrite/defaults/main.yml b/roles/custom/matrix-dendrite/defaults/main.yml index 48aa21ada..e14d81a5f 100644 --- a/roles/custom/matrix-dendrite/defaults/main.yml +++ b/roles/custom/matrix-dendrite/defaults/main.yml @@ -321,7 +321,7 @@ matrix_dendrite_configuration_extension_yaml: | # server_notices: # system_mxid_localpart: notices # system_mxid_display_name: "Server Notices" - # system_mxid_avatar_url: "mxc://server.com/oumMVlgDnLYFaPVkExemNVVZ" + # system_mxid_avatar_url: "mxc://example.com/oumMVlgDnLYFaPVkExemNVVZ" # room_name: "Server Notices" matrix_dendrite_configuration_extension: "{{ matrix_dendrite_configuration_extension_yaml | from_yaml if matrix_dendrite_configuration_extension_yaml | from_yaml is mapping else {} }}" diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index e9cf89e7b..7e08a9331 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -1398,7 +1398,7 @@ matrix_synapse_configuration_extension_yaml: | # server_notices: # system_mxid_localpart: notices # system_mxid_display_name: "Server Notices" - # system_mxid_avatar_url: "mxc://server.com/oumMVlgDnLYFaPVkExemNVVZ" + # system_mxid_avatar_url: "mxc://example.com/oumMVlgDnLYFaPVkExemNVVZ" # room_name: "Server Notices" matrix_synapse_configuration_extension: "{{ matrix_synapse_configuration_extension_yaml | from_yaml if matrix_synapse_configuration_extension_yaml | from_yaml is mapping else {} }}" diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 3f7b8acd9..06c0f9143 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -391,7 +391,7 @@ manhole_settings: # How to reach the server admin, used in ResourceLimitError # -#admin_contact: 'mailto:admin@server.com' +#admin_contact: 'mailto:admin@example.com' # Global blocking # @@ -2732,7 +2732,7 @@ stats: #server_notices: # system_mxid_localpart: notices # system_mxid_display_name: "Server Notices" -# system_mxid_avatar_url: "mxc://server.com/oumMVlgDnLYFaPVkExemNVVZ" +# system_mxid_avatar_url: "mxc://example.com/oumMVlgDnLYFaPVkExemNVVZ" # room_name: "Server Notices" From 6c4eeda748eea6102888cdc12166ad25521d20cf Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 02:51:32 +0900 Subject: [PATCH 099/404] Replace example.example.com with matrix.example.com Signed-off-by: Suguru Hirahara --- docs/configuring-well-known.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 3bd8c5be3..3db8175d3 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -58,7 +58,7 @@ matrix_static_files_file_matrix_support_property_m_contacts: - email_address: security@example.com role: m.role.security -matrix_static_files_file_matrix_support_property_m_support_page: "https://example.example.com/support" +matrix_static_files_file_matrix_support_property_m_support_page: "https://matrix.example.com/support" ``` To learn how to set up `/.well-known/matrix/support` for the base domain, read the Installing section below. From e42e8aaf83ae7beccc0824b4112bdde3fb2d2fd4 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 03:08:19 +0900 Subject: [PATCH 100/404] Replace with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-email.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-email.md b/docs/configuring-playbook-email.md index ab850e933..3e8caa991 100644 --- a/docs/configuring-playbook-email.md +++ b/docs/configuring-playbook-email.md @@ -5,7 +5,7 @@ By default, this playbook sets up an [Exim](https://www.exim.org/) email server The email server would attempt to deliver emails directly to their final destination. This may or may not work, depending on your domain configuration (SPF settings, etc.) -By default, emails are sent from `matrix@` (as specified by the `exim_relay_sender_address` playbook variable). +By default, emails are sent from `matrix@example.com` (as specified by the `exim_relay_sender_address` playbook variable). **Note**: If you are using a Google Cloud instance, [port 25 is always blocked](https://cloud.google.com/compute/docs/tutorials/sending-mail/), so you need to relay email through another SMTP server as described below. From 28c28e1e00dca526cc2ed26d2ae75dfef7f411fc Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 03:10:02 +0900 Subject: [PATCH 101/404] Replace with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-well-known.md | 6 +++--- docs/howto-server-delegation.md | 2 +- docs/registering-users.md | 2 +- docs/updating-users-passwords.md | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 3db8175d3..d078f2a19 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -191,8 +191,8 @@ Make sure to: No matter which method you've used to set up the well-known files, if you've done it correctly you should be able to see a JSON file at these URLs: -- `https:///.well-known/matrix/server` -- `https:///.well-known/matrix/client` -- `https:///.well-known/matrix/support` +- `https://example.com/.well-known/matrix/server` +- `https://example.com/.well-known/matrix/client` +- `https://example.com/.well-known/matrix/support` You can also check if everything is configured correctly, by [checking if services work](maintenance-checking-services.md). diff --git a/docs/howto-server-delegation.md b/docs/howto-server-delegation.md index d4386fb04..5644ff089 100644 --- a/docs/howto-server-delegation.md +++ b/docs/howto-server-delegation.md @@ -24,7 +24,7 @@ Server Delegation by means of a `/.well-known/matrix/server` file is the most st - you need to have a working HTTPS server for the base domain (`example.com`). If you don't have any server for the base domain at all, you can easily solve it by making the playbook [serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md). -- any downtime on the base domain (`example.com`) or network trouble between the matrix subdomain (`matrix.example.com`) and the base `` may cause Matrix Federation outages. As the [Server-Server spec says](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery): +- any downtime on the base domain (`example.com`) or network trouble between the matrix subdomain (`matrix.example.com`) and the base `example.com` may cause Matrix Federation outages. As the [Server-Server spec says](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery): > Errors are recommended to be cached for up to an hour, and servers are encouraged to exponentially back off for repeated failures. diff --git a/docs/registering-users.md b/docs/registering-users.md index d725e8486..75863e26b 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -36,7 +36,7 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=` is just a plain username (like `john`), not your full `@:example.com` identifier. -**You can then log in with that user** via the Element service that this playbook has created for you at a URL like this: `https://element./`. +**You can then log in with that user** via the Element service that this playbook has created for you at a URL like this: `https://element.example.com/`. ----- diff --git a/docs/updating-users-passwords.md b/docs/updating-users-passwords.md index bfa74ce44..1785a67ca 100644 --- a/docs/updating-users-passwords.md +++ b/docs/updating-users-passwords.md @@ -10,7 +10,7 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=` is just a plain username (like `john`), not your full `@:example.com` identifier. -**You can then log in with that user** via the Element service that this playbook has created for you at a URL like this: `https://element./`. +**You can then log in with that user** via the Element service that this playbook has created for you at a URL like this: `https://element.example.com/`. ## Option 2 (if you are using an external Postgres server): From 5153c9a6c41fb35fa901f448d0bf2daec2929bcc Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 03:10:53 +0900 Subject: [PATCH 102/404] Replace with example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-webhooks.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md index d10f451b9..01debd2f3 100644 --- a/docs/configuring-playbook-bridge-appservice-webhooks.md +++ b/docs/configuring-playbook-bridge-appservice-webhooks.md @@ -10,7 +10,7 @@ Setup Instructions: loosely based on [this](https://github.com/turt2live/matrix-appservice-webhooks/blob/master/README.md) -1. All you basically need is to adjust your `inventory/host_vars/matrix./vars.yml`: +1. All you basically need is to adjust your `inventory/host_vars/matrix.example.com/vars.yml`: ```yaml matrix_appservice_webhooks_enabled: true @@ -18,7 +18,7 @@ matrix_appservice_webhooks_api_secret: '' ``` 2. In case you want to change the verbosity of logging via `journalctl -fu matrix-appservice-webhooks.service` -you can adjust this in `inventory/host_vars/matrix./vars.yml` as well. +you can adjust this in `inventory/host_vars/matrix.example.com/vars.yml` as well. **Note**: default value is: `info` and availabe log levels are : `info`, `verbose` From 7aab3a4f839c36bdbbe89a1a2d824a1cab5fbc6c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 03:14:35 +0900 Subject: [PATCH 103/404] Replace with matrix.example.com Signed-off-by: Suguru Hirahara --- roles/custom/matrix-conduit/defaults/main.yml | 4 ++-- roles/custom/matrix-dendrite/defaults/main.yml | 4 ++-- roles/custom/matrix-synapse/defaults/main.yml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/custom/matrix-conduit/defaults/main.yml b/roles/custom/matrix-conduit/defaults/main.yml index 3e0132c29..f8f53ba33 100644 --- a/roles/custom/matrix-conduit/defaults/main.yml +++ b/roles/custom/matrix-conduit/defaults/main.yml @@ -112,9 +112,9 @@ matrix_conduit_container_extra_arguments: [] # Specifies which template files to use when configuring Conduit. # If you'd like to have your own different configuration, feel free to copy and paste -# the original files into your inventory (e.g. in `inventory/host_vars//`) +# the original files into your inventory (e.g. in `inventory/host_vars/matrix.example.com/`) # and then change the specific host's `vars.yaml` file like this: -# matrix_conduit_template_conduit_config: "{{ playbook_dir }}/inventory/host_vars//conduit.toml.j2" +# matrix_conduit_template_conduit_config: "{{ playbook_dir }}/inventory/host_vars/matrix.example.com/conduit.toml.j2" matrix_conduit_template_conduit_config: "{{ role_path }}/templates/conduit.toml.j2" # Max size for uploads, in bytes diff --git a/roles/custom/matrix-dendrite/defaults/main.yml b/roles/custom/matrix-dendrite/defaults/main.yml index e14d81a5f..fd6c50ed5 100644 --- a/roles/custom/matrix-dendrite/defaults/main.yml +++ b/roles/custom/matrix-dendrite/defaults/main.yml @@ -199,9 +199,9 @@ matrix_dendrite_systemd_service_post_start_delay_seconds: 3 # Specifies which template files to use when configuring Dendrite. # If you'd like to have your own different configuration, feel free to copy and paste -# the original files into your inventory (e.g. in `inventory/host_vars//`) +# the original files into your inventory (e.g. in `inventory/host_vars/matrix.example.com/`) # and then change the specific host's `vars.yml` file like this: -# matrix_dendrite_template_dendrite_config: "{{ playbook_dir }}/inventory/host_vars//dendrite.yaml.j2" +# matrix_dendrite_template_dendrite_config: "{{ playbook_dir }}/inventory/host_vars/matrix.example.com/dendrite.yaml.j2" matrix_dendrite_template_dendrite_config: "{{ role_path }}/templates/dendrite.yaml.j2" matrix_dendrite_client_api_registration_shared_secret: "" diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 7e08a9331..028a69a97 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -339,9 +339,9 @@ matrix_synapse_in_container_python_packages_path: "/usr/local/lib/python3.11/sit # Specifies which template files to use when configuring Synapse. # If you'd like to have your own different configuration, feel free to copy and paste -# the original files into your inventory (e.g. in `inventory/host_vars//`) +# the original files into your inventory (e.g. in `inventory/host_vars/matrix.example.com/`) # and then change the specific host's `vars.yml` file like this: -# matrix_synapse_template_synapse_homeserver: "{{ playbook_dir }}/inventory/host_vars//homeserver.yaml.j2" +# matrix_synapse_template_synapse_homeserver: "{{ playbook_dir }}/inventory/host_vars/matrix.example.com/homeserver.yaml.j2" matrix_synapse_template_synapse_homeserver: "{{ role_path }}/templates/synapse/homeserver.yaml.j2" matrix_synapse_template_synapse_log: "{{ role_path }}/templates/synapse/synapse.log.config.j2" From 951cdba49ba0e0bf1a24dddc0cf12bdf7559c6bc Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 03:27:27 +0900 Subject: [PATCH 104/404] Replace with example.com Signed-off-by: Suguru Hirahara --- .../custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 06c0f9143..f5c293770 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1962,7 +1962,7 @@ saml2_config: # # idp_icon: An optional icon for this identity provider, which is presented # by clients and Synapse's own IdP picker page. If given, must be an -# MXC URI of the format mxc:///. (An easy way to +# MXC URI of the format mxc://example.com/. (An easy way to # obtain such an MXC URI is to upload an image to an (unencrypted) room # and then copy the "url" from the source of the event.) # From c73800b6bc101bb4a4856bffe508aea6ad6c5e8f Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 03:50:20 +0900 Subject: [PATCH 105/404] Replace matrix-example.com-media-store with matrix-example-media-store Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-s3.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-s3.md b/docs/configuring-playbook-s3.md index f29f1e3bd..fb7b51b10 100644 --- a/docs/configuring-playbook-s3.md +++ b/docs/configuring-playbook-s3.md @@ -75,11 +75,11 @@ You [can't easily change which region (US, Europe) your Backblaze account stores After logging in to Backblaze: -- create a new **private** bucket through its user interface (you can call it something like `matrix-example.com-media-store`) +- create a new **private** bucket through its user interface (you can call it something like `matrix-example-media-store`) - note the **Endpoint** for your bucket (something like `s3.us-west-002.backblazeb2.com`). - adjust its Lifecycle Rules to: Keep only the last version of the file - go to [App Keys](https://secure.backblaze.com/app_keys.htm) and use the **Add a New Application Key** to create a new one - - restrict it to the previously created bucket (e.g. `matrix-example.com-media-store`) + - restrict it to the previously created bucket (e.g. `matrix-example-media-store`) - give it *Read & Write* access The `keyID` value is your **Access Key** and `applicationKey` is your **Secret Key**. From b392b544dae4239d651fb5dd9d916b0eb5b2bac8 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 22:58:28 +0900 Subject: [PATCH 106/404] Replace another.com with example.net Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-baibot.md | 2 +- docs/configuring-playbook-federation.md | 2 +- docs/configuring-playbook-synapse-simple-antispam.md | 2 +- roles/custom/matrix-bot-baibot/defaults/main.yml | 2 +- roles/custom/matrix-bot-chatgpt/defaults/main.yml | 2 +- roles/custom/matrix-bot-honoroit/defaults/main.yml | 2 +- roles/custom/matrix-bot-postmoogle/defaults/main.yml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/configuring-playbook-bot-baibot.md b/docs/configuring-playbook-bot-baibot.md index 5b3c5af4d..1c7aa419e 100644 --- a/docs/configuring-playbook-bot-baibot.md +++ b/docs/configuring-playbook-bot-baibot.md @@ -89,7 +89,7 @@ If `matrix_admin` is already configured in your `vars.yml` configuration, you ca # # matrix_bot_baibot_config_access_admin_patterns: # - "@*:example.com" -# - "@admin:another.com" +# - "@admin:example.net" # # .. unless you've made yourself an admin of all bots/bridges like this: # diff --git a/docs/configuring-playbook-federation.md b/docs/configuring-playbook-federation.md index 54ec6b4b0..e4bcee00f 100644 --- a/docs/configuring-playbook-federation.md +++ b/docs/configuring-playbook-federation.md @@ -11,7 +11,7 @@ To make your server only federate with servers of your choosing, add the followi ```yaml matrix_synapse_federation_domain_whitelist: - example.com -- another.com +- example.net ``` If you wish to disable federation, you can do that with an empty list (`[]`), or better yet by completely disabling federation (see below). diff --git a/docs/configuring-playbook-synapse-simple-antispam.md b/docs/configuring-playbook-synapse-simple-antispam.md index 4c13b987a..70b0f64cb 100644 --- a/docs/configuring-playbook-synapse-simple-antispam.md +++ b/docs/configuring-playbook-synapse-simple-antispam.md @@ -14,5 +14,5 @@ matrix_synapse_ext_spam_checker_synapse_simple_antispam_enabled: true matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers: - example.com -- another.com +- example.net ``` diff --git a/roles/custom/matrix-bot-baibot/defaults/main.yml b/roles/custom/matrix-bot-baibot/defaults/main.yml index faf4f10e6..21a576d08 100644 --- a/roles/custom/matrix-bot-baibot/defaults/main.yml +++ b/roles/custom/matrix-bot-baibot/defaults/main.yml @@ -93,7 +93,7 @@ matrix_bot_baibot_config_command_prefix: "!bai" # Example: # matrix_bot_baibot_config_access_admin_patterns: # - "@*:example.com" -# - "@admin:another.com" +# - "@admin:example.net" matrix_bot_baibot_config_access_admin_patterns: "{{ [matrix_admin] if matrix_admin else [] }}" # Controls the `persistence.data_dir_path` configuration setting. diff --git a/roles/custom/matrix-bot-chatgpt/defaults/main.yml b/roles/custom/matrix-bot-chatgpt/defaults/main.yml index aab8a5d90..ecb7da0f1 100644 --- a/roles/custom/matrix-bot-chatgpt/defaults/main.yml +++ b/roles/custom/matrix-bot-chatgpt/defaults/main.yml @@ -90,7 +90,7 @@ matrix_bot_chatgpt_matrix_rich_text: true # MATRIX_RICH_TEXT=true # - @someone:example.com # - @another:example.com # - @bot.*:example.com -# - @*:another.com +# - @*:example.net # matrix_bot_chatgpt_admins: "{{ [matrix_admin] if matrix_admin else [] }}" # Additional environment variables to pass to the chatgpt container diff --git a/roles/custom/matrix-bot-honoroit/defaults/main.yml b/roles/custom/matrix-bot-honoroit/defaults/main.yml index 1ac81eadc..5a1279bdc 100644 --- a/roles/custom/matrix-bot-honoroit/defaults/main.yml +++ b/roles/custom/matrix-bot-honoroit/defaults/main.yml @@ -168,7 +168,7 @@ matrix_bot_honoroit_redmine_done_status_id: '' # done status ID (e.g. 3) # - @someone:example.com # - @another:example.com # - @bot.*:example.com -# - @*:another.com +# - @*:example.net matrix_bot_honoroit_allowedusers: - "@*:*" diff --git a/roles/custom/matrix-bot-postmoogle/defaults/main.yml b/roles/custom/matrix-bot-postmoogle/defaults/main.yml index 7cf8f94b5..e30148b6c 100644 --- a/roles/custom/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/custom/matrix-bot-postmoogle/defaults/main.yml @@ -103,7 +103,7 @@ matrix_bot_postmoogle_relay_password: '' # - '@someone:example.com' # - '@another:example.com' # - '@bot.*:example.com' -# - '@*:another.com' +# - '@*:example.net' matrix_bot_postmoogle_admins: "{{ [matrix_admin] if matrix_admin else [] }}" # Sentry DSN. Deprecated, use matrix_bot_postmoogle_monitoring_sentry_dsn From 54f7dd587a0d2c5483817c49332e81aee5b22124 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 01:46:28 +0900 Subject: [PATCH 107/404] Replace second-example.com and third-example.com with example.net and example.org, respectively Signed-off-by: Suguru Hirahara --- roles/custom/matrix-bot-chatgpt/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bot-chatgpt/defaults/main.yml b/roles/custom/matrix-bot-chatgpt/defaults/main.yml index ecb7da0f1..8dba39b13 100644 --- a/roles/custom/matrix-bot-chatgpt/defaults/main.yml +++ b/roles/custom/matrix-bot-chatgpt/defaults/main.yml @@ -73,7 +73,7 @@ matrix_bot_chatgpt_matrix_default_prefix_reply: false # MATRIX_DEFAULT_PREFIX_R # Matrix Access Control (optional) # # Lists of space-separated entries. Example: -# matrix_bot_chatgpt_matrix_whitelist: ":{{ matrix_domain }} :second-example.com :third-example.com" +# matrix_bot_chatgpt_matrix_whitelist: ":{{ matrix_domain }} :example.net :example.org" matrix_bot_chatgpt_matrix_blacklist: '' matrix_bot_chatgpt_matrix_whitelist: ':{{ matrix_domain }}' From 4a375be6a899bd408f3e0840a6ca1cb6c164a1e9 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 12:15:53 +0900 Subject: [PATCH 108/404] Replace matrix.domain with matrix.example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-postmoogle.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 4af99aba9..537db9b07 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -71,7 +71,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-use To use the bot, invite the `@postmoogle:example.com` bot user into a room you want to use as a mailbox. -Then send `!pm mailbox NAME` to expose this Matrix room as an inbox with the email address `NAME@matrix.domain`. Emails sent to that email address will be forwarded to the room. +Then send `!pm mailbox NAME` to expose this Matrix room as an inbox with the email address `NAME@matrix.example.com`. Emails sent to that email address will be forwarded to the room. Send `!pm help` to the room to see the bot's help menu for additional commands. From 309b91163ac9024309132b80b664a288661a3895 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 16:14:19 +0900 Subject: [PATCH 109/404] Update docs/configuring-playbook-email.md: fix default email sender specified by exim_relay_sender_address exim_relay_sender_address consists of exim_relay_hostname, which by default is equal to matrix_server_fqn_matrix, whose default value is matrix.example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-email.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-email.md b/docs/configuring-playbook-email.md index 3e8caa991..d0a18da15 100644 --- a/docs/configuring-playbook-email.md +++ b/docs/configuring-playbook-email.md @@ -5,7 +5,7 @@ By default, this playbook sets up an [Exim](https://www.exim.org/) email server The email server would attempt to deliver emails directly to their final destination. This may or may not work, depending on your domain configuration (SPF settings, etc.) -By default, emails are sent from `matrix@example.com` (as specified by the `exim_relay_sender_address` playbook variable). +By default, emails are sent from `matrix@matrix.example.com`, as specified by the `exim_relay_sender_address` playbook variable. **Note**: If you are using a Google Cloud instance, [port 25 is always blocked](https://cloud.google.com/compute/docs/tutorials/sending-mail/), so you need to relay email through another SMTP server as described below. From 2b102851e20795b3f1ccddf9f35e12be16e96e0f Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 16:22:10 +0900 Subject: [PATCH 110/404] Update docs/configuring-playbook-traefik.md: use a different hostname Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-traefik.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-traefik.md b/docs/configuring-playbook-traefik.md index aeab79dbf..f98875aa6 100644 --- a/docs/configuring-playbook-traefik.md +++ b/docs/configuring-playbook-traefik.md @@ -57,9 +57,9 @@ However, if your service does not run on a container or runs on another machine, ## Reverse-proxying a remote HTTP/HTTPS service behind Traefik -If you want to host another webserver would be reachable via `my-fancy-website.example.com` from the internet and via `https://:` from inside your network, you can make the playbook's integrated Traefik instance reverse-proxy the traffic to the correct host. +If you want to host another webserver would be reachable via `my-fancy-website.example.net` from the internet and via `https://:` from inside your network, you can make the playbook's integrated Traefik instance reverse-proxy the traffic to the correct host. -Prerequisites: DNS and routing for the domain `my-fancy-website.example.com` need to be set up correctly. In this case, you'd be pointing the domain name to your Matrix server - `my-fancy-website.example.com` would be a CNAME going to `matrix.example.com`. +Prerequisites: DNS and routing for the domain `my-fancy-website.example.net` need to be set up correctly. In this case, you'd be pointing the domain name to your Matrix server - `my-fancy-website.example.net` would be a CNAME going to `matrix.example.com`. First, we have to adjust the static configuration of Traefik, so that we can add additional configuration files: From d997ac6e341d5d8a9374f18461391824b5161190 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 16:23:31 +0900 Subject: [PATCH 111/404] Update docs/configuring-playbook-traefik.md: fix the incorrect hostname Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-traefik.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-traefik.md b/docs/configuring-playbook-traefik.md index f98875aa6..de860cef8 100644 --- a/docs/configuring-playbook-traefik.md +++ b/docs/configuring-playbook-traefik.md @@ -99,7 +99,7 @@ aux_file_definitions: http: routers: webserver-router: - rule: Host(`my_fancy_website.example.com`) + rule: Host(`my-fancy-website.example.net`) service: webserver-service tls: certResolver: default @@ -122,7 +122,7 @@ aux_file_definitions: tcp: routers: webserver-router: - rule: Host(`my_fancy_website.example.com`) + rule: Host(`my-fancy-website.example.net`) service: webserver-service tls: passthrough: true From d564124af78533745cec0b06a3d4ce7501a55ca0 Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Fri, 18 Oct 2024 10:25:53 +0300 Subject: [PATCH 112/404] synapse-admin v0.10.3-etke21: fix 'Sign in' button disabled on SSO-only servers when attempting access token login --- roles/custom/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index 271d32eeb..f3fa74025 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git" # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin -matrix_synapse_admin_version: v0.10.3-etke20 +matrix_synapse_admin_version: v0.10.3-etke21 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From 26503464c6fb3dd33aa0f6d9da366013a6256693 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 16:36:25 +0900 Subject: [PATCH 113/404] Update examples/vars.yml: update a comment to sync with roles/custom/matrix-base/defaults/main.yml Signed-off-by: Suguru Hirahara --- examples/vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/vars.yml b/examples/vars.yml index b8be5f7a3..b6f20c277 100644 --- a/examples/vars.yml +++ b/examples/vars.yml @@ -3,7 +3,7 @@ # Matrix user ids for your server will be of the form (`@user:example.com`). # # Note: this playbook does not touch the server referenced here. -# Installation happens on another server ("matrix.example.com"). +# Installation happens on another server ("matrix.example.com", see `matrix_server_fqn_matrix`). # # If you've deployed using the wrong domain, you'll have to run the Uninstalling step, # because you can't change the Domain after deployment. From 49f7fd96c9b61d4cedc167f2e5c3d44159b18b2e Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 17:00:54 +0900 Subject: [PATCH 114/404] Fix docs/configuring-well-known.md and add a comment Signed-off-by: Suguru Hirahara --- docs/configuring-well-known.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index d078f2a19..a1f889e6b 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -58,7 +58,8 @@ matrix_static_files_file_matrix_support_property_m_contacts: - email_address: security@example.com role: m.role.security -matrix_static_files_file_matrix_support_property_m_support_page: "https://matrix.example.com/support" +# Your organization's support page on the base (or another) domain, if any +matrix_static_files_file_matrix_support_property_m_support_page: "https://example.com/support" ``` To learn how to set up `/.well-known/matrix/support` for the base domain, read the Installing section below. From fa1d92f85d288aeff14b4ec3a4a759cd53d20689 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 19:06:05 +0900 Subject: [PATCH 115/404] Update docs/configuring-playbook.md - Mention "base domain" - Fix list numbering - Add a blank line Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index d79c9491e..e737d5063 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -8,21 +8,22 @@ To configure the playbook, you need to have done the following things: You can then follow these steps inside the playbook directory: -1. create a directory to hold your configuration (`mkdir -p inventory/host_vars/matrix.example.com`) +1. create a directory to hold your configuration (`mkdir -p inventory/host_vars/matrix.example.com` where `example.com` is your "base domain") -1. copy the sample configuration file (`cp examples/vars.yml inventory/host_vars/matrix.example.com/vars.yml`) +2. copy the sample configuration file (`cp examples/vars.yml inventory/host_vars/matrix.example.com/vars.yml`) -1. edit the configuration file (`inventory/host_vars/matrix.example.com/vars.yml`) to your liking. You may also take a look at the various `roles/*/ROLE_NAME_HERE/defaults/main.yml` files and see if there's something you'd like to copy over and override in your `vars.yml` configuration file. +3. edit the configuration file (`inventory/host_vars/matrix.example.com/vars.yml`) to your liking. You may also take a look at the various `roles/*/ROLE_NAME_HERE/defaults/main.yml` files and see if there's something you'd like to copy over and override in your `vars.yml` configuration file. -1. copy the sample inventory hosts file (`cp examples/hosts inventory/hosts`) +4. copy the sample inventory hosts file (`cp examples/hosts inventory/hosts`) -1. edit the inventory hosts file (`inventory/hosts`) to your liking +5. edit the inventory hosts file (`inventory/hosts`) to your liking -2. (optional, advanced) you may wish to keep your `inventory` directory under version control with [git](https://git-scm.com/) or any other version-control system. +6. (optional, advanced) you may wish to keep your `inventory` directory under version control with [git](https://git-scm.com/) or any other version-control system. -3. (optional, advanced) to run Ansible against multiple servers with different `sudo` credentials, you can copy the sample inventory hosts yaml file for each of your hosts: (`cp examples/host.yml inventory/my_host1.yml` …) and use the [`ansible-all-hosts.sh`](../bin/ansible-all-hosts.sh) script [in the installation step](installing.md). +7. (optional, advanced) to run Ansible against multiple servers with different `sudo` credentials, you can copy the sample inventory hosts yaml file for each of your hosts: (`cp examples/host.yml inventory/my_host1.yml` …) and use the [`ansible-all-hosts.sh`](../bin/ansible-all-hosts.sh) script [in the installation step](installing.md). For a basic Matrix installation, that's all you need. + For a more custom setup, see the [Other configuration options](#other-configuration-options) below. When you're done with all the configuration you'd like to do, continue with [Installing](installing.md). From 55fcaac1f1d5c9a05bfede2ba516aa2073c10392 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 23:28:00 +0900 Subject: [PATCH 116/404] =?UTF-8?q?Fix=20capitalization:=20matrix=20?= =?UTF-8?q?=E2=86=92=20Matrix?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 2 +- README.md | 22 +++++++++---------- docs/configuring-playbook-bot-draupnir.md | 2 +- docs/configuring-playbook-bot-honoroit.md | 2 +- docs/configuring-playbook-bot-maubot.md | 2 +- docs/configuring-playbook-bot-mjolnir.md | 2 +- ...guring-playbook-bridge-appservice-slack.md | 6 ++--- docs/configuring-playbook-jitsi.md | 6 ++--- ...onfiguring-playbook-matrix-registration.md | 2 +- docs/configuring-playbook-ntfy.md | 18 +++++++-------- ...ring-playbook-user-verification-service.md | 4 ++-- docs/configuring-playbook.md | 2 +- docs/configuring-well-known.md | 2 +- docs/container-images.md | 2 +- docs/howto-server-delegation.md | 2 +- docs/howto-srv-server-delegation.md | 2 +- docs/maintenance-synapse.md | 2 +- examples/reverse-proxies/caddy2/README.md | 2 +- .../nginx-proxy-manager/README.md | 4 ++-- examples/reverse-proxies/nginx/matrix.conf | 2 +- group_vars/matrix_servers | 2 +- .../templates/production-appservice.yaml.j2 | 2 +- roles/custom/matrix-base/defaults/main.yml | 2 +- .../matrix-base/templates/bin/remove-all.j2 | 3 +-- .../matrix-bot-chatgpt/defaults/main.yml | 2 +- .../matrix-bot-draupnir/defaults/main.yml | 2 +- .../templates/production.yaml.j2 | 4 ++-- .../defaults/main.yml | 2 +- .../matrix-bot-mjolnir/defaults/main.yml | 2 +- .../templates/production.yaml.j2 | 4 ++-- .../matrix-bot-postmoogle/defaults/main.yml | 2 +- .../defaults/main.yml | 22 +++++++++---------- .../templates/config.yaml.j2 | 8 +++---- .../tasks/setup_install.yml | 2 +- .../templates/config.yaml.j2 | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../matrix-media-repo/defaults/main.yml | 2 +- .../templates/media-repo/media-repo.yaml.j2 | 2 +- .../matrix-pantalaimon/defaults/main.yml | 2 +- .../matrix-registration/defaults/main.yml | 2 +- .../matrix-static-files/defaults/main.yml | 4 ++-- .../tasks/self_check_well_known_file.yml | 12 +++++----- .../matrix-static-files/templates/labels.j2 | 4 ++-- roles/custom/matrix-synapse/defaults/main.yml | 2 +- .../templates/synapse/homeserver.yaml.j2 | 16 +++++++------- .../defaults/main.yml | 2 +- .../tasks/cleanup_usr_local_bin.yml | 4 ++-- .../tasks/uninstall_matrix_ssl.yml | 4 ++-- 51 files changed, 107 insertions(+), 108 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8085178f3..4805544b7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1968,7 +1968,7 @@ If you need to downgrade to the previous version, changing `matrix_sygnal_versio ## Hydrogen support -Thanks to [Aaron Raimist](https://github.com/aaronraimist), the playbook now supports [Hydrogen](https://github.com/vector-im/hydrogen-web) - a new lightweight matrix client with legacy and mobile browser support. +Thanks to [Aaron Raimist](https://github.com/aaronraimist), the playbook now supports [Hydrogen](https://github.com/vector-im/hydrogen-web) - a new lightweight Matrix client with legacy and mobile browser support. By default, we still install Element, as Hydrogen is still not fully-featured. Still, people who'd like to try Hydrogen out can now install it via the playbook. diff --git a/README.md b/README.md index 401c79d3e..65537bf42 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,7 @@ You can always re-run the playbook later to add or remove components. ### Homeserver -The homeserver is the backbone of your matrix system. Choose one from the following list. +The homeserver is the backbone of your Matrix system. Choose one from the following list. | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | @@ -41,12 +41,12 @@ The homeserver is the backbone of your matrix system. Choose one from the follow ### Clients -Web clients for matrix that you can host on your own domains. +Web clients for Matrix that you can host on your own domains. | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | | [Element](https://app.element.io/) | ✓ | Web UI, which is configured to connect to your own Synapse server by default | [Link](docs/configuring-playbook-client-element.md) | -| [Hydrogen](https://github.com/element-hq/hydrogen-web) | x | Lightweight matrix client with legacy and mobile browser support | [Link](docs/configuring-playbook-client-hydrogen.md) | +| [Hydrogen](https://github.com/element-hq/hydrogen-web) | x | Lightweight Matrix client with legacy and mobile browser support | [Link](docs/configuring-playbook-client-hydrogen.md) | | [Cinny](https://github.com/ajbura/cinny) | x | Simple, elegant and secure web client | [Link](docs/configuring-playbook-client-cinny.md) | | [SchildiChat](https://schildi.chat/) | x | Based on Element, with a more traditional instant messaging experience | [Link](docs/configuring-playbook-client-schildichat.md) | @@ -64,7 +64,7 @@ Services that run on the server to make the various parts of your installation w | [Let's Encrypt](https://letsencrypt.org/) | ✓ | Free SSL certificate, which secures the connection to all components | [Link](docs/configuring-playbook-ssl-certificates.md) | | [ma1sd](https://github.com/ma1uta/ma1sd) | x | Matrix Identity Server | [Link](docs/configuring-playbook-ma1sd.md) | [Exim](https://www.exim.org/) | ✓ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | [Link](docs/configuring-playbook-email.md) | -| [Dimension](https://github.com/turt2live/matrix-dimension) | x | An open source integrations manager for matrix clients | [Link](docs/configuring-playbook-dimension.md) | +| [Dimension](https://github.com/turt2live/matrix-dimension) | x | An open source integrations manager for Matrix clients | [Link](docs/configuring-playbook-dimension.md) | | [Sygnal](https://github.com/matrix-org/sygnal) | x | Push gateway | [Link](docs/configuring-playbook-sygnal.md) | | [ntfy](https://ntfy.sh) | x | Push notifications server | [Link](docs/configuring-playbook-ntfy.md) | @@ -79,7 +79,7 @@ Extend and modify how users are authenticated on your homeserver. |[matrix-synapse-shared-secret-auth](https://github.com/devture/matrix-synapse-shared-secret-auth) (advanced) | x | Password provider module | [Link](docs/configuring-playbook-shared-secret-auth.md) | | [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3) (advanced) | x | LDAP Auth password provider module | [Link](docs/configuring-playbook-ldap-auth.md) | | [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) (advanced) | x | A proxy that handles Matrix registration requests and forwards them to LDAP. | [Link](docs/configuring-playbook-matrix-ldap-registration-proxy.md) | -| [matrix-registration](https://github.com/ZerataX/matrix-registration) | x | A simple python application to have a token based matrix registration | [Link](docs/configuring-playbook-matrix-registration.md) | +| [matrix-registration](https://github.com/ZerataX/matrix-registration) | x | A simple python application to have a token based Matrix registration | [Link](docs/configuring-playbook-matrix-registration.md) | ### File Storage @@ -94,7 +94,7 @@ Use alternative file storage to the default `media_store` folder. ### Bridges -Bridges can be used to connect your matrix installation with third-party communication networks. +Bridges can be used to connect your Matrix installation with third-party communication networks. | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | @@ -138,16 +138,16 @@ Bots provide various additional functionality to your installation. | [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) | x | Bot for invitations by creating and managing registration tokens | [Link](docs/configuring-playbook-bot-matrix-registration-bot.md) | | [maubot](https://github.com/maubot/maubot) | x | A plugin-based Matrix bot system | [Link](docs/configuring-playbook-bot-maubot.md) | | [honoroit](https://github.com/etkecc/honoroit) | x | A helpdesk bot | [Link](docs/configuring-playbook-bot-honoroit.md) | -| [Postmoogle](https://github.com/etkecc/postmoogle) | x | Email to matrix bot | [Link](docs/configuring-playbook-bot-postmoogle.md) | +| [Postmoogle](https://github.com/etkecc/postmoogle) | x | Email to Matrix bot | [Link](docs/configuring-playbook-bot-postmoogle.md) | | [Go-NEB](https://github.com/matrix-org/go-neb) | x | A multi functional bot written in Go | [Link](docs/configuring-playbook-bot-go-neb.md) | | [Mjolnir](https://github.com/matrix-org/mjolnir) | x | A moderation tool for Matrix | [Link](docs/configuring-playbook-bot-mjolnir.md) | | [Draupnir](https://github.com/the-draupnir-project/Draupnir) | x | A moderation tool for Matrix (Fork of Mjolnir) | [Link](docs/configuring-playbook-bot-draupnir.md) | -| [Buscarron](https://github.com/etkecc/buscarron) | x | Web forms (HTTP POST) to matrix | [Link](docs/configuring-playbook-bot-buscarron.md) | -| [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) | x | ChatGPT from matrix | [Link](docs/configuring-playbook-bot-chatgpt.md) | +| [Buscarron](https://github.com/etkecc/buscarron) | x | Web forms (HTTP POST) to Matrix | [Link](docs/configuring-playbook-bot-buscarron.md) | +| [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) | x | ChatGPT from Matrix | [Link](docs/configuring-playbook-bot-chatgpt.md) | ### Administration -Services that help you in administrating and monitoring your matrix installation. +Services that help you in administrating and monitoring your Matrix installation. | Name | Default? | Description | Documentation | @@ -171,7 +171,7 @@ Various services that don't fit any other category. | [Matrix Corporal](https://github.com/devture/matrix-corporal) (advanced) | x | Reconciliator and gateway for a managed Matrix server | [Link](docs/configuring-playbook-matrix-corporal.md) | | [Etherpad](https://etherpad.org) | x | An open source collaborative text editor | [Link](docs/configuring-playbook-etherpad.md) | | [Jitsi](https://jitsi.org/) | x | An open source video-conferencing platform | [Link](docs/configuring-playbook-jitsi.md) | -| [Cactus Comments](https://cactus.chat) | x | A federated comment system built on matrix | [Link](docs/configuring-playbook-cactus-comments.md) | +| [Cactus Comments](https://cactus.chat) | x | A federated comment system built on Matrix | [Link](docs/configuring-playbook-cactus-comments.md) | | [Pantalaimon](https://github.com/matrix-org/pantalaimon) | x | An E2EE aware proxy daemon | [Link](docs/configuring-playbook-pantalaimon.md) | diff --git a/docs/configuring-playbook-bot-draupnir.md b/docs/configuring-playbook-bot-draupnir.md index a591f96ed..f2a5df02e 100644 --- a/docs/configuring-playbook-bot-draupnir.md +++ b/docs/configuring-playbook-bot-draupnir.md @@ -82,7 +82,7 @@ matrix_bot_draupnir_management_room: "ROOM_ID_FROM_STEP_4_GOES_HERE" The playbook's `group_vars` will configure other required settings. If using this role separately without the playbook, you also need to configure the two URLs that Draupnir uses to reach the homeserver, one through Pantalaimon and one "raw". This example is taken from the playbook's `group_vars`: ```yaml -# Endpoint URL that Draupnir uses to interact with the matrix homeserver (client-server API). +# Endpoint URL that Draupnir uses to interact with the Matrix homeserver (client-server API). # Set this to the pantalaimon URL if you're using that. matrix_bot_draupnir_homeserver_url: "{{ 'http://matrix-pantalaimon:8009' if matrix_bot_draupnir_pantalaimon_use else matrix_addons_homeserver_client_api_url }}" diff --git a/docs/configuring-playbook-bot-honoroit.md b/docs/configuring-playbook-bot-honoroit.md index 496dc1b16..5cd218d2f 100644 --- a/docs/configuring-playbook-bot-honoroit.md +++ b/docs/configuring-playbook-bot-honoroit.md @@ -46,7 +46,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-use ## Usage -To use the bot, invite the `@honoroit:example.com` to the room you specified in config, after that any matrix user can send a message to the `@honoroit:example.com` to start a new thread in that room. +To use the bot, invite the `@honoroit:example.com` to the room you specified in config, after that any Matrix user can send a message to the `@honoroit:example.com` to start a new thread in that room. Send `!ho help` to the room to see the bot's help menu for additional commands. diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index a48ab158c..22b638f4c 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -41,7 +41,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` You can visit `matrix.example.com/_matrix/maubot/` to manage your available plugins, clients and instances. You should start in the following order -1. **Create one or more clients**: A client is a matrix account which the bot will use to message. By default, the playbook creates a `bot.maubot` account (as per the configuration above). You only need to [obtain an access token](#obtaining-an-access-token) for it +1. **Create one or more clients**: A client is a Matrix account which the bot will use to message. By default, the playbook creates a `bot.maubot` account (as per the configuration above). You only need to [obtain an access token](#obtaining-an-access-token) for it 2. **Upload some Plugins**: Plugins can be obtained from [here](https://github.com/maubot/maubot#plugins) or any other source. 3. **Create an instance**: An instance is the actual bot. You have to specify a client which the bot instance will use and the plugin (how the bot will behave) diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 589850ee4..4f314f672 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -76,7 +76,7 @@ matrix_bot_mjolnir_management_room: "ROOM_ID_FROM_STEP_4_GOES_HERE" The playbook's `group_vars` will configure other required settings. If using this role separately without the playbook, you also need to configure the two URLs that Mjolnir uses to reach the homeserver, one through Pantalaimon and one "raw". This example is taken from the playbook's `group_vars`: ```yaml -# Endpoint URL that Mjolnir uses to interact with the matrix homeserver (client-server API). +# Endpoint URL that Mjolnir uses to interact with the Matrix homeserver (client-server API). # Set this to the pantalaimon URL if you're using that. matrix_bot_mjolnir_homeserver_url: "{{ 'http://matrix-pantalaimon:8009' if matrix_bot_mjolnir_pantalaimon_use else matrix_addons_homeserver_client_api_url }}" diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index b2829eed7..cf1814a8f 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -16,7 +16,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se ```yaml matrix_appservice_slack_enabled: true - matrix_appservice_slack_control_room_id: "Your matrix admin room ID" + matrix_appservice_slack_control_room_id: "Your Matrix admin room ID" ``` 3. Enable puppeting (optional, but recommended) @@ -73,7 +73,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se - files:write:user - **Note**: In order to make Slack files visible to matrix users, this bridge will make Slack files visible to anyone with the url (including files in private channels). This is different than the current behavior in Slack, which only allows authenticated access to media posted in private channels. See MSC701 for details. + **Note**: In order to make Slack files visible to Matrix users, this bridge will make Slack files visible to anyone with the url (including files in private channels). This is different than the current behavior in Slack, which only allows authenticated access to media posted in private channels. See MSC701 for details. 10. Click on Install App and Install App to Workspace. Note the access tokens shown. You will need the Bot User OAuth Access Token and if you want to bridge files, the OAuth Access Token whenever you link a room. @@ -115,7 +115,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se unlink --room !the-matrix:room.id ``` - Unlinking doesn't only disconnect the bridge, but also makes the slackbot leave the bridged matrix room. So in case you want to re-link later, don't forget to re-invite the slackbot into this room again. + Unlinking doesn't only disconnect the bridge, but also makes the slackbot leave the bridged Matrix room. So in case you want to re-link later, don't forget to re-invite the slackbot into this room again. ## Troubleshooting diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 8d75cd29b..3b395b319 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -196,13 +196,13 @@ jitsi_jvb_container_colibri_ws_host_bind_port: 9090 ``` The JVB will also need to know where the prosody xmpp server is located, similar to the server ID this can be set in the vars for the JVB by using the variable -`jitsi_xmpp_server`. The Jitsi prosody container is deployed on the matrix server by default so the value can be set to the matrix domain. For example: +`jitsi_xmpp_server`. The Jitsi prosody container is deployed on the Matrix server by default so the value can be set to the Matrix domain. For example: ```yaml jitsi_xmpp_server: "{{ matrix_domain }}" ``` -However, it can also be set the ip address of the matrix server. This can be useful if you wish to use a private ip. For example: +However, it can also be set the ip address of the Matrix server. This can be useful if you wish to use a private ip. For example: ```yaml jitsi_xmpp_server: "192.168.0.1" @@ -269,7 +269,7 @@ jitsi_disable_gravatar: false ``` **Beware**: This leaks information to a third party, namely the Gravatar-Service (unless configured otherwise: gravatar.com). -Besides metadata, this includes the matrix user_id and possibly the room identifier (via `referrer` header). +Besides metadata, this includes the Matrix user_id and possibly the room identifier (via `referrer` header). ## Installing diff --git a/docs/configuring-playbook-matrix-registration.md b/docs/configuring-playbook-matrix-registration.md index cfd0b61c8..cc5c0f69c 100644 --- a/docs/configuring-playbook-matrix-registration.md +++ b/docs/configuring-playbook-matrix-registration.md @@ -6,7 +6,7 @@ The playbook can install and configure [matrix-registration](https://github.com/ **WARNING**: this is not related to [matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md) -> matrix-registration is a simple python application to have a token based matrix registration. +> matrix-registration is a simple python application to have a token based Matrix registration. Use matrix-registration to **create unique registration links**, which people can use to register on your Matrix server. It allows you to **keep your server's registration closed (private)**, but still allow certain people (these having a special link) to register a user account. diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index ad227d3ff..67f7ce6c7 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -2,7 +2,7 @@ The playbook can install and configure the [ntfy](https://ntfy.sh/) push notifications server for you. -Using the [UnifiedPush](https://unifiedpush.org) standard, ntfy enables self-hosted (Google-free) push notifications from Matrix (and other) servers to UnifiedPush-compatible matrix compatible client apps running on Android and other devices. +Using the [UnifiedPush](https://unifiedpush.org) standard, ntfy enables self-hosted (Google-free) push notifications from Matrix (and other) servers to UnifiedPush-compatible Matrix compatible client apps running on Android and other devices. This role is intended to support UnifiedPush notifications for use with the Matrix and Matrix-related services that this playbook installs. This role is not intended to support all of ntfy's other features. @@ -49,7 +49,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start To make use of your ntfy installation, on Android for example, you need two things: * the `ntfy` app -* a UnifiedPush-compatible matrix app +* a UnifiedPush-compatible Matrix app You need to install the `ntfy` app on each device on which you want to receive push notifications through your ntfy server. The `ntfy` app will provide UnifiedPush notifications to any number of UnifiedPush-compatible messaging apps installed on the same device. @@ -61,11 +61,11 @@ You need to install the `ntfy` app on each device on which you want to receive p That is all you need to do in the ntfy app. It has many other features, but for our purposes you can ignore them. In particular you do not need to follow any instructions about subscribing to a notification topic as UnifiedPush will do that automatically. -### Setting up a UnifiedPush-compatible matrix app +### Setting up a UnifiedPush-compatible Matrix app -Install any UnifiedPush-enabled matrix app on that same device. The matrix app will learn from the `ntfy` app that you have configured UnifiedPush on this device, and then it will tell your matrix server to use it. +Install any UnifiedPush-enabled Matrix app on that same device. The Matrix app will learn from the `ntfy` app that you have configured UnifiedPush on this device, and then it will tell your Matrix server to use it. -Steps needed for specific matrix apps: +Steps needed for specific Matrix apps: * FluffyChat-android: - Should auto-detect and use it. No manual settings. @@ -79,9 +79,9 @@ Steps needed for specific matrix apps: 1. choose `Settings` -> `Notifications` -> `Notification method` -> `ntfy` 2. verify `Settings` -> `Troubleshoot` -> `Troubleshoot notification settings` -If the matrix app asks, "Choose a distributor: FCM Fallback or ntfy", then choose "ntfy". +If the Matrix app asks, "Choose a distributor: FCM Fallback or ntfy", then choose "ntfy". -If the matrix app doesn't seem to pick it up, try restarting it and try the Troubleshooting section below. +If the Matrix app doesn't seem to pick it up, try restarting it and try the Troubleshooting section below. ### Web App @@ -92,11 +92,11 @@ The web app is disabled in this playbook by default as the expectation is that m ## Troubleshooting -First check that the matrix client app you are using supports UnifiedPush. There may well be different variants of the app. +First check that the Matrix client app you are using supports UnifiedPush. There may well be different variants of the app. Set the ntfy server's log level to 'DEBUG', as shown in the example settings above, and watch the server's logs with `sudo journalctl -fu matrix-ntfy`. -To check if UnifiedPush is correctly configured on the client device, look at "Settings -> Notifications -> Notification Targets" in Element-Android or SchildiChat, or "Settings -> Notifications -> Devices" in FluffyChat. There should be one entry for each matrix client app that has enabled push notifications, and when that client is using UnifiedPush you should see a URL that begins with your ntfy server's URL. +To check if UnifiedPush is correctly configured on the client device, look at "Settings -> Notifications -> Notification Targets" in Element-Android or SchildiChat, or "Settings -> Notifications -> Devices" in FluffyChat. There should be one entry for each Matrix client app that has enabled push notifications, and when that client is using UnifiedPush you should see a URL that begins with your ntfy server's URL. In the "Notification Targets" screen in Element-Android or SchildiChat, two relevant URLs are shown, "push\_key" and "Url", and both should begin with your ntfy server's URL. If "push\_key" shows your server but "Url" shows an external server such as `up.schildi.chat` then push notifications will still work but are being routed through that external server before they reach your ntfy server. To rectify that, in SchildiChat (at least around version 1.4.20.sc55) you must enable the `Force custom push gateway` setting as described in the "Usage" section above. diff --git a/docs/configuring-playbook-user-verification-service.md b/docs/configuring-playbook-user-verification-service.md index 62b3ec00b..61dc5b85d 100644 --- a/docs/configuring-playbook-user-verification-service.md +++ b/docs/configuring-playbook-user-verification-service.md @@ -3,7 +3,7 @@ **[Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) (hereafter: UVS) can only be installed after Matrix services are installed and running.** If you're just installing Matrix services for the first time, please continue with the [Configuration](configuring-playbook.md) / [Installation](installing.md) flow and come back here later. -Currently, the main purpose of this role is to allow Jitsi to authenticate matrix users and check if they are authorized to join a conference. Please refer to the documentation of the [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) to understand how it works. +Currently, the main purpose of this role is to allow Jitsi to authenticate Matrix users and check if they are authorized to join a conference. Please refer to the documentation of the [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) to understand how it works. **Note**: enabling Matrix User Verification Service, means that the `openid` API endpoints will be exposed on the Matrix Federation port (usually `8448`), even if [federation](configuring-playbook-federation.md) is disabled. @@ -114,7 +114,7 @@ The configuration variable `UVS_LOG_LEVEL` can be set to: - debug ## TLS Certificate Checking -If the matrix Homeserver does not provide a valid TLS certificate, UVS will fail with the following error message: +If the Matrix Homeserver does not provide a valid TLS certificate, UVS will fail with the following error message: > message: 'No response received: [object Object]', diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index e737d5063..d2db51739 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -81,7 +81,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Adjusting email-sending settings](configuring-playbook-email.md) (optional) -- [Setting up Hydrogen](configuring-playbook-client-hydrogen.md) - a new lightweight matrix client with legacy and mobile browser support (optional) +- [Setting up Hydrogen](configuring-playbook-client-hydrogen.md) - a new lightweight Matrix client with legacy and mobile browser support (optional) - [Setting up Cinny](configuring-playbook-client-cinny.md) - a web client focusing primarily on simple, elegant and secure interface (optional) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index a1f889e6b..ccbfd6643 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -161,7 +161,7 @@ frontend www-https # Use the challenge backend if the challenge is set use_backend matrix-backend if matrix-acl backend matrix-backend - # Redirects the .well-known matrix to the matrix server for federation. + # Redirects the .well-known Matrix to the Matrix server for federation. http-request set-header Host matrix.example.com server matrix matrix.example.com:80 # Map url path as ProxyPass does diff --git a/docs/container-images.md b/docs/container-images.md index 4638a0893..9fafbc976 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -42,7 +42,7 @@ These services are not part of our default installation, but can be enabled by [ - [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal/) - [Matrix Corporal](https://github.com/devture/matrix-corporal): reconciliator and gateway for a managed Matrix server (optional) -- [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) - [matrix-registration](https://github.com/ZerataX/matrix-registration): a simple python application to have a token based matrix registration (optional) +- [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) - [matrix-registration](https://github.com/ZerataX/matrix-registration): a simple python application to have a token based Matrix registration (optional) - [mautrix/telegram](https://mau.dev/mautrix/telegram/container_registry) - the [mautrix-telegram](https://github.com/mautrix/telegram) bridge to [Telegram](https://telegram.org/) (optional) diff --git a/docs/howto-server-delegation.md b/docs/howto-server-delegation.md index 5644ff089..9abc2ee14 100644 --- a/docs/howto-server-delegation.md +++ b/docs/howto-server-delegation.md @@ -24,7 +24,7 @@ Server Delegation by means of a `/.well-known/matrix/server` file is the most st - you need to have a working HTTPS server for the base domain (`example.com`). If you don't have any server for the base domain at all, you can easily solve it by making the playbook [serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md). -- any downtime on the base domain (`example.com`) or network trouble between the matrix subdomain (`matrix.example.com`) and the base `example.com` may cause Matrix Federation outages. As the [Server-Server spec says](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery): +- any downtime on the base domain (`example.com`) or network trouble between the Matrix subdomain (`matrix.example.com`) and the base `example.com` may cause Matrix Federation outages. As the [Server-Server spec says](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery): > Errors are recommended to be cached for up to an hour, and servers are encouraged to exponentially back off for repeated failures. diff --git a/docs/howto-srv-server-delegation.md b/docs/howto-srv-server-delegation.md index 96ead7216..9de7b297e 100644 --- a/docs/howto-srv-server-delegation.md +++ b/docs/howto-srv-server-delegation.md @@ -36,7 +36,7 @@ This is because with SRV federation, some servers / tools (one of which being th Now that the federation endpoint is not bound to a domain anymore we need to explicitely tell Traefik to use a wildcard certificate in addition to one containing the base name. -This is because the matrix specification expects the federation endpoint to be served using a certificate compatible with the base domain, however, the other resources on the endpoint still need a valid certificate to work. +This is because the Matrix specification expects the federation endpoint to be served using a certificate compatible with the base domain, however, the other resources on the endpoint still need a valid certificate to work. ```yaml # To let Traefik know which domains' certificates to serve diff --git a/docs/maintenance-synapse.md b/docs/maintenance-synapse.md index b81f91937..2ac3c98b2 100644 --- a/docs/maintenance-synapse.md +++ b/docs/maintenance-synapse.md @@ -51,7 +51,7 @@ When the [Synapse Admin API](https://github.com/element-hq/synapse/tree/master/d Editing the database manually is not recommended or supported by the Synapse developers. If you are going to do so you should [make a database backup](./maintenance-postgres.md#backing-up-postgresql). -First, set up an SSH tunnel to your matrix server (skip if it is your local machine): +First, set up an SSH tunnel to your Matrix server (skip if it is your local machine): ``` # you may replace 1799 with an arbitrary port unbound on both machines diff --git a/examples/reverse-proxies/caddy2/README.md b/examples/reverse-proxies/caddy2/README.md index 06500f095..2dc3d6b62 100644 --- a/examples/reverse-proxies/caddy2/README.md +++ b/examples/reverse-proxies/caddy2/README.md @@ -13,4 +13,4 @@ To get started, first follow the [front the integrated reverse-proxy webserver w You can either just use the [Caddyfile](Caddyfile) directly or append its content to your own Caddyfile. In both cases make sure to replace all the `example.com` domains with your own domain. -This example does not include additional services like element, but you should be able copy the first block and replace the matrix subdomain with the additional services subdomain. I have not tested this though. +This example does not include additional services like element, but you should be able copy the first block and replace the `matrix` subdomain with the additional services subdomain. I have not tested this though. diff --git a/examples/reverse-proxies/nginx-proxy-manager/README.md b/examples/reverse-proxies/nginx-proxy-manager/README.md index 5a3e3cc96..735901c3f 100644 --- a/examples/reverse-proxies/nginx-proxy-manager/README.md +++ b/examples/reverse-proxies/nginx-proxy-manager/README.md @@ -14,9 +14,9 @@ If Matrix federation is enabled, then you will need to make changes to [NPM's Do ## Using Nginx Proxy Manager -You'll need to create two proxy hosts in NPM for matrix web and federation traffic. +You'll need to create two proxy hosts in NPM for Matrix web and federation traffic. -Open the 'Proxy Hosts' page in the NPM web interface and select `Add Proxy Host`, the first being for matrix web traffic. Apply the proxys configuration like this: +Open the 'Proxy Hosts' page in the NPM web interface and select `Add Proxy Host`, the first being for Matrix web traffic. Apply the proxys configuration like this: ```md # Details diff --git a/examples/reverse-proxies/nginx/matrix.conf b/examples/reverse-proxies/nginx/matrix.conf index 0bb5bd96f..0919011ef 100644 --- a/examples/reverse-proxies/nginx/matrix.conf +++ b/examples/reverse-proxies/nginx/matrix.conf @@ -45,7 +45,7 @@ server { ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } -# settings for matrix federation +# settings for Matrix federation server { # For the federation port # TODO: once per IP and port you should add `reuseport`, if you don't have that in any other nginx config file, add it here by uncommenting the lines below and commenting the one after with `quic` but without `reuseport` diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 44d9c1360..c20b54f76 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2650,7 +2650,7 @@ matrix_bot_honoroit_container_labels_traefik_docker_network: "{{ matrix_playbook matrix_bot_honoroit_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}" matrix_bot_honoroit_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" -# For consistency with other things hosted at the matrix FQN, we adjust the metrics endpoint +# For consistency with other things hosted at the Matrix FQN, we adjust the metrics endpoint # so that metrics would be served at something like `/metrics/SERVICE_NAME`, and not at the default path for the role (`PREFIX/metrics`). matrix_bot_honoroit_container_labels_traefik_metrics_path: "{{ matrix_metrics_exposure_path_prefix }}/honoroit" diff --git a/roles/custom/matrix-appservice-draupnir-for-all/templates/production-appservice.yaml.j2 b/roles/custom/matrix-appservice-draupnir-for-all/templates/production-appservice.yaml.j2 index f7f34cbe5..e10952ef4 100644 --- a/roles/custom/matrix-appservice-draupnir-for-all/templates/production-appservice.yaml.j2 +++ b/roles/custom/matrix-appservice-draupnir-for-all/templates/production-appservice.yaml.j2 @@ -1,5 +1,5 @@ homeserver: - # The Matrix server name, this will be the name of the server in your matrix ID. + # The Matrix server name, this will be the name of the server in your Matrix ID. domain: "{{ matrix_domain }}" # The url for the appservice to call the client server API from. url: "{{ matrix_homeserver_url }}" diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 8bd7571b3..90fe71a53 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -9,7 +9,7 @@ # Example value: example.com matrix_domain: ~ -# The optional matrix admin MXID, used in bridges' configs to set bridge admin user +# The optional Matrix admin MXID, used in bridges' configs to set bridge admin user # Example value: "@someone:{{ matrix_domain }}" matrix_admin: '' diff --git a/roles/custom/matrix-base/templates/bin/remove-all.j2 b/roles/custom/matrix-base/templates/bin/remove-all.j2 index be8d48ab9..0a557c245 100644 --- a/roles/custom/matrix-base/templates/bin/remove-all.j2 +++ b/roles/custom/matrix-base/templates/bin/remove-all.j2 @@ -14,7 +14,7 @@ if [ "$sure" != "Yes, I really want to remove everything!" ]; then echo "Good thing I asked, exiting" exit 0 else - echo "Stop and remove matrix services" + echo "Stop and remove Matrix services" for s in $(find {{ devture_systemd_docker_base_systemd_path }}/ -type f -name "matrix-*" -printf "%f\n"); do systemctl disable --now $s @@ -32,4 +32,3 @@ else rm -fr "{{ matrix_base_data_path }}" exit 0 fi - diff --git a/roles/custom/matrix-bot-chatgpt/defaults/main.yml b/roles/custom/matrix-bot-chatgpt/defaults/main.yml index 8dba39b13..0cd01b518 100644 --- a/roles/custom/matrix-bot-chatgpt/defaults/main.yml +++ b/roles/custom/matrix-bot-chatgpt/defaults/main.yml @@ -1,5 +1,5 @@ --- -# chatgpt is a bot for chatting to openAI chatgpt matrix bot +# chatgpt is a bot for chatting to openAI chatgpt Matrix bot # Project source code URL: https://github.com/matrixgpt/matrix-chatgpt-bot matrix_bot_chatgpt_enabled: true diff --git a/roles/custom/matrix-bot-draupnir/defaults/main.yml b/roles/custom/matrix-bot-draupnir/defaults/main.yml index d70867627..639632edc 100644 --- a/roles/custom/matrix-bot-draupnir/defaults/main.yml +++ b/roles/custom/matrix-bot-draupnir/defaults/main.yml @@ -66,7 +66,7 @@ matrix_bot_draupnir_pantalaimon_password: "" # Note: Draupnir is fairly verbose - expect a lot of messages from it. matrix_bot_draupnir_management_room: "" -# Endpoint URL that Draupnir uses to interact with the matrix homeserver (client-server API). +# Endpoint URL that Draupnir uses to interact with the Matrix homeserver (client-server API). # Set this to the pantalaimon URL if you're using that. matrix_bot_draupnir_homeserver_url: "" diff --git a/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 b/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 index f472447b2..cbde408ca 100644 --- a/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 +++ b/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 @@ -1,4 +1,4 @@ -# Endpoint URL that Draupnir uses to interact with the matrix homeserver (client-server API), +# Endpoint URL that Draupnir uses to interact with the Matrix homeserver (client-server API), # set this to the pantalaimon URL if you're using that. homeserverUrl: {{ matrix_bot_draupnir_homeserver_url | to_json }} @@ -12,7 +12,7 @@ accessToken: {{ matrix_bot_draupnir_access_token | to_json }} {% if matrix_bot_draupnir_pantalaimon_use %} # Options related to Pantalaimon (https://github.com/matrix-org/pantalaimon) pantalaimon: - # Whether or not Draupnir will use pantalaimon to access the matrix homeserver, + # Whether or not Draupnir will use pantalaimon to access the Matrix homeserver, # set to `true` if you're using pantalaimon. # # Be sure to point homeserverUrl to the pantalaimon instance. diff --git a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml index ed199a34a..21f2061c5 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml @@ -1,5 +1,5 @@ --- -# matrix-registration-bot creates and manages registration tokens for a matrix server +# matrix-registration-bot creates and manages registration tokens for a Matrix server # Project source code URL: https://github.com/moan0s/matrix-registration-bot matrix_bot_matrix_registration_bot_enabled: true diff --git a/roles/custom/matrix-bot-mjolnir/defaults/main.yml b/roles/custom/matrix-bot-mjolnir/defaults/main.yml index 040c6fb75..e1dce2ef1 100644 --- a/roles/custom/matrix-bot-mjolnir/defaults/main.yml +++ b/roles/custom/matrix-bot-mjolnir/defaults/main.yml @@ -57,7 +57,7 @@ matrix_bot_mjolnir_pantalaimon_password: "" # Note: Mjolnir is fairly verbose - expect a lot of messages from it. matrix_bot_mjolnir_management_room: "" -# Endpoint URL that Mjolnir uses to interact with the matrix homeserver (client-server API). +# Endpoint URL that Mjolnir uses to interact with the Matrix homeserver (client-server API). # Set this to the pantalaimon URL if you're using that. matrix_bot_mjolnir_homeserver_url: "" diff --git a/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 b/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 index 23da8375e..2c6f6da13 100644 --- a/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 +++ b/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 @@ -1,4 +1,4 @@ -# Endpoint URL that Mjolnir uses to interact with the matrix homeserver (client-server API), +# Endpoint URL that Mjolnir uses to interact with the Matrix homeserver (client-server API), # set this to the pantalaimon URL if you're using that. homeserverUrl: {{ matrix_bot_mjolnir_homeserver_url | to_json }} @@ -12,7 +12,7 @@ accessToken: {{ matrix_bot_mjolnir_access_token | to_json }} {% if matrix_bot_mjolnir_pantalaimon_use %} # Options related to Pantalaimon (https://github.com/matrix-org/pantalaimon) pantalaimon: - # Whether or not Mjolnir will use pantalaimon to access the matrix homeserver, + # Whether or not Mjolnir will use pantalaimon to access the Matrix homeserver, # set to `true` if you're using pantalaimon. # # Be sure to point homeserverUrl to the pantalaimon instance. diff --git a/roles/custom/matrix-bot-postmoogle/defaults/main.yml b/roles/custom/matrix-bot-postmoogle/defaults/main.yml index e30148b6c..c2163680f 100644 --- a/roles/custom/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/custom/matrix-bot-postmoogle/defaults/main.yml @@ -1,5 +1,5 @@ --- -# postmoogle is an email to matrix bot +# postmoogle is an email to Matrix bot # Project source code URL: https://github.com/etkecc/postmoogle matrix_bot_postmoogle_enabled: true diff --git a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml index 61a028951..04b2e7d5e 100644 --- a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml @@ -61,7 +61,7 @@ matrix_appservice_irc_ircService_servers: [] # noqa var-naming # # The address of the server to connect to. # irc.example.com: # # A human-readable short name. This is used to label IRC status rooms -# # where matrix users control their connections. +# # where Matrix users control their connections. # # E.g. 'ExampleNet IRC Bridge status'. # # It is also used in the Third Party Lookup API as the instance `desc` # # property, where each server is an instance. @@ -158,7 +158,7 @@ matrix_appservice_irc_ircService_servers: [] # noqa var-naming # # # # Join channels even if there are no Matrix users on the other side of # # the bridge. Set to false to prevent the bot from joining channels which have no -# # real matrix users in them, even if there is a mapping for the channel. +# # real Matrix users in them, even if there is a mapping for the channel. # # Default: true # joinChannelsIfNoUsers: true @@ -239,9 +239,9 @@ matrix_appservice_irc_ircService_servers: [] # noqa var-naming # global: # ircToMatrix: # # Get a snapshot of all real IRC users on a channel (via NAMES) and -# # join their virtual matrix clients to the room. +# # join their virtual Matrix clients to the room. # initial: false -# # Make virtual matrix clients join and leave rooms as their real IRC +# # Make virtual Matrix clients join and leave rooms as their real IRC # # counterparts join/part channels. Default: false. # incremental: false @@ -270,25 +270,25 @@ matrix_appservice_irc_ircService_servers: [] # noqa var-naming # mappings: # # 1:many mappings from IRC channels to room IDs on this IRC server. -# # The matrix room must already exist. Your matrix client should expose +# # The Matrix room must already exist. Your Matrix client should expose # # the room ID in a "settings" page for the room. # "#thepub": # roomIds: ["!kieouiJuedJoxtVdaG:localhost"] -# # Channel key/password to use. Optional. If provided, matrix users do +# # Channel key/password to use. Optional. If provided, Matrix users do # # not need to know the channel key in order to join the channel. # # key: "secret" -# # Configuration for virtual matrix users. The following variables are +# # Configuration for virtual Matrix users. The following variables are # # exposed: # # $NICK => The IRC nick # # $SERVER => The IRC server address (e.g. "irc.example.com") # matrixClients: -# # The user ID template to use when creating virtual matrix users. This +# # The user ID template to use when creating virtual Matrix users. This # # MUST have $NICK somewhere in it. # # Optional. Default: "@$SERVER_$NICK". # # Example: "@irc.example.com_Alice:example.com" # userTemplate: "@irc_$NICK" -# # The display name to use for created matrix clients. This should have +# # The display name to use for created Matrix clients. This should have # # $NICK somewhere in it if it is specified. Can also use $SERVER to # # insert the IRC domain. # # Optional. Default: "$NICK (IRC)". Example: "Alice (IRC)" @@ -333,7 +333,7 @@ matrix_appservice_irc_ircService_servers: [] # noqa var-naming # # The maximum amount of time in seconds that the client can exist # # without sending another message before being disconnected. Use 0 to # # not apply an idle timeout. This value is ignored if this IRC server is -# # mirroring matrix membership lists to IRC. Default: 172800 (48 hours) +# # mirroring Matrix membership lists to IRC. Default: 172800 (48 hours) # idleTimeout: 10800 # # The number of millseconds to wait between consecutive reconnections if a # # client gets disconnected. Setting to 0 will cause the scheduling to be @@ -353,7 +353,7 @@ matrix_appservice_irc_ircService_servers: [] # noqa var-naming # concurrentReconnectLimit: 50 # # The number of lines to allow being sent by the IRC client that has received # # a large block of text to send from matrix. If the number of lines that would -# # be sent is > lineLimit, the text will instead be uploaded to matrix and the +# # be sent is > lineLimit, the text will instead be uploaded to Matrix and the # # resulting URI is treated as a file. As such, a link will be sent to the IRC # # side instead of potentially spamming IRC and getting the IRC client kicked. # # Default: 3. diff --git a/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 index 65af4ddcf..0f9d491d6 100644 --- a/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 @@ -26,7 +26,7 @@ homeserver: # is the "domain name" part of the HS URL. domain: {{ matrix_appservice_irc_homeserver_domain }} - # Should presence be enabled for matrix clients on this bridge. If disabled on the + # Should presence be enabled for Matrix clients on this bridge. If disabled on the # homeserver then it should also be disabled here to avoid excess traffic. # Default: true enablePresence: {{ matrix_appservice_irc_homeserver_enablePresence|to_json }} @@ -47,17 +47,17 @@ ircService: # Config for Matrix -> IRC bridging matrixHandler: - # Cache this many matrix events in memory to be used for m.relates_to messages (usually replies). + # Cache this many Matrix events in memory to be used for m.relates_to messages (usually replies). eventCacheSize: 4096 servers: {{ matrix_appservice_irc_ircService_servers|to_json }} # Configuration for an ident server. If you are running a public bridge it is - # advised you setup an ident server so IRC mods can ban specific matrix users + # advised you setup an ident server so IRC mods can ban specific Matrix users # rather than the application service itself. ident: # True to listen for Ident requests and respond with the - # matrix user's user_id (converted to ASCII, respecting RFC 1413). + # Matrix user's user_id (converted to ASCII, respecting RFC 1413). # Default: false. enabled: false # The port to listen on for incoming ident requests. diff --git a/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index d2ac0307c..9d5bed211 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -82,7 +82,7 @@ path: "{{ matrix_go_skype_bridge_base_path }}/go-skype-bridge.db" register: matrix_go_skype_bridge_stat_database -- name: Check if an old matrix state file exists +- name: Check if an old Matrix state file exists ansible.builtin.stat: path: "{{ matrix_go_skype_bridge_base_path }}/mx-state.json" register: matrix_go_skype_bridge_stat_mx_state diff --git a/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 index 2a1dc6c16..d37ca6efa 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 @@ -109,7 +109,7 @@ bridge: # Number of chats to sync for new users. # Since some of the obtained conversations are not the conversations that the user needs to see, - # the actual number of conversations displayed on the matrix client will be slightly less than the set value + # the actual number of conversations displayed on the Matrix client will be slightly less than the set value initial_chat_sync_count: 10 # Number of old messages to fill when creating new portal rooms. initial_history_fill_count: 20 @@ -181,7 +181,7 @@ bridge: default: {{ matrix_go_skype_bridge_bridge_encryption_default|to_json }} puppet_id: - # when set to true, the matrixid of the contact (puppet) from the bridge to the matrix will be encrypted into another string + # when set to true, the matrixid of the contact (puppet) from the bridge to the Matrix will be encrypted into another string allow: false # 8 characters key: '12dsf323' diff --git a/roles/custom/matrix-bridge-mautrix-gmessages/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-gmessages/tasks/setup_install.yml index f85a790ed..5a3e59f75 100644 --- a/roles/custom/matrix-bridge-mautrix-gmessages/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-gmessages/tasks/setup_install.yml @@ -82,7 +82,7 @@ path: "{{ matrix_mautrix_gmessages_base_path }}/mautrix-gmessages.db" register: matrix_mautrix_gmessages_stat_database -- name: Check if an old matrix state file exists +- name: Check if an old Matrix state file exists ansible.builtin.stat: path: "{{ matrix_mautrix_gmessages_base_path }}/mx-state.json" register: matrix_mautrix_gmessages_stat_mx_state diff --git a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml index de20e8351..ca6568c8e 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml @@ -82,7 +82,7 @@ path: "{{ matrix_mautrix_signal_base_path }}/mautrix-signal.db" register: matrix_mautrix_signal_stat_database -- name: Check if an old matrix state file exists +- name: Check if an old Matrix state file exists ansible.builtin.stat: path: "{{ matrix_mautrix_signal_base_path }}/mx-state.json" register: matrix_mautrix_signal_stat_mx_state diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index 7aff56b39..fd2c1a1ed 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -82,7 +82,7 @@ path: "{{ matrix_mautrix_whatsapp_base_path }}/mautrix-whatsapp.db" register: matrix_mautrix_whatsapp_stat_database -- name: Check if an old matrix state file exists +- name: Check if an old Matrix state file exists ansible.builtin.stat: path: "{{ matrix_mautrix_whatsapp_base_path }}/mx-state.json" register: matrix_mautrix_whatsapp_stat_mx_state diff --git a/roles/custom/matrix-bridge-mautrix-wsproxy/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-wsproxy/tasks/setup_install.yml index c14b03e82..703d412df 100644 --- a/roles/custom/matrix-bridge-mautrix-wsproxy/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-wsproxy/tasks/setup_install.yml @@ -62,7 +62,7 @@ - "{{ matrix_mautrix_wsproxy_base_path }}" - "{{ matrix_mautrix_wsproxy_config_path }}" -- name: Check if an old matrix state file exists +- name: Check if an old Matrix state file exists ansible.builtin.stat: path: "{{ matrix_mautrix_wsproxy_base_path }}/mx-state.json" register: matrix_mautrix_wsproxy_stat_mx_state diff --git a/roles/custom/matrix-media-repo/defaults/main.yml b/roles/custom/matrix-media-repo/defaults/main.yml index aef4eb04b..606b5f245 100755 --- a/roles/custom/matrix-media-repo/defaults/main.yml +++ b/roles/custom/matrix-media-repo/defaults/main.yml @@ -781,7 +781,7 @@ matrix_media_repo_rate_limit_buckets_download_drain_bytes_per_minute: 5242880 # matrix_media_repo_rate_limit_buckets_download_overflow_limit_bytes: 104857600 # 100mb default (the same as the default remote download maxBytes) # Identicons are generated avatars for a given username. Some clients use these to give users a -# default avatar after signing up. Identicons are not part of the official matrix spec, therefore +# default avatar after signing up. Identicons are not part of the official Matrix spec, therefore # this feature is completely optional. matrix_media_repo_identicons_enabled: true diff --git a/roles/custom/matrix-media-repo/templates/media-repo/media-repo.yaml.j2 b/roles/custom/matrix-media-repo/templates/media-repo/media-repo.yaml.j2 index 30ab8cee5..01d38fc9b 100644 --- a/roles/custom/matrix-media-repo/templates/media-repo/media-repo.yaml.j2 +++ b/roles/custom/matrix-media-repo/templates/media-repo/media-repo.yaml.j2 @@ -517,7 +517,7 @@ rateLimit: # Identicons are generated avatars for a given username. Some clients use these to give users a -# default avatar after signing up. Identicons are not part of the official matrix spec, therefore +# default avatar after signing up. Identicons are not part of the official Matrix spec, therefore # this feature is completely optional. identicons: enabled: {{ matrix_media_repo_identicons_enabled | to_json }} diff --git a/roles/custom/matrix-pantalaimon/defaults/main.yml b/roles/custom/matrix-pantalaimon/defaults/main.yml index 22d9a6a32..8746519d3 100644 --- a/roles/custom/matrix-pantalaimon/defaults/main.yml +++ b/roles/custom/matrix-pantalaimon/defaults/main.yml @@ -1,5 +1,5 @@ --- -# E2EE aware proxy daemon for matrix clients. +# E2EE aware proxy daemon for Matrix clients. # Project source code URL: https://github.com/matrix-org/pantalaimon matrix_pantalaimon_enabled: true diff --git a/roles/custom/matrix-registration/defaults/main.yml b/roles/custom/matrix-registration/defaults/main.yml index 008b9b75c..9e8a350ab 100644 --- a/roles/custom/matrix-registration/defaults/main.yml +++ b/roles/custom/matrix-registration/defaults/main.yml @@ -1,5 +1,5 @@ --- -# matrix-registration is a simple python application to have a token based matrix registration +# matrix-registration is a simple python application to have a token based Matrix registration # See: https://zeratax.github.io/matrix-registration/ # Project source code URL: https://github.com/ZerataX/matrix-registration diff --git a/roles/custom/matrix-static-files/defaults/main.yml b/roles/custom/matrix-static-files/defaults/main.yml index 09e9d4215..d63a8c2cb 100644 --- a/roles/custom/matrix-static-files/defaults/main.yml +++ b/roles/custom/matrix-static-files/defaults/main.yml @@ -48,7 +48,7 @@ matrix_static_files_container_labels_traefik_docker_network: "{{ matrix_static_f matrix_static_files_container_labels_traefik_entrypoints: web-secure matrix_static_files_container_labels_traefik_tls_certResolver: default # noqa var-naming -# Controls whether labels will be added that expose the well-known public endpoint on the matrix domain. +# Controls whether labels will be added that expose the well-known public endpoint on the Matrix domain. matrix_static_files_container_labels_well_known_matrix_endpoint_enabled: true matrix_static_files_container_labels_well_known_matrix_endpoint_traefik_hostname: '' matrix_static_files_container_labels_well_known_matrix_endpoint_traefik_path_prefix: /.well-known/matrix @@ -234,7 +234,7 @@ matrix_static_files_file_matrix_client_configuration: "{{ matrix_static_files_fi # If you wish to rely on DNS SRV records only, you can disable this. # Using DNS SRV records implies that you'll be handling Matrix Federation API traffic (tcp/8448) # using certificates for the base domain (`matrix_domain`) and not for the -# matrix domain (`matrix_server_fqn_matrix`). +# Matrix domain (`matrix_server_fqn_matrix`). matrix_static_files_file_matrix_server_enabled: true # Controls the m.server property in the /.well-known/matrix/server file diff --git a/roles/custom/matrix-static-files/tasks/self_check_well_known_file.yml b/roles/custom/matrix-static-files/tasks/self_check_well_known_file.yml index 8e13cba1e..7dace4be2 100644 --- a/roles/custom/matrix-static-files/tasks/self_check_well_known_file.yml +++ b/roles/custom/matrix-static-files/tasks/self_check_well_known_file.yml @@ -6,7 +6,7 @@ # These well-known files may be served without a `Content-Type: application/json` header, # so we can't rely on the uri module's automatic parsing of JSON. -- name: Check .well-known on the matrix hostname +- name: Check .well-known on the Matrix hostname ansible.builtin.uri: url: "{{ well_known_url_matrix }}" follow_redirects: none @@ -18,21 +18,21 @@ register: result_well_known_matrix ignore_errors: true -- name: Fail if .well-known not working on the matrix hostname +- name: Fail if .well-known not working on the Matrix hostname ansible.builtin.fail: msg: "Failed checking that the well-known file for {{ well_known_file_check.purpose }} is configured at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ well_known_url_matrix }}`). Is port 443 open in your firewall? Full error: {{ result_well_known_matrix }}" when: "result_well_known_matrix.failed" -- name: Parse JSON for well-known payload at the matrix hostname +- name: Parse JSON for well-known payload at the Matrix hostname ansible.builtin.set_fact: well_known_matrix_payload: "{{ result_well_known_matrix.content | from_json }}" -- name: Fail if .well-known not CORS-aware on the matrix hostname +- name: Fail if .well-known not CORS-aware on the Matrix hostname ansible.builtin.fail: msg: "The well-known file for {{ well_known_file_check.purpose }} on `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ well_known_url_matrix }}`) is not CORS-aware. The file needs to be served with an Access-Control-Allow-Origin header set." when: "well_known_file_check.cors and 'access_control_allow_origin' not in result_well_known_matrix" -- name: Report working .well-known on the matrix hostname +- name: Report working .well-known on the Matrix hostname ansible.builtin.debug: msg: "well-known for {{ well_known_file_check.purpose }} is configured correctly for `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ well_known_url_matrix }}`)" @@ -63,7 +63,7 @@ when: "well_known_file_check.cors and 'access_control_allow_origin' not in result_well_known_identity" # For people who manually copy the well-known file, try to detect if it's outdated -- name: Fail if well-known is different on matrix hostname and identity hostname +- name: Fail if well-known is different on Matrix hostname and identity hostname ansible.builtin.fail: msg: "The well-known files for {{ well_known_file_check.purpose }} at `{{ matrix_server_fqn_matrix }}` and `{{ matrix_domain }}` are different. Perhaps you copied the file ({{ well_known_file_check.path }}) manually before and now it's outdated?" when: "well_known_matrix_payload != well_known_identity_payload" diff --git a/roles/custom/matrix-static-files/templates/labels.j2 b/roles/custom/matrix-static-files/templates/labels.j2 index e9fcf1945..b2fe0ccf0 100644 --- a/roles/custom/matrix-static-files/templates/labels.j2 +++ b/roles/custom/matrix-static-files/templates/labels.j2 @@ -11,7 +11,7 @@ traefik.http.services.{{ matrix_static_files_identifier }}.loadbalancer.server.p {% if matrix_static_files_container_labels_well_known_matrix_endpoint_enabled %} ############################################################ # # -# Related to /.well-known/matrix on the matrix domain # +# Related to /.well-known/matrix on the Matrix domain # # # ############################################################ @@ -43,7 +43,7 @@ traefik.http.routers.{{ matrix_static_files_identifier }}-well-known.tls.certRes ############################################################ # # -# /Related to /.well-known/matrix on the matrix domain # +# /Related to /.well-known/matrix on the Matrix domain # # # ############################################################ {% endif %} diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 028a69a97..7948dd709 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -1183,7 +1183,7 @@ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_invites: true # this means that spammy messages will appear as empty to users. Default # false. matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_messages: false -# Remove users from the user directory search by filtering matrix IDs and +# Remove users from the user directory search by filtering Matrix IDs and # display names by the entries in the user ban list. Default false. matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_usernames: false # The room IDs of the ban lists to honour. Unlike other parts of Mjolnir, diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index f5c293770..9e0d32ca8 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -32,7 +32,7 @@ modules: {{ matrix_synapse_modules|to_json }} # created on this server. For example if the server_name was example.com, # usernames on this server would be in the format @user:example.com # -# In most cases you should avoid using a matrix specific subdomain such as +# In most cases you should avoid using a Matrix specific subdomain such as # matrix.example.com or synapse.example.com as the server_name for the same # reasons you wouldn't use user@email.example.com as your email address. # See https://matrix-org.github.io/synapse/latest/delegate.html @@ -293,7 +293,7 @@ listeners: {% endif %} {% if matrix_synapse_federation_port_enabled and matrix_synapse_tls_federation_listener_enabled %} - # TLS-enabled listener: for when matrix traffic is sent directly to synapse. + # TLS-enabled listener: for when Matrix traffic is sent directly to synapse. - port: {{ matrix_synapse_container_federation_api_tls_port|to_json }} tls: true bind_addresses: ['::'] @@ -305,7 +305,7 @@ listeners: compress: false {% endif %} - # Unsecure HTTP listener (Client API): for when matrix traffic passes through a reverse proxy + # Unsecure HTTP listener (Client API): for when Matrix traffic passes through a reverse proxy # that unwraps TLS. - port: {{ matrix_synapse_container_client_api_port|to_json }} tls: false @@ -318,7 +318,7 @@ listeners: compress: false {% if matrix_synapse_federation_port_enabled %} - # Unsecure HTTP listener (Federation API): for when matrix traffic passes through a reverse proxy + # Unsecure HTTP listener (Federation API): for when Matrix traffic passes through a reverse proxy # that unwraps TLS. - port: {{ matrix_synapse_container_federation_api_plain_port|to_json }} tls: false @@ -1873,7 +1873,7 @@ saml2_config: #saml_session_lifetime: 5m # An external module can be provided here as a custom solution to - # mapping attributes returned from a saml provider onto a matrix user. + # mapping attributes returned from a saml provider onto a Matrix user. # user_mapping_provider: # The custom module's class. Uncomment to use a custom module. @@ -1896,7 +1896,7 @@ saml2_config: #mxid_source_attribute: displayName # The mapping system to use for mapping the saml attribute onto a - # matrix ID. + # Matrix ID. # # Options include: # * 'hexencode' (which maps unpermitted characters to '=xx') @@ -2037,7 +2037,7 @@ saml2_config: # switching from password logins to OIDC. Defaults to false. # # user_mapping_provider: Configuration for how attributes returned from a OIDC -# provider are mapped onto a matrix user. This setting has the following +# provider are mapped onto a Matrix user. This setting has the following # sub-properties: # # module: The class name of a custom mapping module. Default is @@ -2831,7 +2831,7 @@ opentracing: #homeserver_whitelist: # - ".*" - # A list of the matrix IDs of users whose requests will always be traced, + # A list of the Matrix IDs of users whose requests will always be traced, # even if the tracing system would otherwise drop the traces due to # probabilistic sampling. # diff --git a/roles/custom/matrix-user-verification-service/defaults/main.yml b/roles/custom/matrix-user-verification-service/defaults/main.yml index 1b1eeb7fd..dab9699fe 100644 --- a/roles/custom/matrix-user-verification-service/defaults/main.yml +++ b/roles/custom/matrix-user-verification-service/defaults/main.yml @@ -66,7 +66,7 @@ matrix_user_verification_service_uvs_auth_token: '' # Pin UVS to only check openId Tokens for the matrix_server_name configured by this playbook. matrix_user_verification_service_uvs_pin_openid_verify_server_name: true # Matrix server name to verify OpenID tokens against. -# This is not the homeserverURL, but rather the domain in the matrix "user ID" +# This is not the homeserverURL, but rather the domain in the Matrix "user ID" # UVS can also be instructed to verify against the Matrix server name passed in the token, to enable set to "" matrix_user_verification_service_uvs_openid_verify_server_name: "{{ matrix_domain }}" diff --git a/roles/custom/matrix_playbook_migration/tasks/cleanup_usr_local_bin.yml b/roles/custom/matrix_playbook_migration/tasks/cleanup_usr_local_bin.yml index 586b5c47e..54e6f4646 100644 --- a/roles/custom/matrix_playbook_migration/tasks/cleanup_usr_local_bin.yml +++ b/roles/custom/matrix_playbook_migration/tasks/cleanup_usr_local_bin.yml @@ -1,6 +1,6 @@ --- -- name: Find leftover matrix scripts in /usr/local/bin +- name: Find leftover Matrix scripts in /usr/local/bin ansible.builtin.find: path: "/usr/local/bin" patterns: @@ -19,7 +19,7 @@ - matrix-synapse-worker-write-pid register: matrix_usr_local_bin_files_result -- name: Ensure /usr/local/bin does not contain matrix scripts +- name: Ensure /usr/local/bin does not contain Matrix scripts ansible.builtin.file: path: "{{ item.path }}" state: absent diff --git a/roles/custom/matrix_playbook_migration/tasks/uninstall_matrix_ssl.yml b/roles/custom/matrix_playbook_migration/tasks/uninstall_matrix_ssl.yml index 20e600e1f..ecfad1591 100644 --- a/roles/custom/matrix_playbook_migration/tasks/uninstall_matrix_ssl.yml +++ b/roles/custom/matrix_playbook_migration/tasks/uninstall_matrix_ssl.yml @@ -1,11 +1,11 @@ --- -- name: Ensure matrix-ssl files are deleted +- name: Ensure Matrix SSL-related files are deleted ansible.builtin.file: path: "{{ matrix_base_data_path }}/ssl" state: absent -- name: Ensure matrix SSL-related systemd timers and services are gone +- name: Ensure Matrix SSL-related systemd timers and services are gone ansible.builtin.file: path: "{{ devture_systemd_docker_base_systemd_path }}/{{ item }}" state: absent From e7128055f7c5efe598552e93f7c250f7f125955d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 18 Oct 2024 21:00:19 +0300 Subject: [PATCH 117/404] Minor improvements to the baibot role --- .../matrix-bot-baibot/tasks/install.yml | 47 ++++++++++--------- 1 file changed, 24 insertions(+), 23 deletions(-) diff --git a/roles/custom/matrix-bot-baibot/tasks/install.yml b/roles/custom/matrix-bot-baibot/tasks/install.yml index ce9b8220a..f74ab3442 100644 --- a/roles/custom/matrix-bot-baibot/tasks/install.yml +++ b/roles/custom/matrix-bot-baibot/tasks/install.yml @@ -8,9 +8,10 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" with_items: + - {path: "{{ matrix_bot_baibot_base_path }}", when: true} - {path: "{{ matrix_bot_baibot_config_path }}", when: true} - {path: "{{ matrix_bot_baibot_data_path }}", when: true} - - {path: "{{ matrix_bot_baibot_container_src_files_path }}", when: matrix_bot_baibot_container_image_self_build} + - {path: "{{ matrix_bot_baibot_container_src_files_path }}", when: "{{ matrix_bot_baibot_container_image_self_build }}"} when: "item.when | bool" - name: Ensure baibot configuration installed @@ -29,7 +30,7 @@ group: "{{ matrix_user_groupname }}" mode: 0640 -- name: Ensure baibot image is pulled +- name: Ensure baibot container image is pulled community.docker.docker_image: name: "{{ matrix_bot_baibot_container_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" @@ -41,28 +42,28 @@ delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed -- name: Ensure baibot repository is present on self-build - ansible.builtin.git: - repo: "{{ matrix_bot_baibot_container_repo }}" - version: "{{ matrix_bot_baibot_container_repo_version }}" - dest: "{{ matrix_bot_baibot_container_src_files_path }}" - force: "yes" - become: true - become_user: "{{ matrix_user_username }}" - register: matrix_bot_baibot_git_pull_results - when: "matrix_bot_baibot_container_image_self_build | bool" +- when: "matrix_bot_baibot_container_image_self_build | bool" + block: + - name: Ensure baibot repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_bot_baibot_container_repo }}" + version: "{{ matrix_bot_baibot_container_repo_version }}" + dest: "{{ matrix_bot_baibot_container_src_files_path }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_bot_baibot_git_pull_results -- name: Ensure baibot image is built - community.docker.docker_image: - name: "{{ matrix_bot_baibot_container_image }}" - source: build - force_source: "{{ matrix_bot_baibot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" - force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_baibot_git_pull_results.changed }}" - build: - dockerfile: Dockerfile - path: "{{ matrix_bot_baibot_container_src_files_path }}" - pull: true - when: "matrix_bot_baibot_container_image_self_build | bool" + - name: Ensure baibot container image is built + community.docker.docker_image: + name: "{{ matrix_bot_baibot_container_image }}" + source: build + force_source: "{{ matrix_bot_baibot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_baibot_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_bot_baibot_container_src_files_path }}" + pull: true - name: Ensure baibot container network is created community.general.docker_network: From 08b29e9b926f36a89b10402fe96a8432a9f85705 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 18 Oct 2024 21:14:04 +0300 Subject: [PATCH 118/404] Replace some docker references with {{ devture_systemd_docker_base_host_command_docker }} --- roles/custom/matrix-dendrite/templates/bin/create-account.j2 | 4 ++-- .../matrix-synapse/templates/synapse/bin/register-user.j2 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/custom/matrix-dendrite/templates/bin/create-account.j2 b/roles/custom/matrix-dendrite/templates/bin/create-account.j2 index edfa521b9..11509f4f2 100644 --- a/roles/custom/matrix-dendrite/templates/bin/create-account.j2 +++ b/roles/custom/matrix-dendrite/templates/bin/create-account.j2 @@ -11,7 +11,7 @@ password=$2 admin=$3 if [ "$admin" -eq "1" ]; then - docker exec matrix-dendrite create-account -config /data/dendrite.yaml -username "$user" -password "$password" -admin -url http://localhost:{{ matrix_dendrite_http_bind_port }} + {{ devture_systemd_docker_base_host_command_docker }} exec matrix-dendrite create-account -config /data/dendrite.yaml -username "$user" -password "$password" -admin -url http://localhost:{{ matrix_dendrite_http_bind_port }} else - docker exec matrix-dendrite create-account -config /data/dendrite.yaml -username "$user" -password "$password" -url http://localhost:{{ matrix_dendrite_http_bind_port }} + {{ devture_systemd_docker_base_host_command_docker }} exec matrix-dendrite create-account -config /data/dendrite.yaml -username "$user" -password "$password" -url http://localhost:{{ matrix_dendrite_http_bind_port }} fi diff --git a/roles/custom/matrix-synapse/templates/synapse/bin/register-user.j2 b/roles/custom/matrix-synapse/templates/synapse/bin/register-user.j2 index 228cc9eaa..9b80d397b 100644 --- a/roles/custom/matrix-synapse/templates/synapse/bin/register-user.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/bin/register-user.j2 @@ -11,7 +11,7 @@ password=$2 admin=$3 if [ "$admin" -eq "1" ]; then - docker exec matrix-synapse register_new_matrix_user -u "$user" -p "$password" -c /data/homeserver.yaml --admin http://localhost:{{ matrix_synapse_container_client_api_port }} + {{ devture_systemd_docker_base_host_command_docker }} exec matrix-synapse register_new_matrix_user -u "$user" -p "$password" -c /data/homeserver.yaml --admin http://localhost:{{ matrix_synapse_container_client_api_port }} else - docker exec matrix-synapse register_new_matrix_user -u "$user" -p "$password" -c /data/homeserver.yaml --no-admin http://localhost:{{ matrix_synapse_container_client_api_port }} + {{ devture_systemd_docker_base_host_command_docker }} exec matrix-synapse register_new_matrix_user -u "$user" -p "$password" -c /data/homeserver.yaml --no-admin http://localhost:{{ matrix_synapse_container_client_api_port }} fi From 35bef6122660fd32f016bf617b166ba4fea3aeea Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 18 Oct 2024 21:27:29 +0300 Subject: [PATCH 119/404] Upgrade prometheus-node-exporter (v1.8.2-1 -> v1.8.2-2) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 1e094e06d..a8890829e 100644 --- a/requirements.yml +++ b/requirements.yml @@ -52,7 +52,7 @@ version: v2.54.1-1 name: prometheus - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-node-exporter.git - version: v1.8.2-1 + version: v1.8.2-2 name: prometheus_node_exporter - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git version: v0.14.0-6 From 7f7d19378c37716dfcbf871d4929e91bc79a5047 Mon Sep 17 00:00:00 2001 From: ginta1337 Date: Fri, 18 Oct 2024 21:28:50 +0300 Subject: [PATCH 120/404] Clarify documentation about own ssl certificate setup --- docs/configuring-playbook-ssl-certificates.md | 35 +++++++------------ 1 file changed, 13 insertions(+), 22 deletions(-) diff --git a/docs/configuring-playbook-ssl-certificates.md b/docs/configuring-playbook-ssl-certificates.md index 31799b37f..e086d457f 100644 --- a/docs/configuring-playbook-ssl-certificates.md +++ b/docs/configuring-playbook-ssl-certificates.md @@ -52,14 +52,19 @@ traefik_config_certificatesResolvers_acme_enabled: false # Force-enable it here, because we'll add our certificate files there. traefik_ssl_dir_enabled: true -# Tell Traefik to load our custom configuration file (certificates.yml). -# The file is created below, in `aux_file_definitions`. -# The `/config/..` path is an in-container path, not a path on the host (like `/matrix/traefik/config`). Do not change it! -traefik_configuration_extension_yaml: | - providers: - file: - filename: /config/certificates.yml - watch: true +# Tell Traefik to load our custom ssl key pair by extending provider configuration. +# The key pair files are created below, in `aux_file_definitions`. +# The `/ssl/..` path is an in-container path, not a path on the host (like `/matrix/traefik/ssl`). Do not change it! +traefik_provider_configuration_extension_yaml: + tls: + certificates: + - certFile: /ssl/cert.pem + keyFile: /ssl/privkey.pem + stores: + default: + defaultCertificate: + certFile: /ssl/cert.pem + keyFile: /ssl/privkey.pem # Use the aux role to create our custom files on the server. # If you'd like to do this manually, you remove this `aux_file_definitions` variable. @@ -83,20 +88,6 @@ aux_file_definitions: # content: | # FILE CONTENT # HERE - - # Create the custom Traefik configuration. - # The `/ssl/..` paths below are in-container paths, not paths on the host (/`matrix/traefik/ssl/..`). Do not change them! - - dest: "{{ traefik_config_dir_path }}/certificates.yml" - content: | - tls: - certificates: - - certFile: /ssl/cert.pem - keyFile: /ssl/privkey.pem - stores: - default: - defaultCertificate: - certFile: /ssl/cert.pem - keyFile: /ssl/privkey.pem ``` ## Using a DNS-01 ACME challenge type, instead of HTTP-01 From 4db1d6f8746170450e6ad9530762448fb3e9c69c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 03:27:30 +0900 Subject: [PATCH 121/404] Update docs/configuring-playbook-bridge-mx* - remove line breaks inside a sentence Signed-off-by: Suguru Hirahara --- ...onfiguring-playbook-bridge-mx-puppet-discord.md | 14 ++++---------- ...onfiguring-playbook-bridge-mx-puppet-groupme.md | 10 +++------- ...figuring-playbook-bridge-mx-puppet-instagram.md | 7 ++----- .../configuring-playbook-bridge-mx-puppet-slack.md | 14 ++++---------- .../configuring-playbook-bridge-mx-puppet-steam.md | 14 ++++---------- ...onfiguring-playbook-bridge-mx-puppet-twitter.md | 10 +++------- 6 files changed, 20 insertions(+), 49 deletions(-) diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index 56f05f307..01eaef8d4 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -4,8 +4,7 @@ - For using as a Bot we recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. - For personal use with a discord account we recommend the [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridge, because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. -The playbook can install and configure -[mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) for you. +The playbook can install and configure [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) for you. See the project page to learn what it does and why it might be useful to you. @@ -25,17 +24,12 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -Once the bot is enabled you need to start a chat with `Discord Puppet Bridge` with -the handle `@_discordpuppet_bot:example.com` (where `example.com` is your base -domain, not the `matrix.` domain). +Once the bot is enabled you need to start a chat with `Discord Puppet Bridge` with the handle `@_discordpuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). -Three authentication methods are available, Legacy Token, OAuth and xoxc token. -See mx-puppet-discord [documentation](https://github.com/matrix-discord/mx-puppet-discord) -for more information about how to configure the bridge. +Three authentication methods are available, Legacy Token, OAuth and xoxc token. See mx-puppet-discord [documentation](https://github.com/matrix-discord/mx-puppet-discord) for more information about how to configure the bridge. Once logged in, send `list` to the bot user to list the available rooms. -Clicking rooms in the list will result in you receiving an invitation to the -bridged room. +Clicking rooms in the list will result in you receiving an invitation to the bridged room. Also send `help` to the bot to see the commands available. diff --git a/docs/configuring-playbook-bridge-mx-puppet-groupme.md b/docs/configuring-playbook-bridge-mx-puppet-groupme.md index c10e386fc..5090b2d59 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-groupme.md +++ b/docs/configuring-playbook-bridge-mx-puppet-groupme.md @@ -1,7 +1,6 @@ # Setting up MX Puppet GroupMe (optional) -The playbook can install and configure -[mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) for you. +The playbook can install and configure [mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) for you. See the project page to learn what it does and why it might be useful to you. @@ -19,9 +18,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -Once the bot is enabled you need to start a chat with `GroupMe Puppet Bridge` with -the handle `@_groupmepuppet_bot:example.com` (where `example.com` is your base -domain, not the `matrix.` domain). +Once the bot is enabled you need to start a chat with `GroupMe Puppet Bridge` with the handle `@_groupmepuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). One authentication method is available. @@ -33,7 +30,6 @@ link Once logged in, send `listrooms` to the bot user to list the available rooms. -Clicking rooms in the list will result in you receiving an invitation to the -bridged room. +Clicking rooms in the list will result in you receiving an invitation to the bridged room. Also send `help` to the bot to see the commands available. diff --git a/docs/configuring-playbook-bridge-mx-puppet-instagram.md b/docs/configuring-playbook-bridge-mx-puppet-instagram.md index b2546cb0a..145baa49a 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-instagram.md +++ b/docs/configuring-playbook-bridge-mx-puppet-instagram.md @@ -1,7 +1,6 @@ # Setting up mx-puppet-instagram (optional) -The playbook can install and configure -[mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) for you. +The playbook can install and configure [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) for you. This allows you to bridge Instagram DirectMessages into Matrix. @@ -19,9 +18,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -Once the bot is enabled, you need to start a chat with `Instagram Puppet Bridge` with -the handle `@_instagrampuppet_bot:example.com` (where `example.com` is your base -domain, not the `matrix.` domain). +Once the bot is enabled, you need to start a chat with `Instagram Puppet Bridge` with the handle `@_instagrampuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Send `link ` to the bridge bot to link your instagram account. diff --git a/docs/configuring-playbook-bridge-mx-puppet-slack.md b/docs/configuring-playbook-bridge-mx-puppet-slack.md index d5f784cc5..44d86056f 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-slack.md +++ b/docs/configuring-playbook-bridge-mx-puppet-slack.md @@ -3,8 +3,7 @@ **Note**: bridging to [Slack](https://slack.com) can also happen via the [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) and [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) bridges supported by the playbook. -The playbook can install and configure [Beeper](https://www.beeper.com/)-maintained fork of -[mx-puppet-slack](https://gitlab.com/beeper/mx-puppet-monorepo) for you. +The playbook can install and configure [Beeper](https://www.beeper.com/)-maintained fork of [mx-puppet-slack](https://gitlab.com/beeper/mx-puppet-monorepo) for you. See the project page to learn what it does and why it might be useful to you. @@ -33,17 +32,12 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -Once the bot is enabled you need to start a chat with `Slack Puppet Bridge` with -the handle `@_slackpuppet_bot:example.com` (where `example.com` is your base -domain, not the `matrix.` domain). +Once the bot is enabled you need to start a chat with `Slack Puppet Bridge` with the handle `@_slackpuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). -Three authentication methods are available, Legacy Token, OAuth and xoxc token. -See mx-puppet-slack [documentation](https://github.com/Sorunome/mx-puppet-slack) -for more information about how to configure the bridge. +Three authentication methods are available, Legacy Token, OAuth and xoxc token. See mx-puppet-slack [documentation](https://github.com/Sorunome/mx-puppet-slack) for more information about how to configure the bridge. Once logged in, send `list` to the bot user to list the available rooms. -Clicking rooms in the list will result in you receiving an invitation to the -bridged room. +Clicking rooms in the list will result in you receiving an invitation to the bridged room. Also send `help` to the bot to see the commands available. diff --git a/docs/configuring-playbook-bridge-mx-puppet-steam.md b/docs/configuring-playbook-bridge-mx-puppet-steam.md index 60475929c..66edf8c79 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-steam.md +++ b/docs/configuring-playbook-bridge-mx-puppet-steam.md @@ -1,7 +1,6 @@ # Setting up MX Puppet Steam (optional) -The playbook can install and configure -[mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) for you. +The playbook can install and configure [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) for you. See the project page to learn what it does and why it might be useful to you. @@ -19,17 +18,12 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -Once the bot is enabled you need to start a chat with `Steam Puppet Bridge` with -the handle `@_steampuppet_bot:example.com` (where `example.com` is your base -domain, not the `matrix.` domain). +Once the bot is enabled you need to start a chat with `Steam Puppet Bridge` with the handle `@_steampuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). -Three authentication methods are available, Legacy Token, OAuth and xoxc token. -See mx-puppet-steam [documentation](https://github.com/icewind1991/mx-puppet-steam) -for more information about how to configure the bridge. +Three authentication methods are available, Legacy Token, OAuth and xoxc token. See mx-puppet-steam [documentation](https://github.com/icewind1991/mx-puppet-steam) for more information about how to configure the bridge. Once logged in, send `list` to the bot user to list the available rooms. -Clicking rooms in the list will result in you receiving an invitation to the -bridged room. +Clicking rooms in the list will result in you receiving an invitation to the bridged room. Also send `help` to the bot to see the commands available. diff --git a/docs/configuring-playbook-bridge-mx-puppet-twitter.md b/docs/configuring-playbook-bridge-mx-puppet-twitter.md index 783999ff8..493eb1403 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-twitter.md +++ b/docs/configuring-playbook-bridge-mx-puppet-twitter.md @@ -2,8 +2,7 @@ **Note**: bridging to [Twitter](https://twitter.com/) can also happen via the [mautrix-twitter](configuring-playbook-bridge-mautrix-twitter.md) bridge supported by the playbook. -The playbook can install and configure -[mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) for you. +The playbook can install and configure [mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) for you. See the project page to learn what it does and why it might be useful to you. @@ -30,15 +29,12 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -Once the bot is enabled you need to start a chat with `Twitter Puppet Bridge` with -the handle `@_twitterpuppet_bot:example.com` (where `example.com` is your base -domain, not the `matrix.` domain). +Once the bot is enabled you need to start a chat with `Twitter Puppet Bridge` with the handle `@_twitterpuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). To log in, use `link` and click the link. Once logged in, send `list` to the bot user to list the available rooms. -Clicking rooms in the list will result in you receiving an invitation to the -bridged room. +Clicking rooms in the list will result in you receiving an invitation to the bridged room. Also send `help` to the bot to see the commands available. From a933bdde750a715a910fe2aab411c77c6a5c780f Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 12:21:28 +0900 Subject: [PATCH 122/404] Replace "Installation" with "Installing" on documentation Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-alertmanager-receiver.md | 2 +- docs/configuring-playbook-conduit.md | 2 +- docs/configuring-playbook-dendrite.md | 2 +- docs/configuring-playbook-dimension.md | 2 +- docs/configuring-playbook-user-verification-service.md | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index b7952c3bc..c11b759fc 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -61,7 +61,7 @@ Steps 1 and 2 above only need to be done once, while preparing your [configurati Steps 3 and 4 need to be done for each new room you'd like the bot to deliver alerts to. Step 5 is optional and provides cleaner `/alert/` URLs. -## Installation +## Installing Now that you've [prepared the bot account and room](#account-and-room-preparation) and have [configured the playbook](#configuration), you can run the [installation](installing.md) command: `just install-all` diff --git a/docs/configuring-playbook-conduit.md b/docs/configuring-playbook-conduit.md index 6d807c558..80d4a41f7 100644 --- a/docs/configuring-playbook-conduit.md +++ b/docs/configuring-playbook-conduit.md @@ -9,7 +9,7 @@ By default, this playbook configures the [Synapse](https://github.com/element-hq - **homeserver implementations other than Synapse may not be fully functional**. The playbook may also not assist you in an optimal way (like it does with Synapse). Make yourself familiar with the downsides before proceeding -## Installation +## Installing To use Conduit, you **generally** need the following additional `vars.yml` configuration: diff --git a/docs/configuring-playbook-dendrite.md b/docs/configuring-playbook-dendrite.md index 0b72ed0fa..87300b7fd 100644 --- a/docs/configuring-playbook-dendrite.md +++ b/docs/configuring-playbook-dendrite.md @@ -22,7 +22,7 @@ Alternatively, **if there is no pre-defined variable** for a Dendrite setting yo -## Installation +## Installing To use Dendrite, you **generally** need the following additional `vars.yml` configuration: diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index 2099ccf0c..15351282d 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -69,7 +69,7 @@ matrix_dimension_access_token: "YOUR ACCESS TOKEN HERE" For more information on how to acquire an access token, visit [https://t2bot.io/docs/access_tokens](https://t2bot.io/docs/access_tokens). -## Installation +## Installing After these variables have been set and you have potentially [adjusted your DNS records](#adjusting-dns-records), please run the following command to re-run setup and to restart Dimension: diff --git a/docs/configuring-playbook-user-verification-service.md b/docs/configuring-playbook-user-verification-service.md index 61dc5b85d..4b6502c71 100644 --- a/docs/configuring-playbook-user-verification-service.md +++ b/docs/configuring-playbook-user-verification-service.md @@ -98,7 +98,7 @@ in your host_vars. This will instruct UVS to verify the OpenID token against any domain given in a request. Homeserver discovery is done via '.well-known/matrix/server' of the given domain. -## Installation +## Installing After these variables have been set, run the [installation](installing.md) command to restart UVS: From d8a638f51853f3ad97e4d27ad053e8b236db18d6 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 14:01:08 +0900 Subject: [PATCH 123/404] Update roles/custom/matrix-bridge-mx-puppet-*: fix domain names and use same comments Signed-off-by: Suguru Hirahara --- .../matrix-bridge-mx-puppet-discord/defaults/main.yml | 6 +++--- .../templates/config.yaml.j2 | 8 ++++---- .../matrix-bridge-mx-puppet-groupme/defaults/main.yml | 6 +++--- .../templates/config.yaml.j2 | 10 +++++----- .../defaults/main.yml | 6 +++--- .../templates/config.yaml.j2 | 8 ++++---- .../matrix-bridge-mx-puppet-slack/defaults/main.yml | 6 +++--- .../templates/config.yaml.j2 | 8 ++++---- .../matrix-bridge-mx-puppet-steam/defaults/main.yml | 6 +++--- .../templates/config.yaml.j2 | 8 ++++---- .../matrix-bridge-mx-puppet-twitter/defaults/main.yml | 6 +++--- .../templates/config.yaml.j2 | 8 ++++---- 12 files changed, 43 insertions(+), 43 deletions(-) diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml index deecd4555..3c825b351 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml @@ -33,15 +33,15 @@ matrix_mx_puppet_discord_appservice_address: 'http://matrix-mx-puppet-discord:{{ matrix_mx_puppet_discord_bridge_mediaUrl: "{{ matrix_homeserver_url }}" # noqa var-naming -# "@user:example.com" to allow specific user +# "@user:example.com" to allow a specific user # "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_discord_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist -# "@user:example.com" disallow a specific user -# "@.*:example.com" disallow users on a specific homeserver +# "@user:example.com" to disallow a specific user +# "@.*:example.com" to disallow users on a specific homeserver matrix_mx_puppet_discord_provisioning_blacklist: [] matrix_mx_puppet_discord_container_network: "" diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 index dce3292ed..4940a469d 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 @@ -31,17 +31,17 @@ provisioning: # Regex of Matrix IDs allowed to use the puppet bridge whitelist: {{ matrix_mx_puppet_discord_provisioning_whitelist|to_json }} # Allow a specific user - #- "@user:server\\.com" + #- "@user:example\\.com" # Allow users on a specific homeserver - #- "@.*:yourserver\\.com" + #- "@.*:example\\.com" # Allow anyone #- ".*" # Regex of Matrix IDs forbidden from using the puppet bridge #blacklist: # Disallow a specific user - #- "@user:server\\.com" + #- "@user:example\\.com" # Disallow users on a specific homeserver - #- "@.*:yourserver\\.com" + #- "@.*:example\\.com" blacklist: {{ matrix_mx_puppet_discord_provisioning_blacklist|to_json }} relay: diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml index 68e5e4250..730123b0b 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml @@ -29,15 +29,15 @@ matrix_mx_puppet_groupme_homeserver_address: "" matrix_mx_puppet_groupme_homeserver_domain: '{{ matrix_domain }}' matrix_mx_puppet_groupme_appservice_address: 'http://matrix-mx-puppet-groupme:{{ matrix_mx_puppet_groupme_appservice_port }}' -# "@user:example.com" to allow specific user +# "@user:example.com" to allow a specific user # "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_groupme_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist -# "@user:example.com" disallow a specific user -# "@.*:example.com" disallow users on a specific homeserver +# "@user:example.com" to disallow a specific user +# "@.*:example.com" to disallow users on a specific homeserver matrix_mx_puppet_groupme_provisioning_blacklist: [] matrix_mx_puppet_groupme_container_network: "" diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 index b1a70d6fc..862397577 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 @@ -19,7 +19,7 @@ bridge: # # This is where GroupMe will download user profile pictures and media # from - #mediaUrl: https://external-url.org + #mediaUrl: https://example.org presence: # Bridge GroupMe online/offline status @@ -31,17 +31,17 @@ provisioning: # Regex of Matrix IDs allowed to use the puppet bridge whitelist: {{ matrix_mx_puppet_groupme_provisioning_whitelist|to_json }} # Allow a specific user - #- "@user:server\\.com" + #- "@user:example\\.com" # Allow users on a specific homeserver - #- "@.*:yourserver\\.com" + #- "@.*:example\\.com" # Allow anyone #- ".*" # Regex of Matrix IDs forbidden from using the puppet bridge #blacklist: # Disallow a specific user - #- "@user:server\\.com" + #- "@user:example\\.com" # Disallow users on a specific homeserver - #- "@.*:yourserver\\.com" + #- "@.*:example\\.com" blacklist: {{ matrix_mx_puppet_groupme_provisioning_blacklist|to_json }} relay: diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml index ccee80ec9..54d56b3cd 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml @@ -24,15 +24,15 @@ matrix_mx_puppet_instagram_homeserver_address: "" matrix_mx_puppet_instagram_homeserver_domain: '{{ matrix_domain }}' matrix_mx_puppet_instagram_appservice_address: 'http://matrix-mx-puppet-instagram:{{ matrix_mx_puppet_instagram_appservice_port }}' -# "@user:example.com" to allow specific user +# "@user:example.com" to allow a specific user # "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_instagram_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist -# "@user:example.com" disallow a specific user -# "@.*:example.com" disallow users on a specific homeserver +# "@user:example.com" to disallow a specific user +# "@.*:example.com" to disallow users on a specific homeserver matrix_mx_puppet_instagram_provisioning_blacklist: [] matrix_mx_puppet_instagram_container_network: "" diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 index 67b767ebb..69943fe9b 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 @@ -24,17 +24,17 @@ provisioning: # Regex of Matrix IDs allowed to use the puppet bridge whitelist: {{ matrix_mx_puppet_instagram_provisioning_whitelist|to_json }} # Allow a specific user - #- "@user:server\\.com" + #- "@user:example\\.com" # Allow users on a specific homeserver - #- "@.*:yourserver\\.com" + #- "@.*:example\\.com" # Allow anyone #- ".*" # Regex of Matrix IDs forbidden from using the puppet bridge #blacklist: # Disallow a specific user - #- "@user:server\\.com" + #- "@user:example\\.com" # Disallow users on a specific homeserver - #- "@.*:yourserver\\.com" + #- "@.*:example\\.com" blacklist: {{ matrix_mx_puppet_instagram_provisioning_blacklist|to_json }} # Shared secret for the provisioning API for use by integration managers. diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml index c9067eb97..307ee5b22 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -42,15 +42,15 @@ matrix_mx_puppet_slack_oauth_enabled: true matrix_mx_puppet_slack_oauth_redirect_path: "{{ matrix_mx_puppet_slack_path_prefix }}" matrix_mx_puppet_slack_oauth_redirect_uri: '{{ matrix_mx_puppet_slack_scheme }}://{{ matrix_mx_puppet_slack_hostname }}{{ matrix_mx_puppet_slack_oauth_redirect_path }}' -# "@user:example.com" to allow specific user +# "@user:example.com" to allow a specific user # "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_slack_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist -# "@user:example.com" disallow a specific user -# "@.*:example.com" disallow users on a specific homeserver +# "@user:example.com" to disallow a specific user +# "@.*:example.com" to disallow users on a specific homeserver matrix_mx_puppet_slack_provisioning_blacklist: [] matrix_mx_puppet_slack_container_network: "" diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 index 252b406c4..b2ea9586d 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 @@ -38,17 +38,17 @@ provisioning: # Regex of Matrix IDs allowed to use the puppet bridge whitelist: {{ matrix_mx_puppet_slack_provisioning_whitelist|to_json }} # Allow a specific user - #- "@user:server\\.com" + #- "@user:example\\.com" # Allow users on a specific homeserver - #- "@.*:yourserver\\.com" + #- "@.*:example\\.com" # Allow anyone #- ".*" # Regex of Matrix IDs forbidden from using the puppet bridge #blacklist: # Disallow a specific user - #- "@user:server\\.com" + #- "@user:example\\.com" # Disallow users on a specific homeserver - #- "@.*:yourserver\\.com" + #- "@.*:example\\.com" blacklist: {{ matrix_mx_puppet_slack_provisioning_blacklist|to_json }} # Shared secret for the provisioning API for use by integration managers. diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml index 73e019384..639537e0b 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml @@ -30,15 +30,15 @@ matrix_mx_puppet_steam_homeserver_address: "" matrix_mx_puppet_steam_homeserver_domain: '{{ matrix_domain }}' matrix_mx_puppet_steam_appservice_address: 'http://matrix-mx-puppet-steam:{{ matrix_mx_puppet_steam_appservice_port }}' -# "@user:example.com" to allow specific user +# "@user:example.com" to allow a specific user # "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_steam_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist -# "@user:example.com" disallow a specific user -# "@.*:example.com" disallow users on a specific homeserver +# "@user:example.com" to disallow a specific user +# "@.*:example.com" to disallow users on a specific homeserver matrix_mx_puppet_steam_provisioning_blacklist: [] matrix_mx_puppet_steam_container_network: "" diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 index daf03916d..213d628d2 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 @@ -31,17 +31,17 @@ provisioning: # Regex of Matrix IDs allowed to use the puppet bridge whitelist: {{ matrix_mx_puppet_steam_provisioning_whitelist|to_json }} # Allow a specific user - #- "@user:server\\.com" + #- "@user:example\\.com" # Allow users on a specific homeserver - #- "@.*:yourserver\\.com" + #- "@.*:example\\.com" # Allow anyone #- ".*" # Regex of Matrix IDs forbidden from using the puppet bridge #blacklist: # Disallow a specific user - #- "@user:server\\.com" + #- "@user:example\\.com" # Disallow users on a specific homeserver - #- "@.*:yourserver\\.com" + #- "@.*:example\\.com" blacklist: {{ matrix_mx_puppet_steam_provisioning_blacklist|to_json }} relay: diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml index 60bc075f3..4f806ff5d 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml @@ -42,15 +42,15 @@ matrix_mx_puppet_twitter_environment: '' matrix_mx_puppet_twitter_server_path: "{{ matrix_mx_puppet_twitter_path_prefix }}" matrix_mx_puppet_twitter_server_url: '{{ matrix_homeserver_url }}{{ matrix_mx_puppet_twitter_server_path }}' -# "@user:example.com" to allow specific user +# "@user:example.com" to allow a specific user # "@.*:example.com" to allow users on a specific homeserver # "@.*" to allow anyone matrix_mx_puppet_twitter_provisioning_whitelist: - "@.*:{{ matrix_domain | regex_escape }}" # Leave empty to disable blacklist -# "@user:example.com" disallow a specific user -# "@.*:example.com" disallow users on a specific homeserver +# "@user:example.com" to disallow a specific user +# "@.*:example.com" to disallow users on a specific homeserver matrix_mx_puppet_twitter_provisioning_blacklist: [] matrix_mx_puppet_twitter_container_network: "" diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 index 5fb766dc2..c7dc8c32e 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 @@ -34,17 +34,17 @@ provisioning: # Regex of Matrix IDs allowed to use the puppet bridge whitelist: {{ matrix_mx_puppet_twitter_provisioning_whitelist|to_json }} # Allow a specific user - #- "@user:server\\.com" + #- "@user:example\\.com" # Allow users on a specific homeserver - #- "@.*:yourserver\\.com" + #- "@.*:example\\.com" # Allow anyone #- ".*" # Regex of Matrix IDs forbidden from using the puppet bridge #blacklist: # Disallow a specific user - #- "@user:server\\.com" + #- "@user:example\\.com" # Disallow users on a specific homeserver - #- "@.*:yourserver\\.com" + #- "@.*:example\\.com" blacklist: {{ matrix_mx_puppet_twitter_provisioning_blacklist|to_json }} # Shared secret for the provisioning API for use by integration managers. From c33a4225ba989d3c448b1a54d4486d125eeada9e Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 16:55:58 +0900 Subject: [PATCH 124/404] Update docs/configuring-playbook-client-*: line breaks Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-client-cinny.md | 10 +++++----- docs/configuring-playbook-client-hydrogen.md | 10 +++++----- docs/configuring-playbook-client-schildichat.md | 10 +++++----- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/docs/configuring-playbook-client-cinny.md b/docs/configuring-playbook-client-cinny.md index 701d13fb6..d5deb3380 100644 --- a/docs/configuring-playbook-client-cinny.md +++ b/docs/configuring-playbook-client-cinny.md @@ -1,14 +1,14 @@ # Configuring Cinny (optional) This playbook can install the [cinny](https://github.com/ajbura/cinny) Matrix web client for you. -Cinny is a web client focusing primarily on simple, elegant and secure interface. -Cinny can be installed alongside or instead of Element. + +Cinny is a web client focusing primarily on simple, elegant and secure interface. It can be installed alongside or instead of Element. ## DNS -You need to add a `cinny.example.com` DNS record so that Cinny can be accessed. -By default Cinny will use https://cinny.example.com so you will need to create an CNAME record -for `cinny`. See [Configuring DNS](configuring-dns.md). +You need to add a DNS record so that Cinny can be accessed. + +By default Cinny will use https://cinny.example.com so you will need to create an CNAME record for `cinny`. See [Configuring DNS](configuring-dns.md). If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (changing it to use your preferred domain): diff --git a/docs/configuring-playbook-client-hydrogen.md b/docs/configuring-playbook-client-hydrogen.md index 2099299d5..94775eaae 100644 --- a/docs/configuring-playbook-client-hydrogen.md +++ b/docs/configuring-playbook-client-hydrogen.md @@ -1,14 +1,14 @@ # Configuring Hydrogen (optional) This playbook can install the [Hydrogen](https://github.com/element-hq/hydrogen-web) Matrix web client for you. -Hydrogen is a lightweight web client that supports mobile and legacy web browsers. -Hydrogen can be installed alongside or instead of Element. + +Hydrogen is a lightweight web client that supports mobile and legacy web browsers. It can be installed alongside or instead of Element. ## DNS -You need to add a `hydrogen.example.com` DNS record so that Hydrogen can be accessed. -By default Hydrogen will use https://hydrogen.example.com so you will need to create an CNAME record -for `hydrogen`. See [Configuring DNS](configuring-dns.md). +You need to add a DNS record so that Hydrogen can be accessed. + +By default Hydrogen will use https://hydrogen.example.com so you will need to create an CNAME record for `hydrogen`. See [Configuring DNS](configuring-dns.md). If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (changing it to use your preferred domain): diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat.md index 2a4a085f9..251a28933 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat.md @@ -1,16 +1,16 @@ # Configuring SchildiChat (optional) This playbook can install the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) Matrix web client for you. -SchildiChat is a feature-rich messenger for Matrix based on Element with some extras and tweaks. -SchildiChat can be installed alongside or instead of Element. + +SchildiChat is a feature-rich messenger for Matrix based on Element with some extras and tweaks. It can be installed alongside or instead of Element. **WARNING**: SchildiChat Web is based on Element-web, but its releases are lagging behind. As an example (from 2024-02-26), SchildiChat Web is 22 releases behind (it being based on element-web `v1.11.36`, while element-web is now on `v1.11.58`). Element-web frequently suffers from security issues, so running something based on an ancient Element-web release is **dangerous**. Use SchildiChat Web at your own risk! ## DNS -You need to add a `schildichat.example.com` DNS record so that SchildiChat can be accessed. -By default SchildiChat will use https://schildichat.example.com so you will need to create an CNAME record -for `schildichat`. See [Configuring DNS](configuring-dns.md). +You need to add a DNS record so that SchildiChat can be accessed. + +By default SchildiChat will use https://schildichat.example.com so you will need to create an CNAME record for `schildichat`. See [Configuring DNS](configuring-dns.md). If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (changing it to use your preferred domain): From f91b716af301a405e015760ed77e31ee55002a7e Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 19 Oct 2024 12:28:03 +0300 Subject: [PATCH 125/404] Minor improvements to configuring-playbook-email.md --- docs/configuring-playbook-email.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-email.md b/docs/configuring-playbook-email.md index d0a18da15..087e08e79 100644 --- a/docs/configuring-playbook-email.md +++ b/docs/configuring-playbook-email.md @@ -7,7 +7,9 @@ This may or may not work, depending on your domain configuration (SPF settings, By default, emails are sent from `matrix@matrix.example.com`, as specified by the `exim_relay_sender_address` playbook variable. -**Note**: If you are using a Google Cloud instance, [port 25 is always blocked](https://cloud.google.com/compute/docs/tutorials/sending-mail/), so you need to relay email through another SMTP server as described below. +⚠ **Warning**: On some cloud providers (Google Cloud, etc.), [port 25 is always blocked](https://cloud.google.com/compute/docs/tutorials/sending-mail/), so sending email directly from your server is not possible. You will need to [relay email through another SMTP server](#relaying-email-through-another-smtp-server). + +💡 To improve deliverability, we recommend [relaying email through another SMTP server](#relaying-email-through-another-smtp-server) anyway. ## Firewall settings From 015ad80e62e818070503dd58ac03114423baff2f Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 17 Oct 2024 20:46:53 +0900 Subject: [PATCH 126/404] Update docs/configuring-playbook-cactus-comments.md: use the common expression for configuration Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-cactus-comments.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index 8f18b1a84..30be3b54b 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -17,7 +17,7 @@ You can enable whichever component you need (typically both). ## Configuration -Add the following block to your `vars.yaml` and make sure to exchange the tokens to randomly generated values. +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: ```yaml ################# From 95f541b86ccced3b21d8ac42ed3816785f89dd0c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 19:19:22 +0900 Subject: [PATCH 127/404] Update docs/configuring-playbook-cactus-comments.md: add a section for embedding Cactus Comments Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-cactus-comments.md | 35 ++++++++++++++------ 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index 30be3b54b..b39df5758 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -4,8 +4,7 @@ The playbook can install and configure the [Cactus Comments](https://cactus.chat Cactus Comments is a **federated comment system** built on Matrix. It respects your privacy, and puts you in control. -See the project's [documentation](https://cactus.chat/docs/getting-started/introduction/) to learn what it -does and why it might be useful to you. +See the project's [documentation](https://cactus.chat/docs/getting-started/introduction/) to learn what it does and why it might be useful to you. The playbook contains 2 roles for configuring different pieces of the Cactus Comments system: @@ -54,25 +53,41 @@ Upon starting Cactus Comments, a `bot.cactusbot` user account is created automat To get started, send a `help` message to the `@bot.cactusbot:example.com` bot to confirm it's working. -Then, register a site by typing: `register `. You will then be invited into a moderation room. +Then, register a site by sending `register ` (where `` is a unique identifier you choose. It does not have to match your domain). You will then be invited into a moderation room. -Now you are good to go and can include the comment section on your website! +Now you are good to go and can embed the comment section on your website! -**Careful**: To really make use of self-hosting you need change a few things in comparison to the official docs! +## Embed Cactus Comments -Insert the following snippet into you page and make sure to replace `example.com` with your base domain! +The official [documentation](https://cactus.chat/docs/getting-started/quick-start/) provides a useful guide to embed Cactus Comments on your website. + +After including the JavaScript and CSS asset files, insert a `
` where you'd like to display the comment section: + +````html +
+```` + +Then, you need to initialize the comment section. Make sure to replace `example.com` with your base domain and `` with the one that has been registered above: ```html - - -
``` + +### Adjust the domain name for self-hosting + +To have the assets served from your homeserver (not from `cactus.chat`), you need to adjust the domain name on the official documentation. + +Make sure to replace `example.com` with your base domain before you include the following lines, instead of the one provided by the official documentation: + +```html + + +``` From c1cffe70ed5afadb55d0861ef6de8a7c046c9313 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 20:22:13 +0900 Subject: [PATCH 128/404] Update docs/configuring-playbook-cactus-comments.md: fix the example domain Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-cactus-comments.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index b39df5758..d808d3e6e 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -16,7 +16,7 @@ You can enable whichever component you need (typically both). ## Configuration -Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml ################# From 8f1652478959493c1cc4cda7b1359b9bc2cd3283 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 19 Oct 2024 14:31:14 +0300 Subject: [PATCH 129/404] Add support for Matrix Authentication Service Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3108 Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3562 --- CHANGELOG.md | 13 + ...-playbook-matrix-authentication-service.md | 394 ++++++++++++ docs/configuring-playbook-synapse-admin.md | 2 + docs/configuring-playbook-synapse.md | 2 + docs/configuring-playbook.md | 2 + docs/registering-users.md | 68 +- group_vars/matrix_servers | 128 ++++ .../defaults/main.yml | 596 ++++++++++++++++++ .../tasks/install.yml | 103 +++ .../tasks/main.yml | 38 ++ .../tasks/mas_cli_doctor.yml | 32 + .../tasks/register_user.yml | 34 + .../tasks/syn2mas.yml | 137 ++++ .../tasks/uninstall.yml | 25 + .../tasks/util/prepare_key.yml | 10 + .../tasks/validate_config.yml | 31 + .../templates/bin/mas-cli.j2 | 16 + .../templates/bin/register-user.j2 | 17 + .../templates/config.yaml.j2 | 82 +++ .../templates/env.j2 | 1 + .../templates/labels.j2 | 134 ++++ .../provider/anthropic-config.yml.j2 | 13 + .../templates/provider/groq-config.yml.j2 | 18 + .../templates/provider/mistral-config.yml.j2 | 13 + .../templates/provider/openai-config.yml.j2 | 33 + .../matrix-authentication-service.service.j2 | 49 ++ .../vars/main.yml | 6 + .../matrix-static-files/defaults/main.yml | 7 + .../tasks/validate_config.yml | 5 +- .../public/.well-known/matrix/client.j2 | 6 + roles/custom/matrix-synapse/defaults/main.yml | 60 ++ roles/custom/matrix-synapse/tasks/main.yml | 2 +- .../matrix-synapse/tasks/validate_config.yml | 23 +- .../templates/synapse/bin/register-user.j2 | 6 + .../templates/synapse/homeserver.yaml.j2 | 12 + .../matrix-user-creator/tasks/setup.yml | 60 +- ...gistered_matrix_authentication_service.yml | 19 + setup.yml | 1 + 38 files changed, 2170 insertions(+), 28 deletions(-) create mode 100644 docs/configuring-playbook-matrix-authentication-service.md create mode 100644 roles/custom/matrix-authentication-service/defaults/main.yml create mode 100644 roles/custom/matrix-authentication-service/tasks/install.yml create mode 100644 roles/custom/matrix-authentication-service/tasks/main.yml create mode 100644 roles/custom/matrix-authentication-service/tasks/mas_cli_doctor.yml create mode 100644 roles/custom/matrix-authentication-service/tasks/register_user.yml create mode 100644 roles/custom/matrix-authentication-service/tasks/syn2mas.yml create mode 100644 roles/custom/matrix-authentication-service/tasks/uninstall.yml create mode 100644 roles/custom/matrix-authentication-service/tasks/util/prepare_key.yml create mode 100644 roles/custom/matrix-authentication-service/tasks/validate_config.yml create mode 100644 roles/custom/matrix-authentication-service/templates/bin/mas-cli.j2 create mode 100644 roles/custom/matrix-authentication-service/templates/bin/register-user.j2 create mode 100644 roles/custom/matrix-authentication-service/templates/config.yaml.j2 create mode 100644 roles/custom/matrix-authentication-service/templates/env.j2 create mode 100644 roles/custom/matrix-authentication-service/templates/labels.j2 create mode 100644 roles/custom/matrix-authentication-service/templates/provider/anthropic-config.yml.j2 create mode 100644 roles/custom/matrix-authentication-service/templates/provider/groq-config.yml.j2 create mode 100644 roles/custom/matrix-authentication-service/templates/provider/mistral-config.yml.j2 create mode 100644 roles/custom/matrix-authentication-service/templates/provider/openai-config.yml.j2 create mode 100644 roles/custom/matrix-authentication-service/templates/systemd/matrix-authentication-service.service.j2 create mode 100644 roles/custom/matrix-authentication-service/vars/main.yml create mode 100644 roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_matrix_authentication_service.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index 4805544b7..5bdaa83be 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,16 @@ +# 2024-10-19 + +## Support for Matrix Authentication Service + +The playbook now supports installing and configuring [Matrix Authentication Service](./docs/matrix-authentication-service.md) (MAS). + +Huge thanks to [Quentin Gliech](https://github.com/sandhose) from the [Element](https://element.io/) / [Matrix Authentication Service](https://github.com/element-hq/matrix-authentication-service) team for answering our numerous questions about MAS. + +This is an **experimental service** and there are **still certain issues with it** (see [Expectations](./docs/configuring-playbook-matrix-authentication-service.md#expectations)). Matrix server administrators should only consider switching if they identify with one or more [reasons to use Matrix Authentication Service](./docs/configuring-playbook-matrix-authentication-service.md#reasons-to-use-matrix-authentication-service). As MAS adoption improves and more services are adjusted to support it, we expect that using MAS will become the norm. + +Our [Setting up Matrix Authentication Service](./docs/configuring-playbook-matrix-authentication-service.md) documentation page has more details about this new service, what you might expect from the switch and how you can migrate your existing (Synapse) homeserver setup to MAS. + + # 2024-09-27 ## (BC Break) Postgres & Traefik roles have been relocated and variable names need adjustments diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md new file mode 100644 index 000000000..9fd2620a1 --- /dev/null +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -0,0 +1,394 @@ +# Matrix Authentication Service (MAS) + +This playbook can install and configure [Matrix Authentication Service](https://github.com/element-hq/matrix-authentication-service/) (MAS) - a service operating alongside your existing [Synapse](./configuring-playbook-synapse.md) homeserver and providing [better authentication, session management and permissions in Matrix](https://matrix.org/blog/2023/09/better-auth/). + +Matrix Authentication Service is an implementation of [MSC3861: Next-generation auth for Matrix, based on OAuth 2.0/OIDC](https://github.com/matrix-org/matrix-spec-proposals/pull/3861) and still work in progress, tracked at the [areweoidcyet.com](https://areweoidcyet.com/) website. + +**Before going through with starting to use Matrix Authentication Service**, make sure to read: + +- the [Reasons to use Matrix Authentication Service](#reasons-to-use-matrix-authentication-service) section below +- the [Expectations](#expectations) section below +- the [FAQ section on areweoidcyet.com](https://areweoidcyet.com/#faqs) + +**If you've already been using Synapse** and have user accounts in its database, you can [migrate to Matrix Authentication Service](#migrating-an-existing-homeserver-to-matrix-authentication-service). + + +## Reasons to use Matrix Authentication Service + +You may be wondering whether you should make the switch to Matrix Authentication Service (MAS) or keep using your existing authentication flow via Synapse (password-based or [OIDC](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on)-enabled). + +Matrix Authentication Service is **still an experimental service** and **not a default** for this Ansible playbook. + +The [Expectations](#expectations) section contains a list of what works and what doesn't (**some services don't work with MAS yet**), as well as the **relative irreversability** of the migration process. + +Below, we'll try to **highlight some potential reasons for switching** to Matrix Authentication Service: + +- To use SSO in [Element X](https://element.io/blog/element-x-ignition/). The old [Synapse OIDC](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on) login flow is only supported in old Element clients and will not be supported in Element X. Element X will only support the new SSO-based login flow provided by MAS, so if you want to use SSO with Element X, you will need to switch to MAS. + +- To help drive adoption of the "Next-generation auth for Matrix" by switching to what's ultimately coming anyway + +- To help discover (and potentially fix) MAS integration issues with this Ansible playbook + +- To help discover (and potentially fix) MAS integration issues with various other Matrix components (bridges, bots, clients, etc.) + +- To reap some of the security benefits that Matrix Authentication Service offers, as outlined in the [Better authentication, session management and permissions in Matrix](https://matrix.org/blog/2023/09/better-auth/) article. + + +## Prerequisites + +- ⚠ the [Synapse](configuring-playbook-synapse.md) homeserver implementation (which is the default for this playbook). Other homeserver implementations ([Dendrite](./configuring-playbook-dendrite.md), [Conduit](./configuring-playbook-conduit.md), etc.) do not support integrating wtih Matrix Authentication Service yet. + +- ⚠ **email sending** configured (see [Adjusting email-sending settings](./configuring-playbook-email.md)), because **Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user** going through the new SSO-based login flow. It's also possible to [work around email deliverability issues](#working-around-email-deliverability-issues) if your email configuration is not working. + +- ❌ **disabling all password providers** for Synapse (things like [shared-secret-auth](./configuring-playbook-shared-secret-auth.md), [rest-auth](./configuring-playbook-rest-auth.md), [LDAP auth](./configuring-playbook-ldap-auth.md), etc.) More details about this are available in the [Expectations](#expectations) section below. + + +## Expectations + +This section details what you can expect when switching to the Matrix Authentication Service (MAS). + +- ❌ **Synapse password providers will need to be disabled**. You can no longer use [shared-secret-auth](./configuring-playbook-shared-secret-auth.md), [rest-auth](./configuring-playbook-rest-auth.md), [LDAP auth](./configuring-playbook-ldap-auth.md), etc. When the authentication flow is handled by MAS (not by Synapse anymore), it doesn't make sense to extend the Synapse authentication flow with additional modules. Many bridges used to rely on shared-secret-auth for doing double-puppeting (impersonating other users), but most (at least the mautrix bridges) nowadays use [Appservice Double Puppet](./configuring-playbook-appservice-double-puppet.md) as a better alternative. Older/maintained bridges may still rely on shared-secret-auth, as do other services like [matrix-corporal](./configuring-playbook-matrix-corporal.md). + +- ❌ Certain **tools like [synapse-admin](./configuring-playbook-synapse-admin.md) do not have full compatibility with MAS yet**. synapse-admin already supports [login with access token](https://github.com/etkecc/synapse-admin/pull/58), browsing users (which Synapse will internally fetch from MAS) and updating user avatars. However, editing users (passwords, etc.) now needs to happen directly against MAS using the [MAS Admin API](https://element-hq.github.io/matrix-authentication-service/api/index.html), which synapse-admin cannot interact with yet. + +- ❌ **Some services** (e.g. [Postmoogle](./configuring-playbook-bot-postmoogle.md), but possibly others - the list is yet to be determined) appear to **experience issues when authenticating via MAS**. We're still investigating what breaks and why. + +- ⚠ **You will need to have email sending configured** (see [Adjusting email-sending settings](./configuring-playbook-email.md)), because **Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user** going through the new SSO-based login flow. It's also possible to [work around email deliverability issues](#working-around-email-deliverability-issues) if your email configuration is not working. + +- ⚠ **Migrating an existing homeserver to MAS is possible**, but requires **some playbook-assisted manual work** as described in the [Migrating an existing homeserver to Matrix Authentication Service](#migrating-an-existing-homeserver-to-matrix-authentication-service) section below. **Migration is reversible with no or minor issues if done quickly enough**, but as users start logging in (creating new login sessions) via the new MAS setup, disabling MAS and reverting back to the Synapse user database will cause these new sessions to break. + +- ⚠ Delegating user authentication to MAS causes **your Synapse server to be completely dependant on one more service** for its operations. MAS is quick & lightweight and should be stable enough already, but this is something to keep in mind when making the switch. + +- ⚠ If you've got [OIDC configured in Synapse](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on), you will need to migrate your OIDC configuration to MAS by adding an [Upstream OAuth2 configuration](#upstream-oauth2-configuration). + +- ⚠ A [compatibility layer](https://element-hq.github.io/matrix-authentication-service/setup/homeserver.html#set-up-the-compatibility-layer) is installed - all `/_matrix/client/*/login` (etc.) requests will be routed to MAS instead of going to the homeserver. This is done both publicly (e.g. `https://matrix.example.com/_matrix/client/*/login`) and on the internal Traefik entrypoint (e.g. `https://matrix-traefik:8008/_matrix/client/*/login`) which helps addon services reach the homeserver's Client-Server API. You typically don't need to do anything to make this work, but it's good to be aware of it, especially if you have a [custom webserver setup](./configuring-playbook-own-webserver.md). + +- ✅ Your **existing login sessions will continue to work** (you won't get logged out). Migration will require a bit of manual work and minutes of downtime, but it's not too bad. + +- ✅ Various clients ([Cinny](./configuring-playbook-client-cinny.md), [Element-web](./configuring-playbook-client-element.md), Element X, FluffyChat) will be able to use the **new SSO-based login flow** provided by Matrix Authentication Service + +- ✅ The **old login flow** (called `m.login.password`) **will still continue to work**, so clients (old Element, etc.) and bridges/bots that don't support the new OIDC-based login flow will still work. Going through the old login flow does not require users to have a verified email address, as [is the case](https://github.com/element-hq/matrix-authentication-service/issues/1505) for the new SSO-based login flow. + +- ✅ [Registering users](./registering-users.md) via **the playbook's `register-user` tag remains unchanged**. The playbook automatically does the right thing regardless of homeserver implementation (Synapse, Dendrite, etc.) and whether MAS is enabled or not. When MAS is enabled, the playbook will forward user-registration requests to MAS. Registering users via the command-line is no longer done via the `/matrix/synapse/bin/register` script, but via `/matrix/matrix-authentication-service/bin/register-user`. + +- ✅ Users that are prepared by the playbook (for bots, bridges, etc.) will continue to be registered automatically as expected. The playbook automatically does the right thing regardless of homeserver implementation (Synapse, Dendrite, etc.) and whether MAS is enabled or not. When MAS is enabled, the playbook will forward user-registration requests to MAS. + + + +## Installation flows + +### New homeserver + +For new homeservers (which don't have any users in their Synapse database yet), follow the [Adjusting the playbook configuration](#adjusting-the-playbook-configuration) instructions and then proceed with [Installing](#installing). + +### Existing homeserver + +Other homeserver implementations ([Dendrite](./configuring-playbook-dendrite.md), [Conduit](./configuring-playbook-conduit.md), etc.) do not support integrating wtih Matrix Authentication Service yet. + +For existing Synapse homeservers: + +- when following the [Adjusting the playbook configuration](#adjusting-the-playbook-configuration) instructions, make sure to **disable the integration between Synapse and MAS** by **uncommenting** the `matrix_authentication_service_migration_in_progress: true` line as described in the [Marking an existing homeserver for migration](#marking-an-existing-homeserver-for-migration) section below. + +- then follow the [Migrating an existing homeserver to Matrix Authentication Service](#migrating-an-existing-homeserver-to-matrix-authentication-service) instructions to perform the installation and migration + + +## Adjusting the playbook configuration + +Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +matrix_authentication_service_enabled: true + +# Generate this encryption secret with: `openssl rand -hex 32` +matrix_authentication_service_config_secrets_encryption: '' + +# When migrating an existing homeserver to Matrix Authentication Service, uncomment the line below. +# Learn more about the migration process in the "Marking an existing homeserver for migration" section below. +# For brand-new installations which start directly on MAS, this line can be removed. +# matrix_authentication_service_migration_in_progress: true +``` + +In the sub-sections that follow, we'll cover some additional configuration options that you may wish to adjust. + +There are many other configuration options available. Consult the [`defaults/main.yml` file](../roles/custom/matrix-authentication-service/defaults/main.yml) in the [matrix-authentication-service role](../roles/custom/matrix-authentication-service/) to discover them. + + +### Adjusting the Matrix Authentication Service URL + +By default, this playbook installs the Matrix Authentication Service on the `matrix.` subdomain, at the `/auth` path (e.g. https://matrix.example.com/auth). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. + +By tweaking the `matrix_authentication_service_hostname` and `matrix_authentication_service_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname and path prefix +matrix_authentication_service_hostname: auth.example.com +matrix_authentication_service_path_prefix: / +``` + +### Marking an existing homeserver for migration + +The [configuration above](#adjusting-the-playbook-configuration) instructs existing users wishing to migrate to add `matrix_authentication_service_migration_in_progress: true` to their configuration. + +This is done temporarily. The migration steps are described in more detail in the [Migrating an existing homeserver to Matrix Authentication Service](#migrating-an-existing-homeserver-to-matrix-authentication-service) section below. + + +### Upstream OAuth2 configuration + +To make Matrix Authentication Service delegate to an existing upstream OAuth 2.0/OIDC provider, you can use its [`upstream_oauth2.providers` setting](https://element-hq.github.io/matrix-authentication-service/reference/configuration.html#upstream_oauth2providers). + +The playbook exposes a `matrix_authentication_service_config_upstream_oauth2_providers` variable for controlling this setting. + +
+Click to expand the example configuration: + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +matrix_authentication_service_config_upstream_oauth2_providers: + - # A unique identifier for the provider + # Must be a valid ULID + id: 01HFVBY12TMNTYTBV8W921M5FA + # The issuer URL, which will be used to discover the provider's configuration. + # If discovery is enabled, this *must* exactly match the `issuer` field + # advertised in `/.well-known/openid-configuration`. + issuer: https://example.com/ + # A human-readable name for the provider, + # which will be displayed on the login page + #human_name: Example + # A brand identifier for the provider, which will be used to display a logo + # on the login page. Values supported by the default template are: + # - `apple` + # - `google` + # - `facebook` + # - `github` + # - `gitlab` + # - `twitter` + #brand_name: google + # The client ID to use to authenticate to the provider + client_id: mas-fb3f0c09c4c23de4 + # The client secret to use to authenticate to the provider + # This is only used by the `client_secret_post`, `client_secret_basic` + # and `client_secret_jwk` authentication methods + #client_secret: f4f6bb68a0269264877e9cb23b1856ab + # Which authentication method to use to authenticate to the provider + # Supported methods are: + # - `none` + # - `client_secret_basic` + # - `client_secret_post` + # - `client_secret_jwt` + # - `private_key_jwt` (using the keys defined in the `secrets.keys` section) + token_endpoint_auth_method: client_secret_post + # Which signing algorithm to use to sign the authentication request when using + # the `private_key_jwt` or the `client_secret_jwt` authentication methods + #token_endpoint_auth_signing_alg: RS256 + # The scopes to request from the provider + # In most cases, it should always include `openid` scope + scope: "openid email profile" + # How the provider configuration and endpoints should be discovered + # Possible values are: + # - `oidc`: discover the provider through OIDC discovery, + # with strict metadata validation (default) + # - `insecure`: discover through OIDC discovery, but skip metadata validation + # - `disabled`: don't discover the provider and use the endpoints below + #discovery_mode: oidc + # Whether PKCE should be used during the authorization code flow. + # Possible values are: + # - `auto`: use PKCE if the provider supports it (default) + # Determined through discovery, and disabled if discovery is disabled + # - `always`: always use PKCE (with the S256 method) + # - `never`: never use PKCE + #pkce_method: auto + # The provider authorization endpoint + # This takes precedence over the discovery mechanism + #authorization_endpoint: https://example.com/oauth2/authorize + # The provider token endpoint + # This takes precedence over the discovery mechanism + #token_endpoint: https://example.com/oauth2/token + # The provider JWKS URI + # This takes precedence over the discovery mechanism + #jwks_uri: https://example.com/oauth2/keys + # How user attributes should be mapped + # + # Most of those attributes have two main properties: + # - `action`: what to do with the attribute. Possible values are: + # - `ignore`: ignore the attribute + # - `suggest`: suggest the attribute to the user, but let them opt out + # - `force`: always import the attribute, and don't fail if it's missing + # - `require`: always import the attribute, and fail if it's missing + # - `template`: a Jinja2 template used to generate the value. In this template, + # the `user` variable is available, which contains the user's attributes + # retrieved from the `id_token` given by the upstream provider. + # + # Each attribute has a default template which follows the well-known OIDC claims. + # + claims_imports: + # The subject is an internal identifier used to link the + # user's provider identity to local accounts. + # By default it uses the `sub` claim as per the OIDC spec, + # which should fit most use cases. + subject: + #template: "{{ user.sub }}" + # The localpart is the local part of the user's Matrix ID. + # For example, on the `example.com` server, if the localpart is `alice`, + # the user's Matrix ID will be `@alice:example.com`. + localpart: + #action: force + #template: "{{ user.preferred_username }}" + # The display name is the user's display name. + displayname: + #action: suggest + #template: "{{ user.name }}" + # An email address to import. + email: + #action: suggest + #template: "{{ user.email }}" + # Whether the email address must be marked as verified. + # Possible values are: + # - `import`: mark the email address as verified if the upstream provider + # has marked it as verified, using the `email_verified` claim. + # This is the default. + # - `always`: mark the email address as verified + # - `never`: mark the email address as not verified + #set_email_verification: import +``` +
+ +💡 Refer to the [`upstream_oauth2.providers` setting](https://element-hq.github.io/matrix-authentication-service/reference/configuration.html#upstream_oauth2providers) for the most up-to-date schema and example for providers. The value shown above here may be out of date. + +⚠ The syntax for existing [OIDC providers configured in Synapse](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on) is slightly different, so you will need to adjust your configuration when switching from Synapse OIDC to MAS upstream OAuth2. + + +## Installing + +Now that you've [adjusted the playbook configuration](#adjusting-the-playbook-configuration), you can run the [installation](installing.md) command: `just install-all` + +If you're in the process of migrating an existing Synapse homeserver to MAS, you should now follow the rest of the steps in the [Migrating an existing homeserver to Matrix Authentication Service](#migrating-an-existing-homeserver-to-matrix-authentication-service) guide. + +💡 After installation, you should [verify that Matrix Authentication Service is installed correctly](#verify-that-matrix-authentication-service-is-installed-correctly). + + +## Migrating an existing Synapse homeserver to Matrix Authentication Service + +Our migration guide is loosely based on the upstream [Migrating an existing homeserver](https://element-hq.github.io/matrix-authentication-service/setup/migration.html) guide. + +Migration is done via a tool called `syn2mas`, which the playbook could run for you (in a container). + +The installation + migration steps are like this: + +1. [Adjust your configuration](#adjusting-the-playbook-configuration) to **disable the integration between the homeserver and MAS**. This is done by **uncommenting** the `matrix_authentication_service_migration_in_progress: true` line. + +2. Perform the initial [installation](#installing). At this point: + + - Matrix Authentication Service will be installed. Its database will be empty, so it cannot validate existing access tokens or authentication users yet. + + - The homeserver will still continue to use its local database for validating existing access tokens. + + - Various [compatibility layer URLs](https://element-hq.github.io/matrix-authentication-service/setup/homeserver.html#set-up-the-compatibility-layer) are not yet installed. New login sessions will still be forwarded to the homeserver, which is capable of completing them. + +3. Consider taking a full [backup of your Postgres database](./maintenance-postgres.md#backing-up-postgresql). This is done just in case. The **syn2mas migration tool does not delete any data**, so it should be possible to revert to your previous setup by merely disabling MAS and re-running the playbook (no need to restore a Postgres backup). However, do note that as users start logging in (creating new login sessions) via the new MAS setup, disabling MAS and reverting back to the Synapse user database will cause these new sessions to break. + +4. [Migrate your data from Synapse to Matrix Authentication Service using syn2mas](#migrate-your-data-from-synapse-to-matrix-authentication-service-using-syn2mas) + +5. [Adjust your configuration](#adjusting-the-playbook-configuration) again, removing the `matrix_authentication_service_migration_in_progress: false` line + +5. Perform the [installation](#installing) again. At this point: + + - The homeserver will start delegating authentication to MAS. + + - The compatibility layer URLs will be installed. New login sessions will be completed by MAS. + +6. [Verify that Matrix Authentication Service is installed correctly](#verify-that-matrix-authentication-service-is-installed-correctly) + + +### Migrate your data from Synapse to Matrix Authentication Service using syn2mas + +We **don't** ask you to [run the `syn2mas` migration advisor command](https://element-hq.github.io/matrix-authentication-service/setup/migration.html#run-the-migration-advisor), because it only gives you the green light if your Synapse configuration (`homeserver.yaml`) is configured in a way that's compatible with MAS (delegating authentication to MAS; disabling Synapse's password config; etc.). Until we migrate your data with the `syn2mas` tool, we intentionally avoid doing these changes to allow existing user sessions to work. + +You can invoke the `syn2mas` tool via the playbook by running the playbook's `matrix-authentication-service-syn2mas` tag. We recommend first doing a [dry-run](#performing-a-syn2mas-dry-run) and then a [real migration](#performing-a-real-syn2mas-migration). + +#### Performing a syn2mas dry-run + +We recommend doing a [dry-run](https://en.wikipedia.org/wiki/Dry_run_(testing)) first to verify that everything will work out as expected. + +A dry-run would not cause downtime, because it avoids stopping Synapse. + +To perform a dry-run, run: + +```sh +just run-tags matrix-authentication-service-syn2mas -e matrix_authentication_service_syn2mas_dry_run=true +``` + +Observe the command output (especially the last line of the the syn2mas output). If you are confident that the migration will work out as expected, you can proceed with a [real migration](#performing-a-real-syn2mas-migration). + +#### Performing a real syn2mas migration + +Before performing a real migration: + +- make sure you've familiarized yourself with the [expectations](#expectations) + +- make sure you've performed a Postgres backup, just in case + +- make sure you're aware of the irreversibility of the migration process without disruption after users have created new login sessions via the new MAS setup + +To perform a real migration, run the `matrix-authentication-service-syn2mas` tag **without** the `matrix_authentication_service_syn2mas_dry_run` variable: + +```sh +just run-tags matrix-authentication-service-syn2mas +``` + +Having performed a `syn2mas` migration once, trying to do it again will report errors for users that were already migrated (e.g. "Error: Unknown upstream provider oauth-delegated"). + + +## Verify that Matrix Authentication Service is installed correctly + +After [installation](#installing), run the `doctor` subcommand of the [`mas-cli` command-line tool](https://element-hq.github.io/matrix-authentication-service/reference/cli/index.html) to verify that MAS is installed correctly. + +You can do it: + +- either via the Ansible playbook's `matrix-authentication-service-mas-cli-doctor` tag: `just run-tags matrix-authentication-service-mas-cli-doctor` + +- or by running the `mas-cli` script on the server (which invokes the `mas-cli` tool inside a container): `/matrix/matrix-authentication-service/bin/mas-cli doctor` + +If successful, you should see some output that looks like this: + +``` +💡 Running diagnostics, make sure that both MAS and Synapse are running, and that MAS is using the same configuration files as this tool. +✅ Matrix client well-known at "https://example.com/.well-known/matrix/client" is valid +✅ Homeserver is reachable at "http://matrix-synapse:8008/_matrix/client/versions" +✅ Homeserver at "http://matrix-synapse:8008/_matrix/client/v3/account/whoami" is reachable, and it correctly rejected an invalid token. +✅ The Synapse admin API is reachable at "http://matrix-synapse:8008/_synapse/admin/v1/server_version". +✅ The Synapse admin API is reachable with authentication at "http://matrix-synapse:8008/_synapse/admin/v1/background_updates/status". +✅ The legacy login API at "https://matrix.example.com/_matrix/client/v3/login" is reachable and is handled by MAS. +``` + +## Management + +You can use the [`mas-cli` command-line tool](https://element-hq.github.io/matrix-authentication-service/reference/cli/index.html) (exposed via the `/matrix/matrix-authentication-service/bin/mas-cli` script) to perform administrative tasks against MAS. + +This documentation page already mentions: + +- the `mas-cli doctor` sub-command in the [Verify that Matrix Authentication Service is installed correctly](#verify-that-matrix-authentication-service-is-installed-correctly) section, which you can run via the CLI and via the Ansible playbook's `matrix-authentication-service-mas-cli-doctor` tag + +- the `mas-cli manage register-user` sub-command in the [Registering users](./registering-users.md) documentation + +There are other sub-commands available. Run `/matrix/matrix-authentication-service/bin/mas-cli` to get an overview. + + +## User registration + +After Matrix Authentication Service is [installed](#installing), users need to be managed there (unless you're managing them in an [upstream OAuth2 provider](#upstream-oauth2-configuration)). + +You can register users new users as described in the [Registering users](./registering-users.md) documentation (via `mas-cli manage register-user` or the Ansible playbook's `register-user` tag). + + +## Working around email deliverability issues + +Because Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user, you may need to work around email deliverability issues if [your email-sending configuration](./configuring-playbook-email.md) is not working. + +Matrix Authentication Service attempts to verify email addresses by sending a verification email to the address specified by the user whenever they log in to an account without a verified email address. + +If email delivery is not working, **you can retrieve the email configuration code from the Matrix Authentication Service's logs** (`journalctl -fu matrix-authentication-service`). + +Alternatively, you can use the [`mas-cli` management tool](#management) to manually verify email addresses for users. Example: `/matrix/matrix-authentication-service/bin/mas-cli manage verify-email some.username email@example.com` diff --git a/docs/configuring-playbook-synapse-admin.md b/docs/configuring-playbook-synapse-admin.md index d62423a31..2482f83bb 100644 --- a/docs/configuring-playbook-synapse-admin.md +++ b/docs/configuring-playbook-synapse-admin.md @@ -22,6 +22,8 @@ matrix_synapse_admin_enabled: true By default, synapse-admin installation will be [restricted to only work with one homeserver](https://github.com/etkecc/synapse-admin/blob/e21e44362c879ac41f47c580b04210842b6ff3d7/README.md#restricting-available-homeserver) - the one managed by the playbook. To adjust these restrictions, tweak the `matrix_synapse_admin_config_restrictBaseUrl` variable. +⚠ **Warning**: If you're using [Matrix Authentication Service](./configuring-playbook-matrix-authentication-service.md) (MAS) for authentication, you will be able to [log into synapse-admin with an access token](https://github.com/etkecc/synapse-admin/pull/58), but certain synapse-admin features (especially those around user management) will be limited or not work at all. + ## Installing diff --git a/docs/configuring-playbook-synapse.md b/docs/configuring-playbook-synapse.md index e0e04cf07..b70468c66 100644 --- a/docs/configuring-playbook-synapse.md +++ b/docs/configuring-playbook-synapse.md @@ -88,6 +88,8 @@ Certain Synapse administration tasks (managing users and rooms, etc.) can be per ## Synapse + OpenID Connect for Single-Sign-On +💡 An alternative to setting up OIDC in Synapse is to use [Matrix Authentication Service](./configuring-playbook-matrix-authentication-service.md) (MAS). Newer clients (like Element X) only support SSO-based authentication via MAS and not via the legacy Synapse OIDC setup described below. That said, MAS is still a new experimental service which comes with its own downsides. Consult its documentation to learn if it will be a good fit for your deployment. + If you'd like to use OpenID Connect authentication with Synapse, you'll need some additional configuration. This example configuration is for [keycloak](https://www.keycloak.org/), an opensource Identity Provider maintained by Red Hat. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index d2db51739..6a4874177 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -90,6 +90,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Authentication and user-related +- [Setting up Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md) (Next-generation auth for Matrix, based on OAuth 2.0/OIDC) (optional) + - [Setting up Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) (optional) - [Setting up an ma1sd Identity Server](configuring-playbook-ma1sd.md) (optional) diff --git a/docs/registering-users.md b/docs/registering-users.md index 75863e26b..67f7b33f4 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -14,7 +14,15 @@ Table of contents: ## Registering users manually -You can do it via this Ansible playbook (make sure to edit the `` and `` part below): +**Note**: in the commands below, `` is just a plain username (like `john`), not your full `@:example.com` identifier. + +After registering a user (using one of the methods below), **you can log in with that user** via the [Element](configuring-playbook-client-element.md) service that this playbook has installed for you at a URL like this: `https://element.example.com/`. + +### Registering users via the Ansible playbook + +It's best to register users via the Ansible playbook, because it works regardless of homeserver implementation (Synapse, Dendrite, etc) or usage of [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md) (MAS). + +To register a user via this Ansible playbook (make sure to edit the `` and `` part below): ```sh just register-user @@ -26,27 +34,63 @@ just register-user ```sh ansible-playbook -i inventory/hosts setup.yml --extra-vars='username= password= admin=' --tags=register-user + +# Example: `ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=john password=secret-password admin=yes' --tags=register-user` ``` -**or** using the command-line after **SSH**-ing to your server (requires that [all services have been started](#starting-the-services)): +⚠ **Warning**: If you're registering users against Matrix Authentication Service, do note that it [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information. + +### Registering users manually for Synapse + +If you're using the [Synapse](configuring-playbook-synapse.md) homeserver implementation (which is the default), you can register users via the command-line after **SSH**-ing to your server (requires that [all services have been started](#starting-the-services)): ```sh /matrix/synapse/bin/register-user + +# Example: `/matrix/synapse/bin/register-user john secret-password 1` ``` -**Note**: `` is just a plain username (like `john`), not your full `@:example.com` identifier. +### Registering users manually for Dendrite -**You can then log in with that user** via the Element service that this playbook has created for you at a URL like this: `https://element.example.com/`. +If you're using the [Dendrite](./configuring-playbook-dendrite.md) homeserver implementation, you can register users via the command-line after **SSH**-ing to your server (requires that [all services have been started](#starting-the-services)): ------ +```sh +/matrix/dendrite/bin/create-account -If you've just installed Matrix, **to finalize the installation process**, it's best if you proceed to [Configuring service discovery via .well-known](configuring-well-known.md) +# Example: `/matrix/dendrite/bin/create-account john secret-password 1` +``` + +### Registering users manually for Matrix Authentication Service + +If you're using the [Matrix Authentication Service](./configuring-playbook-matrix-authentication-service.md) and your existing homeserver (most likely [Synapse](./configuring-playbook-synapse.md)) is delegating authentication to it, you can register users via the command-line after **SSH**-ing to your server (requires that [all services have been started](#starting-the-services)): + +```sh +/matrix/matrix-authentication-service/bin/register-user + +# Example: `/matrix/matrix-authentication-service/bin/register-user john secret-password 1` +``` + +This `register-user` script actually invokes the `mas-cli manage register-user` command under the hood. +If you'd like more control over the registration process, consider invoking the `mas-cli` command directly: + +```sh +/matrix/matrix-authentication-service/bin/mas-cli manage register-user --help +``` + +⚠ **Warning**: Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information. + + +## Things to do after registering users + +If you've just installed Matrix and created some users, **to finalize the installation process** it's best if you proceed with [Configuring service discovery via .well-known](configuring-well-known.md) ## Managing users via a Web UI To manage users more easily (via a web user-interace), you can install [Synapse Admin](configuring-playbook-synapse-admin.md). +⚠ **Warning**: If you're using [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md), note that user management via synapse-admin is not fully working yet. See the [Expectations](configuring-playbook-matrix-authentication-service.md#expectations) section for more information. + ## Letting certain users register on your private server @@ -66,9 +110,11 @@ and running the [installation](installing.md) procedure once again. If you're opening up registrations publicly like this, you might also wish to [configure CAPTCHA protection](configuring-captcha.md). -## Adding/Removing Administrator privileges to an existing Synapse user +## Adding/Removing Administrator privileges to an existing user -To change the admin privileges for a user, you need to run an SQL query like this against the `synapse` database: +### Adding/Removing Administrator privileges to an existing user in Synapse + +To change the admin privileges for a user in Synapse's local database, you need to run an SQL query like this against the `synapse` database: ```sql UPDATE users SET admin=ADMIN_VALUE WHERE name = '@USER:example.com'; @@ -87,3 +133,9 @@ If you're using the integrated Postgres server and not an [external Postgres ser You can then proceed to run the query above. **Note**: directly modifying the raw data of Synapse (or any other software) could cause the software to break. You've been warned! + +### Adding/Removing Administrator privileges to an existing user in Matrix Authentication Service + +Promoting/demoting a user in Matrix Authentication Service cannot currently (2024-10-19) be done via the [`mas-cli` Management tool](./configuring-playbook-matrix-authentication-service.md#management). + +You can do it via the [MAS Admin API](https://element-hq.github.io/matrix-authentication-service/api/index.html)'s `POST /api/admin/v1/users/{id}/set-admin` endpoint. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index c20b54f76..2f10e72e0 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -273,6 +273,8 @@ devture_systemd_service_manager_services_list_auto: | + ([{'name': 'matrix-alertmanager-receiver.service', 'priority': 2200, 'groups': ['matrix', 'alertmanager-receiver']}] if matrix_alertmanager_receiver_enabled else []) + + ([{'name': 'matrix-authentication-service.service', 'priority': 2200, 'groups': ['matrix', 'matrix-authentication-service']}] if matrix_authentication_service_enabled else []) + + ([{'name': 'matrix-bot-buscarron.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'buscarron', 'bot-buscarron']}] if matrix_bot_buscarron_enabled else []) + ([{'name': 'matrix-bot-baibot.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'baibot', 'bot-baibot']}] if matrix_bot_baibot_enabled else []) @@ -615,6 +617,106 @@ matrix_alertmanager_receiver_metrics_proxying_path: "{{ matrix_metrics_exposure_ ###################################################################### +###################################################################### +# +# matrix-authentication-service +# +###################################################################### + +matrix_authentication_service_enabled: false + +matrix_authentication_service_hostname: "{{ matrix_server_fqn_matrix }}" +matrix_authentication_service_path_prefix: /auth + +matrix_authentication_service_config_database_host: "{{ postgres_connection_hostname if postgres_enabled else '' }}" +matrix_authentication_service_config_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mas.db', rounds=655555) | to_uuid }}" + +matrix_authentication_service_config_matrix_homeserver: "{{ matrix_domain }}" +matrix_authentication_service_config_matrix_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mas.hs.secret', rounds=655555) | to_uuid }}" +matrix_authentication_service_config_matrix_endpoint: "{{ matrix_homeserver_container_url }}" + +# We're using a non-default configuration which: +# - allows passwords from Synapse (hashed with bcrypt) to be imported with scheme version 1 so existing users will be able to login +# - as soon as they do one login, the hash will be 'upgraded' to argon2id +matrix_authentication_service_config_passwords_schemes: + - version: 1 + secret: "{{ matrix_synapse_password_config_pepper }}" + algorithm: bcrypt + - version: 2 + algorithm: argon2id + +matrix_authentication_service_config_clients_auto: |- + {{ + ([ + { + 'client_id': matrix_synapse_experimental_features_msc3861_client_id, + 'client_auth_method': matrix_synapse_experimental_features_msc3861_client_auth_method, + 'client_secret': matrix_synapse_experimental_features_msc3861_client_secret, + } + ] if matrix_synapse_experimental_features_msc3861_enabled else []) + }} + +matrix_authentication_service_config_email_transport: "{{ 'smtp' if exim_relay_enabled else 'blackhole' }}" +matrix_authentication_service_config_email_hostname: "{{ exim_relay_identifier if exim_relay_enabled else '' }}" +matrix_authentication_service_config_email_port: "{{ 8025 if exim_relay_enabled else 587 }}" +matrix_authentication_service_config_email_mode: "{{ 'plain' if exim_relay_enabled else 'starttls' }}" +matrix_authentication_service_config_email_from_address: "{{ exim_relay_sender_address }}" + +matrix_authentication_service_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" + +matrix_authentication_service_container_network: "{{ matrix_homeserver_container_network }}" + +matrix_authentication_service_container_additional_networks_auto: |- + {{ + ( + ([postgres_container_network] if postgres_enabled and matrix_authentication_service_config_database_host == postgres_connection_hostname else []) + + + ([exim_relay_container_network] if (exim_relay_enabled and matrix_authentication_service_config_email_transport == 'smtp' and matrix_authentication_service_config_email_hostname == exim_relay_identifier and matrix_authentication_service_container_network != exim_relay_container_network) else []) + + + ([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network and matrix_authentication_service_container_labels_traefik_enabled else []) + ) | unique + }} + +matrix_authentication_service_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}" +matrix_authentication_service_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}" +matrix_authentication_service_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}" +matrix_authentication_service_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" + +matrix_authentication_service_container_labels_public_compatibility_layer_enabled: "{{ not matrix_authentication_service_migration_in_progress}}" +matrix_authentication_service_container_labels_public_compatibility_layer_hostname: "{{ matrix_server_fqn_matrix }}" + +matrix_authentication_service_container_labels_internal_compatibility_layer_enabled: "{{ not matrix_authentication_service_migration_in_progress}}" +matrix_authentication_service_container_labels_internal_compatibility_layer_entrypoints: "{{ matrix_playbook_internal_matrix_client_api_traefik_entrypoint_name }}" + +# MAS somewhat depends on the homeserver service, but the homeserver also depends on MAS. +# To avoid a circular dependency, we make MAS not depend on the homeserver here. +# The homeserver is more lost without MAS than MAS is without the homeserver, so we'll define the dependency on the homeserver side. +# We'll put our dependency on the homeserver as a "want", rather than a requirement. +matrix_authentication_service_systemd_required_services_list_auto: | + {{ + ([postgres_identifier ~ '.service'] if postgres_enabled and matrix_authentication_service_config_database_host == postgres_connection_hostname else []) + }} + +# See more information about this homeserver "want" in the comment for `matrix_authentication_service_systemd_required_services_list_auto` above. +matrix_authentication_service_systemd_wanted_services_list_auto: | + {{ + ['matrix-' + matrix_homeserver_implementation + '.service'] + + + ([exim_relay_identifier ~ '.service'] if (exim_relay_enabled and matrix_authentication_service_config_email_transport == 'smtp' and matrix_authentication_service_config_email_hostname == exim_relay_identifier and matrix_authentication_service_container_network != exim_relay_container_network) else []) + }} + +matrix_authentication_service_syn2mas_container_network: "{{ postgres_container_network if postgres_enabled and matrix_authentication_service_config_database_host == postgres_connection_hostname else matrix_authentication_service_container_network }}" + +matrix_authentication_service_syn2mas_synapse_homeserver_config_path: "{{ matrix_synapse_config_dir_path + '/homeserver.yaml' if matrix_synapse_enabled else '' }}" + +###################################################################### +# +# /matrix-authentication-service +# +###################################################################### + + + ###################################################################### # @@ -3921,6 +4023,12 @@ postgres_managed_databases_auto: | 'password': matrix_dendrite_database_password, }] if (matrix_dendrite_enabled and matrix_dendrite_database_hostname == postgres_connection_hostname) else []) + + ([{ + 'name': matrix_authentication_service_config_database_database, + 'username': matrix_authentication_service_config_database_username, + 'password': matrix_authentication_service_config_database_password, + }] if (matrix_authentication_service_config_database_host == postgres_connection_hostname) else []) + + ([{ 'name': matrix_sliding_sync_database_name, 'username': matrix_sliding_sync_database_username, @@ -4632,6 +4740,8 @@ matrix_synapse_systemd_required_services_list_auto: | ([keydb_identifier ~ '.service'] if matrix_synapse_redis_enabled and matrix_synapse_redis_host == keydb_identifier else []) + (['matrix-goofys.service'] if matrix_s3_media_store_enabled else []) + + + (['matrix-authentication-service.service'] if (matrix_authentication_service_enabled and matrix_synapse_experimental_features_msc3861_enabled) else []) }} matrix_synapse_systemd_wanted_services_list_auto: | @@ -4656,6 +4766,20 @@ matrix_synapse_ext_media_repo_enabled: "{{ matrix_media_repo_enabled }}" matrix_synapse_report_stats: "{{ matrix_synapse_usage_exporter_enabled }}" matrix_synapse_report_stats_endpoint: "http://{{ matrix_synapse_usage_exporter_identifier }}:{{ matrix_synapse_usage_exporter_container_port | string }}/report-usage-stats/push" +matrix_synapse_experimental_features_msc3861_enabled: "{{ matrix_authentication_service_enabled and not matrix_authentication_service_migration_in_progress }}" +matrix_synapse_experimental_features_msc3861_issuer: "{{ matrix_authentication_service_http_base_container_url if matrix_authentication_service_enabled else '' }}" +matrix_synapse_experimental_features_msc3861_client_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'syn.ngauth.cs', rounds=655555) | to_uuid }}" +matrix_synapse_experimental_features_msc3861_admin_token: "{{ matrix_authentication_service_config_matrix_secret if matrix_authentication_service_enabled else '' }}" +matrix_synapse_experimental_features_msc3861_account_management_url: "{{ matrix_authentication_service_account_management_url if matrix_authentication_service_enabled else '' }}" + +# Disable password authentication when delegating authentication to Matrix Authentication Service. +# Unless this is done, Synapse fails on startup with: +# > Error in configuration at 'password_config.enabled': +# > Password auth cannot be enabled when OAuth delegation is enabled +matrix_synapse_password_config_enabled: "{{ not matrix_synapse_experimental_features_msc3861_enabled }}" + +matrix_synapse_register_user_script_matrix_authentication_service_path: "{{ matrix_authentication_service_bin_path }}/register-user" + ###################################################################### # # /matrix-synapse @@ -5754,6 +5878,10 @@ matrix_static_files_file_matrix_client_property_io_element_jitsi_preferred_domai matrix_static_files_file_matrix_client_property_org_matrix_msc3575_proxy_url: "{{ matrix_homeserver_sliding_sync_url }}" +matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_enabled: "{{ matrix_authentication_service_enabled }}" +matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_issuer: "{{ matrix_authentication_service_config_http_issuer if matrix_authentication_service_enabled else '' }}" +matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_account: "{{ matrix_authentication_service_account_management_url }}" + matrix_static_files_file_matrix_client_property_m_tile_server_entries_enabled: "{{ matrix_client_element_location_sharing_enabled }}" matrix_static_files_file_matrix_client_property_m_tile_server_map_style_url: "{{ ('https://' if matrix_playbook_ssl_enabled else 'http://') + matrix_server_fqn_element }}/map_style.json" diff --git a/roles/custom/matrix-authentication-service/defaults/main.yml b/roles/custom/matrix-authentication-service/defaults/main.yml new file mode 100644 index 000000000..c0f99dadc --- /dev/null +++ b/roles/custom/matrix-authentication-service/defaults/main.yml @@ -0,0 +1,596 @@ +--- + +# matrix-authentication-service (MAS) is an OAuth 2.0 and OpenID Provider server for Matrix. +# Project source code URL: https://github.com/element-hq/matrix-authentication-service + +matrix_authentication_service_enabled: true + +matrix_authentication_service_hostname: '' + +# Controls the path prefix for the authentication service. +# This value must either be `/` or not end with a slash (e.g. `/auth`). +matrix_authentication_service_path_prefix: / + +matrix_authentication_service_container_image_self_build: false +matrix_authentication_service_container_repo: "https://github.com/element-hq/matrix-authentication-service.git" +matrix_authentication_service_container_repo_version: "{{ 'main' if matrix_authentication_service_version == 'latest' else ('v' + matrix_authentication_service_version) }}" +matrix_authentication_service_container_src_files_path: "{{ matrix_base_data_path }}/matrix-authentication-service/container-src" + +# renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service +matrix_authentication_service_version: 0.12.0 +matrix_authentication_service_container_image: "{{ matrix_authentication_service_container_image_name_prefix }}element-hq/matrix-authentication-service:{{ matrix_authentication_service_version }}" +matrix_authentication_service_container_image_name_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else 'ghcr.io/' }}" +matrix_authentication_service_container_image_force_pull: "{{ matrix_authentication_service_container_image.endswith(':latest') }}" + +matrix_authentication_service_base_path: "{{ matrix_base_data_path }}/matrix-authentication-service" +matrix_authentication_service_bin_path: "{{ matrix_authentication_service_base_path }}/bin" +matrix_authentication_service_config_path: "{{ matrix_authentication_service_base_path }}/config" +matrix_authentication_service_data_path: "{{ matrix_authentication_service_base_path }}/data" +matrix_authentication_service_data_keys_path: "{{ matrix_authentication_service_data_path }}/keys" + +matrix_authentication_service_uid: "{{ matrix_user_uid }}" +matrix_authentication_service_gid: "{{ matrix_user_gid }}" + +matrix_authentication_service_container_network: "" + +matrix_authentication_service_container_additional_networks: "{{ matrix_authentication_service_container_additional_networks_auto + matrix_authentication_service_container_additional_networks_custom }}" +matrix_authentication_service_container_additional_networks_auto: [] +matrix_authentication_service_container_additional_networks_custom: [] + +# A list of extra arguments to pass to the container +matrix_authentication_service_container_extra_arguments: [] + +# List of systemd services that matrix-authentication-service.service depends on +matrix_authentication_service_systemd_required_services_list: "{{ matrix_authentication_service_systemd_required_services_list_default + matrix_authentication_service_systemd_required_services_list_auto + matrix_authentication_service_systemd_required_services_list_custom }}" +matrix_authentication_service_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" +matrix_authentication_service_systemd_required_services_list_auto: [] +matrix_authentication_service_systemd_required_services_list_custom: [] + +# List of systemd services that matrix-authentication-service.service wants +matrix_authentication_service_systemd_wanted_services_list: "{{ matrix_authentication_service_systemd_wanted_services_list_auto + matrix_authentication_service_systemd_wanted_services_list_custom }}" +matrix_authentication_service_systemd_wanted_services_list_auto: [] +matrix_authentication_service_systemd_wanted_services_list_custom: [] + +######################################################################################## +# # +# Key management # +# # +######################################################################################## + +# Controls whether the playbook will manage the secrets keys for you. +# +# See: +# - matrix_authentication_service_config_secrets_keys +# - matrix_authentication_service_key_management_* +matrix_authentication_service_key_management_enabled: true + +matrix_authentication_service_key_management_list: "{{ matrix_authentication_service_key_management_list_default + matrix_authentication_service_key_management_list_custom }}" +matrix_authentication_service_key_management_list_default: |- + {{ + ( + ([ + { + "config": { + "kid": matrix_authentication_service_key_management_rsa_2048_key_id, + "key_file": ("/keys/" + matrix_authentication_service_key_management_rsa_2048_key_file), + }, + "key_file": matrix_authentication_service_key_management_rsa_2048_key_file, + "generation_command": matrix_authentication_service_key_management_rsa_2048_generation_command, + } + ] if matrix_authentication_service_key_management_rsa_2048_enabled else []) + + + ([ + { + "config": { + "kid": matrix_authentication_service_key_management_ecdsa_p256_key_id, + "key_file": ("/keys/" + matrix_authentication_service_key_management_ecdsa_p256_key_file), + }, + "key_file": matrix_authentication_service_key_management_ecdsa_p256_key_file, + "generation_command": matrix_authentication_service_key_management_ecdsa_p256_generation_command, + } + ] if matrix_authentication_service_key_management_ecdsa_p256_enabled else []) + + + ([ + { + "config": { + "kid": matrix_authentication_service_key_management_ecdsa_p384_key_id, + "key_file": ("/keys/" + matrix_authentication_service_key_management_ecdsa_p384_key_file), + }, + "key_file": matrix_authentication_service_key_management_ecdsa_p384_key_file, + "generation_command": matrix_authentication_service_key_management_ecdsa_p384_generation_command, + } + ] if matrix_authentication_service_key_management_ecdsa_p384_enabled else []) + + + ([ + { + "config": { + "kid": matrix_authentication_service_key_management_ecdsa_k256_key_id, + "key_file": ("/keys/" + matrix_authentication_service_key_management_ecdsa_k256_key_file), + }, + "key_file": matrix_authentication_service_key_management_ecdsa_k256_key_file, + "generation_command": matrix_authentication_service_key_management_ecdsa_k256_generation_command, + } + ] if matrix_authentication_service_key_management_ecdsa_k256_enabled else []) + ) + if matrix_authentication_service_key_management_enabled + else [] + }} +matrix_authentication_service_key_management_list_custom: [] + +matrix_authentication_service_key_management_rsa_2048_enabled: true +matrix_authentication_service_key_management_rsa_2048_key_id: default-rsa +matrix_authentication_service_key_management_rsa_2048_key_file: rsa-2048.priv.pem +matrix_authentication_service_key_management_rsa_2048_generation_command: "openssl genpkey -algorithm RSA -out __KEY_FILE_PATH__ -pkeyopt rsa_keygen_bits:2048" + +matrix_authentication_service_key_management_ecdsa_p256_enabled: true +matrix_authentication_service_key_management_ecdsa_p256_key_id: default-ecdsa-p256 +matrix_authentication_service_key_management_ecdsa_p256_key_file: ecdsa-p256.priv.pem +matrix_authentication_service_key_management_ecdsa_p256_generation_command: "openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime256v1 -out __KEY_FILE_PATH__ -outform PEM" +matrix_authentication_service_key_management_ecdsa_p384_enabled: true +matrix_authentication_service_key_management_ecdsa_p384_key_id: default-ecdsa-p384 +matrix_authentication_service_key_management_ecdsa_p384_key_file: ecdsa-p384.priv.pem +matrix_authentication_service_key_management_ecdsa_p384_generation_command: "openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:secp384r1 -out __KEY_FILE_PATH__ -outform PEM" + +matrix_authentication_service_key_management_ecdsa_k256_enabled: true +matrix_authentication_service_key_management_ecdsa_k256_key_id: default-ecdsa-k256 +matrix_authentication_service_key_management_ecdsa_k256_key_file: ecdsa-k256.priv.pem +matrix_authentication_service_key_management_ecdsa_k256_generation_command: "openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:secp256k1 -out __KEY_FILE_PATH__ -outform PEM" + +######################################################################################## +# # +# /Key management # +# # +######################################################################################## + + +######################################################################################## +# # +# Email configuration # +# # +######################################################################################## + +# Controls the `email.from` configuration setting. +matrix_authentication_service_config_email_from: '"{{ matrix_authentication_service_config_email_from_name }}" <{{ matrix_authentication_service_config_email_from_address }}>' +matrix_authentication_service_config_email_from_name: 'Matrix Authentication Service' +matrix_authentication_service_config_email_from_address: "matrix@{{ matrix_domain }}" + +# Controls the `email.reply_to` configuration setting. +matrix_authentication_service_config_email_reply_to: '"{{ matrix_authentication_service_config_email_reply_to_name }}" <{{ matrix_authentication_service_config_email_reply_to_address }}>' +matrix_authentication_service_config_email_reply_to_name: "{{ matrix_authentication_service_config_email_from_name }}" +matrix_authentication_service_config_email_reply_to_address: "{{ matrix_authentication_service_config_email_from_address }}" + +# Controls the `email.transport` configuration setting. +# +# Valid options are: blackhole, smtp, aws_ses +# Upstream reports that `sendmail` is supported as well, +# but this is not true when running it in a container image due to the `sendmail` binary not being included. +matrix_authentication_service_config_email_transport: blackhole + +# Controls the `email.mode` configuration setting for SMTP. +# Options are 'plain', 'tls', or 'starttls'. +matrix_authentication_service_config_email_mode: plain + +# Controls the `email.hostname` configuration setting for SMTP. +matrix_authentication_service_config_email_hostname: "" + +# Controls the `email.port` configuration setting for SMTP. +matrix_authentication_service_config_email_port: 587 + +# Controls the `email.username` configuration setting for SMTP. +matrix_authentication_service_config_email_username: "" + +# Controls the `email.password` configuration setting for SMTP. +matrix_authentication_service_config_email_password: "" + +######################################################################################## +# # +# /Email configuration # +# # +######################################################################################## + + +######################################################################################## +# # +# Account configuration # +# # +######################################################################################## + +# Controls the `account.email_change_allowed` configuration setting. +# +# Whether users are allowed to change their email addresses. +matrix_authentication_service_config_account_email_change_allowed: true + +# Controls the `account.displayname_change_allowed` configuration setting. +# +# Whether users are allowed to change their display names. +# This should be in sync with the policy in the homeserver configuration. +matrix_authentication_service_config_account_displayname_change_allowed: true + +# Controls the `account.password_registration_enabled` configuration setting. +# +# Whether to enable self-service password registration. +# This has no effect if password login is disabled. +matrix_authentication_service_config_account_password_registration_enabled: false + +# Controls the `account.password_change_allowed` configuration setting. +# +# Whether users are allowed to change their passwords. +# This has no effect if password login is disabled. +matrix_authentication_service_config_account_password_change_allowed: true + +# Controls the `account.password_recovery_enabled` configuration setting. +# +# Whether email-based password recovery is enabled +# This has no effect if password login is disabled. +matrix_authentication_service_config_account_password_recovery_enabled: false + +######################################################################################## +# # +# /Account configuration # +# # +######################################################################################## + + +######################################################################################## +# # +# Database configuration # +# # +######################################################################################## + +# Controls the `database.username` configuration setting. +matrix_authentication_service_config_database_username: 'matrix_authentication_service' + +# Controls the `database.password` configuration setting. +matrix_authentication_service_config_database_password: '' + +# Controls the `database.host` configuration setting. +matrix_authentication_service_config_database_host: '' + +# Controls the `database.port` configuration setting. +matrix_authentication_service_config_database_port: 5432 + +# Controls the `database.database` configuration setting. +matrix_authentication_service_config_database_database: 'matrix_authentication_service' + +# Controls the `database.ssl_mode` configuration setting. +matrix_authentication_service_config_database_ssl_mode: disable + +# Controls the `database.max_connections` configuration setting. +matrix_authentication_service_config_database_max_connections: 10 + +# Controls the `database.min_connections` configuration setting. +matrix_authentication_service_config_database_min_connections: 0 + +# Controls the `database.connect_timeout` configuration setting. +matrix_authentication_service_config_database_connect_timeout: 30 + +# Controls the `database.idle_timeout` configuration setting. +matrix_authentication_service_config_database_idle_timeout: 600 + +# Controls the `database.max_lifetime` configuration setting. +matrix_authentication_service_config_database_max_lifetime: 1800 + +######################################################################################## +# # +# /Database configuration # +# # +######################################################################################## + + +######################################################################################## +# # +# Secrets configuration # +# # +######################################################################################## + +# Controls the `secrets.encryption` configuration setting. +matrix_authentication_service_config_secrets_encryption: '' + +# Controls the `secrets.keys` configuration setting. +matrix_authentication_service_config_secrets_keys: |- + {{ + matrix_authentication_service_key_management_list | map(attribute='config') | list + if matrix_authentication_service_key_management_enabled + else [] + }} + +######################################################################################## +# # +# /Secrets configuration # +# # +######################################################################################## + + +######################################################################################## +# # +# HTTP configuration # +# # +######################################################################################## + +# Controls the `http.public_base` configuration setting. +matrix_authentication_service_config_http_public_base: "https://{{ matrix_authentication_service_hostname }}{{ '/' if matrix_authentication_service_path_prefix == '/' else (matrix_authentication_service_path_prefix + '/') }}" + +# Controls the `http.issuer` configuration setting. +matrix_authentication_service_config_http_issuer: "{{ matrix_authentication_service_config_http_public_base }}" + +# Controls the `http.trusted_proxies` configuration setting. +matrix_authentication_service_config_http_trusted_proxies: + - 192.168.0.0/16 + - 172.16.0.0/12 + - 10.0.0.0/10 + - 127.0.0.1/8 + - fd00::/8 + - ::1/128 + +######################################################################################## +# # +# /HTTP configuration # +# # +######################################################################################## + + +######################################################################################## +# # +# Matrix configuration # +# # +######################################################################################## + +# Controls the `matrix.homeserver` configuration setting. +# The homeserver name, as per the `server_name` in the Synapse configuration file. +matrix_authentication_service_config_matrix_homeserver: "" + +# Controls the `matrix.endpoint` configuration setting. +# URL to which the homeserver is accessible from the service +matrix_authentication_service_config_matrix_endpoint: "" + +# Controls the `matrix.secret` configuration setting. +matrix_authentication_service_config_matrix_secret: "" + +######################################################################################## +# # +# /Matrix configuration # +# # +######################################################################################## + + +######################################################################################## +# # +# Passwords configuration # +# # +######################################################################################## + +# Controls the `passwords.enabled` configuration setting. +# Whether to enable the password database. +# If disabled, users will only be able to log in using upstream OIDC providers +matrix_authentication_service_config_passwords_enabled: true + +# Controls the `passwords.schemes` configuration setting. +# List of password hashing schemes being used. +# Only change this if you know what you're doing +matrix_authentication_service_config_passwords_schemes: + - version: 1 + algorithm: argon2id + +# Controls the `passwords.minimum_complexity` configuration setting. +# Minimum complexity required for passwords, estimated by the zxcvbn algorithm +# Must be between 0 and 4, default is 3 +# See https://github.com/dropbox/zxcvbn#usage for more information +matrix_authentication_service_config_passwords_minimum_complexity: 3 + +######################################################################################## +# # +# /Passwords configuration # +# # +######################################################################################## + + +######################################################################################## +# # +# Clients configuration # +# # +######################################################################################## + +# Controls the `clients` configuration setting. +# List of clients to be used by the authentication service. +# +# See: +# - https://element-hq.github.io/matrix-authentication-service/reference/configuration.html#clients +# - https://element-hq.github.io/matrix-authentication-service/setup/homeserver.html#provision-a-client-for-the-homeserver-to-use +# +# To define your own, use `matrix_authentication_service_config_clients_custom`. +matrix_authentication_service_config_clients: "{{ matrix_authentication_service_config_clients_auto + matrix_authentication_service_config_clients_custom }}" +matrix_authentication_service_config_clients_auto: [] +matrix_authentication_service_config_clients_custom: [] + +######################################################################################## +# # +# /Clients configuration # +# # +######################################################################################## + + +######################################################################################## +# # +# Upstream OAuth2 configuration # +# # +######################################################################################## + +# Controls the `upstream_oauth2.providers` configuration setting. +# See: +# - https://element-hq.github.io/matrix-authentication-service/reference/configuration.html#upstream_oauth2providers +matrix_authentication_service_config_upstream_oauth2_providers: [] + +######################################################################################## +# # +# /Upstream OAuth2 configuration # +# # +######################################################################################## + + +# Holds the final Matrix Authentication Service configuration (a combination of the default and its extension). +# You most likely don't need to touch this variable. Instead, see `matrix_authentication_service_configuration_yaml` or `matrix_authentication_service_configuration_extension_yaml`. +matrix_authentication_service_configuration: "{{ matrix_authentication_service_configuration_yaml | from_yaml | combine(matrix_authentication_service_configuration_extension, recursive=True) }}" + +# Default Matrix Authentication Service configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +# +# For a more advanced customization, you can extend the default (see `matrix_authentication_service_configuration_extension_yaml`) +# or completely replace this variable with your own template. +matrix_authentication_service_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" + +matrix_authentication_service_configuration_extension_yaml: | + # Your custom YAML configuration for Matrix Authentication Service goes here. + # This configuration extends the default starting configuration (`matrix_authentication_service_configuration_yaml`). + # + # You can override individual variables from the default configuration, or introduce new ones. + # + # If you need something more special, you can take full control by + # completely redefining `matrix_authentication_service_configuration_yaml`. + # + # Example configuration extension follows: + # + # user: + # password: something + +matrix_authentication_service_configuration_extension: "{{ matrix_authentication_service_configuration_extension_yaml | from_yaml if matrix_authentication_service_configuration_extension_yaml | from_yaml is mapping else {} }}" + +# Additional environment variables to pass to the Matrix Authentication Service container. +# +# Environment variables take priority over settings in the configuration file. +# +# Example: +# matrix_authentication_service_environment_variables_extension: | +# KEY=value +matrix_authentication_service_environment_variables_extension: '' + + +######################################################################################## +# # +# Labels # +# # +######################################################################################## + +# matrix_authentication_service_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container. +# See `../templates/labels.j2` for details. +# +# To inject your own other container labels, see `matrix_authentication_service_container_labels_additional_labels`. +matrix_authentication_service_container_labels_traefik_enabled: true +matrix_authentication_service_container_labels_traefik_docker_network: "{{ matrix_authentication_service_container_network }}" +matrix_authentication_service_container_labels_traefik_entrypoints: web-secure +matrix_authentication_service_container_labels_traefik_tls_certResolver: default # noqa var-naming + +matrix_authentication_service_container_labels_public_main_hostname: "{{ matrix_authentication_service_hostname }}" +# The path prefix must either be `/` or not end with a slash (e.g. `/auth`). +matrix_authentication_service_container_labels_public_main_path_prefix: "{{ matrix_authentication_service_path_prefix }}" +matrix_authentication_service_container_labels_public_main_rule: "Host(`{{ matrix_authentication_service_container_labels_public_main_hostname }}`){% if matrix_authentication_service_container_labels_public_main_path_prefix != '/' %} && PathPrefix(`{{ matrix_authentication_service_container_labels_public_main_path_prefix }}`){% endif %}" +matrix_authentication_service_container_labels_public_main_priority: 0 +matrix_authentication_service_container_labels_public_main_entrypoints: "{{ matrix_authentication_service_container_labels_traefik_entrypoints }}" +matrix_authentication_service_container_labels_public_main_tls: "{{ matrix_authentication_service_container_labels_public_main_entrypoints != 'web' }}" +matrix_authentication_service_container_labels_public_main_tls_certResolver: "{{ matrix_authentication_service_container_labels_traefik_tls_certResolver }}" # noqa var-naming + +# Controls whether labels will be added to expose the compatibility layer publicly. +# +# The service exposes a compatibility layer to allow legacy clients to authenticate using the service. +# This works by exposing a few Matrix endpoints that should be proxied to the service. +# The following Matrix Client-Server API endpoints need to be handled by the authentication service: +# - /_matrix/client/*/login +# - /_matrix/client/*/logout +# - /_matrix/client/*/refresh +# +# See: +# - https://element-hq.github.io/matrix-authentication-service/setup/homeserver.html#set-up-the-compatibility-layer +# - https://element-hq.github.io/matrix-authentication-service/setup/reverse-proxy.html#compatibility-layer +# +# Regardless of whether this is enabled, it may or may not take effect due to the value of other variables. +# See `matrix_authentication_service_container_labels_traefik_enabled` +matrix_authentication_service_container_labels_public_compatibility_layer_enabled: false +matrix_authentication_service_container_labels_public_compatibility_layer_hostname: "" +matrix_authentication_service_container_labels_public_compatibility_layer_path_regexp: "^/_matrix/client/(?P([^/]+))/(?P(login|logout|refresh))" +matrix_authentication_service_container_labels_public_compatibility_layer_rule: "Host(`{{ matrix_authentication_service_container_labels_public_compatibility_layer_hostname }}`) && PathRegexp(`{{ matrix_authentication_service_container_labels_public_compatibility_layer_path_regexp }}`)" +matrix_authentication_service_container_labels_public_compatibility_layer_priority: 0 +matrix_authentication_service_container_labels_public_compatibility_layer_entrypoints: "{{ matrix_authentication_service_container_labels_traefik_entrypoints }}" +matrix_authentication_service_container_labels_public_compatibility_layer_tls: "{{ matrix_authentication_service_container_labels_public_compatibility_layer_entrypoints != 'web' }}" +matrix_authentication_service_container_labels_public_compatibility_layer_tls_certResolver: "{{ matrix_authentication_service_container_labels_traefik_tls_certResolver }}" # noqa var-naming + +# Controls whether labels will be added to expose the compatibility layer on the internal Traefik entrypoint. +# This is similar to `matrix_authentication_service_container_labels_public_compatibility_layer_enabled`, but the entrypoint and intent is different. +# Regardless of whether this is enabled, it may or may not take effect due to the value of other variables. +# See `matrix_authentication_service_container_labels_traefik_enabled` +matrix_authentication_service_container_labels_internal_compatibility_layer_enabled: false +matrix_authentication_service_container_labels_internal_compatibility_layer_path_regexp: "{{ matrix_authentication_service_container_labels_public_compatibility_layer_path_regexp }}" +matrix_authentication_service_container_labels_internal_compatibility_layer_rule: "PathRegexp(`{{ matrix_authentication_service_container_labels_internal_compatibility_layer_path_regexp }}`)" +matrix_authentication_service_container_labels_internal_compatibility_layer_priority: 0 +matrix_authentication_service_container_labels_internal_compatibility_layer_entrypoints: "" + +# Controls which additional headers to attach to all HTTP responses. +# To add your own headers, use `matrix_authentication_service_container_labels_traefik_additional_response_headers_custom` +matrix_authentication_service_container_labels_traefik_additional_response_headers: "{{ matrix_authentication_service_container_labels_traefik_additional_response_headers_auto | combine(matrix_authentication_service_container_labels_traefik_additional_response_headers_custom) }}" +matrix_authentication_service_container_labels_traefik_additional_response_headers_auto: {} +matrix_authentication_service_container_labels_traefik_additional_response_headers_custom: {} + +# matrix_authentication_service_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file. +# See `../templates/labels.j2` for details. +# +# Example: +# matrix_authentication_service_container_labels_additional_labels: | +# my.label=1 +# another.label="here" +matrix_authentication_service_container_labels_additional_labels: '' + +######################################################################################## +# # +# /Labels # +# # +######################################################################################## + + +######################################################################################## +# # +# syn2mas configuration # +# # +######################################################################################## + +matrix_authentication_service_syn2mas_start_wait_time_seconds: 5 + +matrix_authentication_service_syn2mas_dry_run: false + +# renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service/syn2mas +matrix_authentication_service_syn2mas_version: 0.12.0 +matrix_authentication_service_syn2mas_container_image: "{{ matrix_authentication_service_container_image_name_prefix }}element-hq/matrix-authentication-service/syn2mas:{{ matrix_authentication_service_syn2mas_version }}" +matrix_authentication_service_syn2mas_container_image_name_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else 'ghcr.io/' }}" +matrix_authentication_service_syn2mas_container_image_force_pull: "{{ matrix_authentication_service_syn2mas_container_image.endswith(':latest') }}" + +matrix_authentication_service_syn2mas_container_image_self_build: "{{ matrix_authentication_service_container_image_self_build }}" + +matrix_authentication_service_syn2mas_container_network: "{{ matrix_authentication_service_container_network }}" + +# Path to Synapse's homeserver.yaml configuration file. +matrix_authentication_service_syn2mas_synapse_homeserver_config_path: "" + +######################################################################################## +# # +# /syn2mas configuration # +# # +######################################################################################## + + +######################################################################################## +# # +# Misc # +# # +######################################################################################## + +# Controls whether a migration from a homeserver user database to Matrix Authentication Service is in progress. +# +# When this is set to `true`, the playbook will: +# +# - disable the integration between the homeserver and Matrix Authentication Service +# - avoid setting up the "compatibility layer" (that is, avoid installing container labels that capture login endpoints like `/_matrix/client/*/login`, etc.) +matrix_authentication_service_migration_in_progress: false + +######################################################################################## +# # +# /Misc # +# # +######################################################################################## + diff --git a/roles/custom/matrix-authentication-service/tasks/install.yml b/roles/custom/matrix-authentication-service/tasks/install.yml new file mode 100644 index 000000000..b766c1cb6 --- /dev/null +++ b/roles/custom/matrix-authentication-service/tasks/install.yml @@ -0,0 +1,103 @@ +--- + +- name: Ensure Matrix Authentication Service paths exist + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_authentication_service_base_path }}", when: true} + - {path: "{{ matrix_authentication_service_bin_path }}", when: true} + - {path: "{{ matrix_authentication_service_config_path }}", when: true} + - {path: "{{ matrix_authentication_service_data_path }}", when: true} + - {path: "{{ matrix_authentication_service_data_keys_path }}", when: true} + - {path: "{{ matrix_authentication_service_container_src_files_path }}", when: "{{ matrix_authentication_service_container_image_self_build }}"} + when: "item.when | bool" + +- when: matrix_authentication_service_key_management_enabled | bool + block: + - name: Ensure openssl installed + ansible.builtin.package: + name: openssl + state: present + + - name: Prepare private key + ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/prepare_key.yml" + with_items: "{{ matrix_authentication_service_key_management_list }}" + loop_control: + loop_var: private_key_definition + +- name: Ensure Matrix Authentication Service configuration installed + ansible.builtin.copy: + content: "{{ matrix_authentication_service_configuration | to_nice_yaml(indent=2, width=999999) }}" + dest: "{{ matrix_authentication_service_config_path }}/config.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure Matrix Authentication Service support files created + ansible.builtin.template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + mode: "{{ item.mode }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - src: "{{ role_path }}/templates/env.j2" + dest: "{{ matrix_authentication_service_config_path }}/env" + mode: '0644' + - src: "{{ role_path }}/templates/labels.j2" + dest: "{{ matrix_authentication_service_config_path }}/labels" + mode: '0644' + - src: "{{ role_path }}/templates/bin/register-user.j2" + dest: "{{ matrix_authentication_service_bin_path }}/register-user" + mode: '0755' + - src: "{{ role_path }}/templates/bin/mas-cli.j2" + dest: "{{ matrix_authentication_service_bin_path }}/mas-cli" + mode: '0755' + +- name: Ensure Matrix Authentication Service container image is pulled + community.docker.docker_image: + name: "{{ matrix_authentication_service_container_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_authentication_service_container_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_authentication_service_container_image_force_pull }}" + when: "not matrix_authentication_service_container_image_self_build | bool" + register: result + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" + until: result is not failed + +- when: "matrix_authentication_service_container_image_self_build | bool" + block: + - name: Ensure Matrix Authentication Service repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_authentication_service_container_repo }}" + version: "{{ matrix_authentication_service_container_repo_version }}" + dest: "{{ matrix_authentication_service_container_src_files_path }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + + - name: Ensure Matrix Authentication Service container image is built + ansible.builtin.command: + cmd: |- + {{ devture_systemd_docker_base_host_command_docker }} buildx build + --tag={{ matrix_authentication_service_container_image }} + --file={{ matrix_authentication_service_container_src_files_path }}/Dockerfile + {{ matrix_authentication_service_container_src_files_path }} + changed_when: true + +- name: Ensure Matrix Authentication Service container network is created + community.general.docker_network: + enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}" + name: "{{ matrix_authentication_service_container_network }}" + driver: bridge + +- name: Ensure matrix-authentication-service.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-authentication-service.service.j2" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-authentication-service.service" + mode: 0644 diff --git a/roles/custom/matrix-authentication-service/tasks/main.yml b/roles/custom/matrix-authentication-service/tasks/main.yml new file mode 100644 index 000000000..c5a7e9c80 --- /dev/null +++ b/roles/custom/matrix-authentication-service/tasks/main.yml @@ -0,0 +1,38 @@ +--- + +- tags: + - setup-all + - setup-matrix-authentication-service + - install-all + - install-matrix-authentication-service + block: + - when: matrix_authentication_service_enabled | bool + ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml" + + - when: matrix_authentication_service_enabled | bool + ansible.builtin.include_tasks: "{{ role_path }}/tasks/install.yml" + +- tags: + - matrix-authentication-service-syn2mas + block: + - when: matrix_authentication_service_enabled | bool + ansible.builtin.include_tasks: "{{ role_path }}/tasks/syn2mas.yml" + +- tags: + - matrix-authentication-service-mas-cli-doctor + block: + - when: matrix_authentication_service_enabled | bool + ansible.builtin.include_tasks: "{{ role_path }}/tasks/mas_cli_doctor.yml" + +- tags: + - register-user + block: + - when: matrix_authentication_service_enabled | bool + ansible.builtin.include_tasks: "{{ role_path }}/tasks/register_user.yml" + +- tags: + - setup-all + - setup-matrix-authentication-service + block: + - when: not matrix_authentication_service_enabled | bool + ansible.builtin.include_tasks: "{{ role_path }}/tasks/uninstall.yml" diff --git a/roles/custom/matrix-authentication-service/tasks/mas_cli_doctor.yml b/roles/custom/matrix-authentication-service/tasks/mas_cli_doctor.yml new file mode 100644 index 000000000..591b80803 --- /dev/null +++ b/roles/custom/matrix-authentication-service/tasks/mas_cli_doctor.yml @@ -0,0 +1,32 @@ +--- + +- name: Ensure Matrix Authentication Service is started + ansible.builtin.service: + name: matrix-authentication-service + state: started + daemon_reload: true + register: matrix_authentication_service_mas_ensure_started_result + +- when: matrix_authentication_service_mas_ensure_started_result.changed | bool + name: Wait a bit, so that Matrix Authentication Service can start + ansible.builtin.wait_for: + timeout: "{{ matrix_authentication_service_syn2mas_start_wait_time_seconds }}" + delegate_to: 127.0.0.1 + become: false + +- name: Generate mas-cli doctor command + ansible.builtin.set_fact: + matrix_authentication_service_mas_cli_doctor_command: >- + {{ matrix_authentication_service_bin_path }}/mas-cli doctor + tags: + - skip_ansible_lint + +- name: Run mas-cli doctor + ansible.builtin.command: + cmd: "{{ matrix_authentication_service_mas_cli_doctor_command }}" + register: matrix_authentication_service_mas_cli_doctor_command_result + changed_when: matrix_authentication_service_mas_cli_doctor_command_result.rc == 0 + +- name: Print mas-cli doctor command result + ansible.builtin.debug: + var: matrix_authentication_service_mas_cli_doctor_command_result diff --git a/roles/custom/matrix-authentication-service/tasks/register_user.yml b/roles/custom/matrix-authentication-service/tasks/register_user.yml new file mode 100644 index 000000000..9aef7ab47 --- /dev/null +++ b/roles/custom/matrix-authentication-service/tasks/register_user.yml @@ -0,0 +1,34 @@ +--- + +- name: Fail if playbook called incorrectly + ansible.builtin.fail: + msg: "The `username` variable needs to be provided to this playbook, via --extra-vars" + when: "username is not defined or username == ''" + +- name: Fail if playbook called incorrectly + ansible.builtin.fail: + msg: "The `password` variable needs to be provided to this playbook, via --extra-vars" + when: "password is not defined or password == ''" + +- name: Fail if playbook called incorrectly + ansible.builtin.fail: + msg: "The `admin` variable needs to be provided to this playbook, via --extra-vars" + when: "admin is not defined or admin not in ['yes', 'no']" + +- name: Ensure Matrix Authentication Service is started + ansible.builtin.service: + name: matrix-authentication-service + state: started + daemon_reload: true + register: matrix_authentication_service_start_result + +- name: Wait a while, so that Matrix Authentication Service can start + ansible.builtin.pause: + seconds: 7 + when: matrix_authentication_service_start_result.changed | bool + +- name: Register user + ansible.builtin.command: + cmd: "{{ matrix_authentication_service_bin_path }}/register-user {{ username | quote }} {{ password | quote }} {{ '1' if admin == 'yes' else '0' }}" + register: matrix_authentication_service_register_user_result + changed_when: matrix_authentication_service_register_user_result.rc == 0 diff --git a/roles/custom/matrix-authentication-service/tasks/syn2mas.yml b/roles/custom/matrix-authentication-service/tasks/syn2mas.yml new file mode 100644 index 000000000..dd1c2f9c6 --- /dev/null +++ b/roles/custom/matrix-authentication-service/tasks/syn2mas.yml @@ -0,0 +1,137 @@ +--- + +- set_fact: + matrix_authentication_service_syn2mas_dry_run: "{{ matrix_authentication_service_syn2mas_dry_run | bool }}" + +- name: Abort, if not using Synapse + when: not matrix_synapse_enabled | bool + ansible.builtin.fail: + msg: |- + You can only use syn2mas to migrate from Synapse to Matrix Authentication Service. + Other homeserver implementations are not supported. + +- name: Fail if required matrix-authentication-service syn2mas settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item.name }}`). + when: "item.when | bool and vars[item.name] | length == 0" + with_items: + - {'name': 'matrix_authentication_service_syn2mas_synapse_homeserver_config_path', when: true} + +- name: Check if Synapse homeserver config file exists + ansible.builtin.stat: + path: "{{ matrix_authentication_service_syn2mas_synapse_homeserver_config_path }}" + register: matrix_authentication_service_syn2mas_synapse_config_stat + +- name: Fail if Synapse homeserver config file does not exist + ansible.builtin.fail: + msg: "The Synapse homeserver config file does not exist at the specified path: {{ matrix_authentication_service_syn2mas_synapse_homeserver_config_path }}" + when: not matrix_authentication_service_syn2mas_synapse_config_stat.stat.exists + +- name: Ensure Matrix Authentication Service syn2mas container image is pulled + community.docker.docker_image: + name: "{{ matrix_authentication_service_syn2mas_container_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_authentication_service_syn2mas_container_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_authentication_service_syn2mas_container_image_force_pull }}" + when: "not matrix_authentication_service_syn2mas_container_image_self_build | bool" + register: result + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" + until: result is not failed + +- when: "matrix_authentication_service_syn2mas_container_image_self_build | bool" + block: + - name: Ensure Matrix Authentication Service repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_authentication_service_container_repo }}" + version: "{{ matrix_authentication_service_container_repo_version }}" + dest: "{{ matrix_authentication_service_container_src_files_path }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_authentication_service_git_pull_results + + - name: Ensure Matrix Authentication Service syn2mas container image is built + ansible.builtin.command: + cmd: |- + {{ devture_systemd_docker_base_host_command_docker }} buildx build + --tag={{ matrix_authentication_service_syn2mas_container_image }} + --file={{ matrix_authentication_service_container_src_files_path }}/tools/syn2mas/Dockerfile + {{ matrix_authentication_service_container_src_files_path }}/tools/syn2mas + changed_when: true + +- name: Ensure Synapse is stopped + when: not matrix_authentication_service_syn2mas_dry_run | bool + ansible.builtin.service: + name: matrix-synapse + state: stopped + daemon_reload: true + register: matrix_authentication_service_synapse_ensure_stopped_result + +# We probably don't necessarily need to stop this, because: +# - the upstream docs don't say we should. +# - while a migration is in progress (see `matrix_authentication_service_migration_in_progress`), +# we don't even add compatibility layer labels, so MAS would not be used anyway. +# +# Still, it's probably safer to stop it anyway. +- name: Ensure Matrix Authentication Service is stopped + ansible.builtin.service: + name: matrix-authentication-service + state: stopped + register: matrix_authentication_service_mas_ensure_stopped_result + +- name: Generate syn2mas migration command + ansible.builtin.set_fact: + matrix_authentication_service_syn2mas_migration_command: >- + {{ devture_systemd_docker_base_host_command_docker }} run + --rm + --name=matrix-authentication-service-syn2mas + --log-driver=none + --user={{ matrix_authentication_service_uid }}:{{ matrix_authentication_service_gid }} + --cap-drop=ALL + --network={{ matrix_authentication_service_syn2mas_container_network }} + --mount type=bind,src={{ matrix_authentication_service_syn2mas_synapse_homeserver_config_path }},dst=/homeserver.yaml,ro + --mount type=bind,src={{ matrix_authentication_service_config_path }}/config.yaml,dst=/mas-config.yaml,ro + {{ matrix_authentication_service_syn2mas_container_image }} + --command=migrate + --synapseConfigFile=/homeserver.yaml + --masConfigFile=/mas-config.yaml + {% if matrix_authentication_service_syn2mas_dry_run | bool %}--dryRun{% endif %} + tags: + - skip_ansible_lint + +# This is a hack. +# See: https://ansibledaily.com/print-to-standard-output-without-escaping/ +# +# We want to run `debug: msg=".."`, but that dumps it as JSON and escapes double quotes within it, +# which ruins the command (`matrix_authentication_service_syn2mas_migration_command`) +- name: Note about syn2mas migration + ansible.builtin.set_fact: + dummy: true + with_items: + - >- + Running syn2mas migration using the following command: `{{ matrix_authentication_service_syn2mas_migration_command }}`. + If this crashes, you can stop Synapse (`systemctl stop matrix-synapse`) and run the command manually. + +- name: Perform syn2mas migration + ansible.builtin.command: + cmd: "{{ matrix_authentication_service_syn2mas_migration_command }}" + register: matrix_authentication_service_syn2mas_migration_command_result + changed_when: matrix_authentication_service_syn2mas_migration_command_result.rc == 0 + +- name: Print syn2mas migration command result + ansible.builtin.debug: + var: matrix_authentication_service_syn2mas_migration_command_result + +- when: "not matrix_authentication_service_syn2mas_dry_run and matrix_authentication_service_synapse_ensure_stopped_result.changed" + name: Ensure Synapse is started (if it previously was) + ansible.builtin.service: + name: matrix-synapse + state: started + +- when: "not matrix_authentication_service_syn2mas_dry_run and matrix_authentication_service_mas_ensure_stopped_result.changed" + name: Ensure Matrix Authentication Service is started (if it previously was) + ansible.builtin.service: + name: matrix-authentication-service + state: started diff --git a/roles/custom/matrix-authentication-service/tasks/uninstall.yml b/roles/custom/matrix-authentication-service/tasks/uninstall.yml new file mode 100644 index 000000000..e7e0dfe43 --- /dev/null +++ b/roles/custom/matrix-authentication-service/tasks/uninstall.yml @@ -0,0 +1,25 @@ +--- + +- name: Check existence of matrix-authentication-service service + ansible.builtin.stat: + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-authentication-service.service" + register: matrix_authentication_service_service_stat + +- when: matrix_authentication_service_service_stat.stat.exists | bool + block: + - name: Ensure matrix-authentication-service is stopped + ansible.builtin.service: + name: matrix-authentication-service + state: stopped + enabled: false + daemon_reload: true + + - name: Ensure matrix-authentication-service.service doesn't exist + ansible.builtin.file: + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-authentication-service.service" + state: absent + + - name: Ensure Matrix Authentication Service paths don't exist + ansible.builtin.file: + path: "{{ matrix_authentication_service_base_path }}" + state: absent diff --git a/roles/custom/matrix-authentication-service/tasks/util/prepare_key.yml b/roles/custom/matrix-authentication-service/tasks/util/prepare_key.yml new file mode 100644 index 000000000..54e872ea3 --- /dev/null +++ b/roles/custom/matrix-authentication-service/tasks/util/prepare_key.yml @@ -0,0 +1,10 @@ +- name: Prepare Matrix Authentication Service private key file path ({{ private_key_definition.key_file }}) + ansible.builtin.set_fact: + matrix_authentication_service_private_key_file_path: "{{ matrix_authentication_service_data_keys_path }}/{{ private_key_definition.key_file }}" + +- name: Prepare Matrix Authentication Service private key file ({{ private_key_definition.key_file }}) + ansible.builtin.command: + cmd: "{{ private_key_definition.generation_command | replace('__KEY_FILE_PATH__', matrix_authentication_service_private_key_file_path) }}" + creates: "{{ matrix_authentication_service_private_key_file_path }}" + become: true + become_user: "{{ matrix_user_username }}" diff --git a/roles/custom/matrix-authentication-service/tasks/validate_config.yml b/roles/custom/matrix-authentication-service/tasks/validate_config.yml new file mode 100644 index 000000000..70cf3662d --- /dev/null +++ b/roles/custom/matrix-authentication-service/tasks/validate_config.yml @@ -0,0 +1,31 @@ +--- + +- name: Fail if required matrix-authentication-service settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item.name }}`). + when: "item.when | bool and vars[item.name] | length == 0" + with_items: + - {'name': 'matrix_authentication_service_hostname', when: true} + - {'name': 'matrix_authentication_service_config_database_username', when: true} + - {'name': 'matrix_authentication_service_config_database_password', when: true} + - {'name': 'matrix_authentication_service_config_database_host', when: true} + - {'name': 'matrix_authentication_service_config_database_database', when: true} + - {'name': 'matrix_authentication_service_config_secrets_encryption', when: true} + - {'name': 'matrix_authentication_service_config_matrix_homeserver', when: true} + - {'name': 'matrix_authentication_service_config_matrix_secret', when: true} + - {'name': 'matrix_authentication_service_config_matrix_endpoint', when: true} + - {'name': 'matrix_authentication_service_container_labels_public_main_hostname', when: "{{ matrix_authentication_service_container_labels_traefik_enabled }}"} + - {'name': 'matrix_authentication_service_container_labels_public_compatibility_layer_hostname', when: "{{ matrix_authentication_service_container_labels_public_compatibility_layer_enabled }}"} + - {'name': 'matrix_authentication_service_container_labels_internal_compatibility_layer_entrypoints', when: "{{ matrix_authentication_service_container_labels_internal_compatibility_layer_enabled }}"} + - {'name': 'matrix_authentication_service_config_email_hostname', when: "{{ matrix_authentication_service_config_email_transport == 'smtp' }}"} + +- name: Fail if matrix_authentication_service_config_secrets_encryption is not 64 characters long + ansible.builtin.fail: + msg: "matrix_authentication_service_config_secrets_encryption must be exactly 64 characters long (preferably generated via `openssl rand -hex 32`)" + when: "matrix_authentication_service_config_secrets_encryption | length != 64" + +- name: Fail if matrix_authentication_service_config_email_transport is invalid + ansible.builtin.fail: + msg: "matrix_authentication_service_config_email_transport must be one of: blackhole, smtp, or aws_ses" + when: "matrix_authentication_service_config_email_transport not in ['blackhole', 'smtp', 'aws_ses']" diff --git a/roles/custom/matrix-authentication-service/templates/bin/mas-cli.j2 b/roles/custom/matrix-authentication-service/templates/bin/mas-cli.j2 new file mode 100644 index 000000000..d4d1d9c1e --- /dev/null +++ b/roles/custom/matrix-authentication-service/templates/bin/mas-cli.j2 @@ -0,0 +1,16 @@ +#jinja2: lstrip_blocks: "True" +#!/bin/bash + +args=$@ + +if [ $# -eq 0 ]; then + args="help" +fi + +if [ -t 0 ]; then + tty_option="-it" +else + tty_option="" +fi + +{{ devture_systemd_docker_base_host_command_docker }} exec $tty_option matrix-authentication-service mas-cli $args diff --git a/roles/custom/matrix-authentication-service/templates/bin/register-user.j2 b/roles/custom/matrix-authentication-service/templates/bin/register-user.j2 new file mode 100644 index 000000000..54d60e8b9 --- /dev/null +++ b/roles/custom/matrix-authentication-service/templates/bin/register-user.j2 @@ -0,0 +1,17 @@ +#jinja2: lstrip_blocks: "True" +#!/bin/bash + +if [ $# -ne 3 ]; then + echo "Usage: "$0" " + exit 1 +fi + +user=$1 +password=$2 +admin=$3 + +if [ "$admin" -eq "1" ]; then + {{ devture_systemd_docker_base_host_command_docker }} exec matrix-authentication-service mas-cli manage register-user --yes -p "$password" --admin "$user" +else + {{ devture_systemd_docker_base_host_command_docker }} exec matrix-authentication-service mas-cli manage register-user --yes -p "$password" --no-admin "$user" +fi diff --git a/roles/custom/matrix-authentication-service/templates/config.yaml.j2 b/roles/custom/matrix-authentication-service/templates/config.yaml.j2 new file mode 100644 index 000000000..f53b3c94c --- /dev/null +++ b/roles/custom/matrix-authentication-service/templates/config.yaml.j2 @@ -0,0 +1,82 @@ +#jinja2: lstrip_blocks: "True" +http: + listeners: + - name: web + resources: + - name: discovery + - name: human + - name: oauth + - name: compat + - name: graphql + - name: assets + binds: + - address: '[::]:8080' + proxy_protocol: false + prefix: {{ matrix_authentication_service_path_prefix }} + - name: internal + resources: + - name: health + binds: + - host: localhost + port: 8081 + proxy_protocol: false + prefix: {{ matrix_authentication_service_path_prefix }} + trusted_proxies: {{ matrix_authentication_service_config_http_trusted_proxies | to_json }} + public_base: {{ matrix_authentication_service_config_http_public_base | to_json }} + issuer: {{ matrix_authentication_service_config_http_issuer | to_json }} + +database: + host: {{ matrix_authentication_service_config_database_host | to_json }} + port: {{ matrix_authentication_service_config_database_port | to_json }} + username: {{ matrix_authentication_service_config_database_username | to_json }} + password: {{ matrix_authentication_service_config_database_password | to_json }} + database: {{ matrix_authentication_service_config_database_database | to_json }} + ssl_mode: {{ matrix_authentication_service_config_database_ssl_mode | to_json }} + max_connections: {{ matrix_authentication_service_config_database_max_connections | to_json }} + min_connections: {{ matrix_authentication_service_config_database_min_connections | to_json }} + connect_timeout: {{ matrix_authentication_service_config_database_connect_timeout | to_json }} + idle_timeout: {{ matrix_authentication_service_config_database_idle_timeout | to_json }} + max_lifetime: {{ matrix_authentication_service_config_database_max_lifetime | to_json }} + +email: + from: {{ matrix_authentication_service_config_email_from | to_json }} + reply_to: {{ matrix_authentication_service_config_email_reply_to | to_json }} + transport: {{ matrix_authentication_service_config_email_transport | to_json }} + {% if matrix_authentication_service_config_email_transport == 'smtp' %} + mode: {{ matrix_authentication_service_config_email_mode | to_json }} + hostname: {{ matrix_authentication_service_config_email_hostname | to_json }} + port: {{ matrix_authentication_service_config_email_port | int | to_json }} + {% if matrix_authentication_service_config_email_username %} + username: {{ matrix_authentication_service_config_email_username | to_json }} + {% endif %} + {% if matrix_authentication_service_config_email_password %} + password: {{ matrix_authentication_service_config_email_password | to_json }} + {% endif %} + {% endif %} +secrets: + encryption: {{ matrix_authentication_service_config_secrets_encryption | to_json }} + keys: {{ matrix_authentication_service_config_secrets_keys | to_json }} + +passwords: + enabled: {{ matrix_authentication_service_config_passwords_enabled | to_json }} + schemes: {{ matrix_authentication_service_config_passwords_schemes | to_json }} + minimum_complexity: {{ matrix_authentication_service_config_passwords_minimum_complexity | to_json }} + +matrix: + homeserver: {{ matrix_authentication_service_config_matrix_homeserver | to_json }} + secret: {{ matrix_authentication_service_config_matrix_secret | to_json }} + endpoint: {{ matrix_authentication_service_config_matrix_endpoint | to_json }} + +account: + email_change_allowed: {{ matrix_authentication_service_config_account_email_change_allowed | to_json }} + displayname_change_allowed: {{ matrix_authentication_service_config_account_displayname_change_allowed | to_json }} + password_registration_enabled: {{ matrix_authentication_service_config_account_password_registration_enabled | to_json }} + password_change_allowed: {{ matrix_authentication_service_config_account_password_change_allowed | to_json }} + password_recovery_enabled: {{ matrix_authentication_service_config_account_password_recovery_enabled | to_json }} + +clients: {{ matrix_authentication_service_config_clients | to_json }} + +{% if matrix_authentication_service_config_upstream_oauth2_providers | length > 0 %} +upstream_oauth2: + providers: {{ matrix_authentication_service_config_upstream_oauth2_providers | to_json }} +{% endif %} diff --git a/roles/custom/matrix-authentication-service/templates/env.j2 b/roles/custom/matrix-authentication-service/templates/env.j2 new file mode 100644 index 000000000..80c4290de --- /dev/null +++ b/roles/custom/matrix-authentication-service/templates/env.j2 @@ -0,0 +1 @@ +{{ matrix_authentication_service_environment_variables_extension }} diff --git a/roles/custom/matrix-authentication-service/templates/labels.j2 b/roles/custom/matrix-authentication-service/templates/labels.j2 new file mode 100644 index 000000000..461c7abd7 --- /dev/null +++ b/roles/custom/matrix-authentication-service/templates/labels.j2 @@ -0,0 +1,134 @@ +{% if matrix_authentication_service_container_labels_traefik_enabled %} +traefik.enable=true + +{% if matrix_authentication_service_container_labels_traefik_docker_network %} +traefik.docker.network={{ matrix_authentication_service_container_labels_traefik_docker_network }} +{% endif %} + +traefik.http.services.matrix-authentication-service.loadbalancer.server.port=8080 + +######################################################################################## +# # +# Public Main # +# # +######################################################################################## + +{% set main_middlewares = [] %} + +{% if matrix_authentication_service_container_labels_public_main_path_prefix != '/' %} +traefik.http.middlewares.matrix-authentication-service-slashless-redirect.redirectregex.regex=({{ matrix_authentication_service_container_labels_public_main_path_prefix | quote }})$ +traefik.http.middlewares.matrix-authentication-service-slashless-redirect.redirectregex.replacement=${1}/ +{% set main_middlewares = main_middlewares + ['matrix-authentication-service-slashless-redirect'] %} +{% endif %} + +{% if matrix_authentication_service_container_labels_traefik_additional_response_headers.keys() | length > 0 %} +{% for name, value in matrix_authentication_service_container_labels_traefik_additional_response_headers.items() %} +traefik.http.middlewares.matrix-authentication-service-add-headers.headers.customresponseheaders.{{ name }}={{ value }} +{% endfor %} +{% set main_middlewares = main_middlewares + ['matrix-authentication-service-add-headers'] %} +{% endif %} + +traefik.http.routers.matrix-authentication-service.rule={{ matrix_authentication_service_container_labels_public_main_rule }} + +{% if matrix_authentication_service_container_labels_public_main_priority | int > 0 %} +traefik.http.routers.matrix-authentication-service.priority={{ matrix_authentication_service_container_labels_public_main_priority }} +{% endif %} + +traefik.http.routers.matrix-authentication-service.service=matrix-authentication-service + +{% if main_middlewares | length > 0 %} +traefik.http.routers.matrix-authentication-service.middlewares={{ main_middlewares | join(',') }} +{% endif %} + +traefik.http.routers.matrix-authentication-service.entrypoints={{ matrix_authentication_service_container_labels_public_main_entrypoints }} +traefik.http.routers.matrix-authentication-service.tls={{ matrix_authentication_service_container_labels_public_main_tls | to_json }} +{% if matrix_authentication_service_container_labels_public_main_tls %} +traefik.http.routers.matrix-authentication-service.tls.certResolver={{ matrix_authentication_service_container_labels_public_main_tls_certResolver }} +{% endif %} + +######################################################################################## +# # +# /Public Main # +# # +######################################################################################## + +{% if matrix_authentication_service_container_labels_public_compatibility_layer_enabled %} +######################################################################################## +# # +# Public Compatibility Layer # +# # +######################################################################################## + +{% set compatibility_layer_middlewares = [] %} + +{% if matrix_authentication_service_container_labels_public_main_path_prefix != '/' %} +traefik.http.middlewares.matrix-authentication-service-add-prefix.addprefix.prefix={{ matrix_authentication_service_container_labels_public_main_path_prefix }} +{% set compatibility_layer_middlewares = compatibility_layer_middlewares + ['matrix-authentication-service-add-prefix'] %} +{% endif %} + +traefik.http.routers._internalmatrix-authentication-service-public-compatibility-layer.rule={{ matrix_authentication_service_container_labels_public_compatibility_layer_rule }} + +{% if matrix_authentication_service_container_labels_public_compatibility_layer_priority | int > 0 %} +traefik.http.routers._internalmatrix-authentication-service-public-compatibility-layer.priority={{ matrix_authentication_service_container_labels_public_compatibility_layer_priority }} +{% endif %} + +traefik.http.routers._internalmatrix-authentication-service-public-compatibility-layer.service=matrix-authentication-service + +{% if compatibility_layer_middlewares | length > 0 %} +traefik.http.routers._internalmatrix-authentication-service-public-compatibility-layer.middlewares={{ compatibility_layer_middlewares | join(',') }} +{% endif %} + +traefik.http.routers._internalmatrix-authentication-service-public-compatibility-layer.entrypoints={{ matrix_authentication_service_container_labels_public_compatibility_layer_entrypoints }} + +traefik.http.routers._internalmatrix-authentication-service-public-compatibility-layer.tls={{ matrix_authentication_service_container_labels_public_compatibility_layer_tls | to_json }} +{% if matrix_authentication_service_container_labels_public_compatibility_layer_tls %} +traefik.http.routers._internalmatrix-authentication-service-public-compatibility-layer.tls.certResolver={{ matrix_authentication_service_container_labels_public_compatibility_layer_tls_certResolver }} +{% endif %} + +######################################################################################## +# # +# /Public Compatibility Layer # +# # +######################################################################################## +{% endif %} + + +{% if matrix_authentication_service_container_labels_internal_compatibility_layer_enabled %} +######################################################################################## +# # +# Internal Compatibility Layer # +# # +######################################################################################## + +{% set compatibility_layer_middlewares = [] %} + +{% if matrix_authentication_service_container_labels_public_main_path_prefix != '/' %} +traefik.http.middlewares.matrix-authentication-service-add-prefix.addprefix.prefix={{ matrix_authentication_service_container_labels_public_main_path_prefix }} +{% set compatibility_layer_middlewares = compatibility_layer_middlewares + ['matrix-authentication-service-add-prefix'] %} +{% endif %} + +traefik.http.routers._internalmatrix-authentication-service-internal-compatibility-layer.rule={{ matrix_authentication_service_container_labels_internal_compatibility_layer_rule }} + +{% if matrix_authentication_service_container_labels_internal_compatibility_layer_priority | int > 0 %} +traefik.http.routers._internalmatrix-authentication-service-internal-compatibility-layer.priority={{ matrix_authentication_service_container_labels_internal_compatibility_layer_priority }} +{% endif %} + +traefik.http.routers._internalmatrix-authentication-service-internal-compatibility-layer.service=matrix-authentication-service + +{% if compatibility_layer_middlewares | length > 0 %} +traefik.http.routers._internalmatrix-authentication-service-internal-compatibility-layer.middlewares={{ compatibility_layer_middlewares | join(',') }} +{% endif %} + +traefik.http.routers._internalmatrix-authentication-service-internal-compatibility-layer.entrypoints={{ matrix_authentication_service_container_labels_internal_compatibility_layer_entrypoints }} + +######################################################################################## +# # +# /Internal Compatibility Layer # +# # +######################################################################################## +{% endif %} + + +{% endif %} + +{{ matrix_authentication_service_container_labels_additional_labels }} diff --git a/roles/custom/matrix-authentication-service/templates/provider/anthropic-config.yml.j2 b/roles/custom/matrix-authentication-service/templates/provider/anthropic-config.yml.j2 new file mode 100644 index 000000000..f1a23ac5a --- /dev/null +++ b/roles/custom/matrix-authentication-service/templates/provider/anthropic-config.yml.j2 @@ -0,0 +1,13 @@ +#jinja2: lstrip_blocks: "True" +base_url: {{ matrix_authentication_service_config_agents_static_definitions_anthropic_config_base_url | to_json }} + +api_key: {{ matrix_authentication_service_config_agents_static_definitions_anthropic_config_api_key | to_json }} + +{% if matrix_authentication_service_config_agents_static_definitions_anthropic_config_text_generation_enabled %} +text_generation: + model_id: {{ matrix_authentication_service_config_agents_static_definitions_anthropic_config_text_generation_model_id | to_json }} + prompt: {{ matrix_authentication_service_config_agents_static_definitions_anthropic_config_text_generation_prompt | to_json }} + temperature: {{ matrix_authentication_service_config_agents_static_definitions_anthropic_config_text_generation_temperature | to_json }} + max_response_tokens: {{ matrix_authentication_service_config_agents_static_definitions_anthropic_config_text_generation_max_response_tokens | int | to_json }} + max_context_tokens: {{ matrix_authentication_service_config_agents_static_definitions_anthropic_config_text_generation_max_context_tokens | int | to_json }} +{% endif %} diff --git a/roles/custom/matrix-authentication-service/templates/provider/groq-config.yml.j2 b/roles/custom/matrix-authentication-service/templates/provider/groq-config.yml.j2 new file mode 100644 index 000000000..c1c381ca3 --- /dev/null +++ b/roles/custom/matrix-authentication-service/templates/provider/groq-config.yml.j2 @@ -0,0 +1,18 @@ +#jinja2: lstrip_blocks: "True" +base_url: {{ matrix_authentication_service_config_agents_static_definitions_groq_config_base_url | to_json }} + +api_key: {{ matrix_authentication_service_config_agents_static_definitions_groq_config_api_key | to_json }} + +{% if matrix_authentication_service_config_agents_static_definitions_groq_config_text_generation_enabled %} +text_generation: + model_id: {{ matrix_authentication_service_config_agents_static_definitions_groq_config_text_generation_model_id | to_json }} + prompt: {{ matrix_authentication_service_config_agents_static_definitions_groq_config_text_generation_prompt | to_json }} + temperature: {{ matrix_authentication_service_config_agents_static_definitions_groq_config_text_generation_temperature | to_json }} + max_response_tokens: {{ matrix_authentication_service_config_agents_static_definitions_groq_config_text_generation_max_response_tokens | int | to_json }} + max_context_tokens: {{ matrix_authentication_service_config_agents_static_definitions_groq_config_text_generation_max_context_tokens | int | to_json }} +{% endif %} + +{% if matrix_authentication_service_config_agents_static_definitions_groq_config_speech_to_text_enabled %} +speech_to_text: + model_id: {{ matrix_authentication_service_config_agents_static_definitions_groq_config_speech_to_text_model_id | to_json }} +{% endif %} diff --git a/roles/custom/matrix-authentication-service/templates/provider/mistral-config.yml.j2 b/roles/custom/matrix-authentication-service/templates/provider/mistral-config.yml.j2 new file mode 100644 index 000000000..5843ba4d6 --- /dev/null +++ b/roles/custom/matrix-authentication-service/templates/provider/mistral-config.yml.j2 @@ -0,0 +1,13 @@ +#jinja2: lstrip_blocks: "True" +base_url: {{ matrix_authentication_service_config_agents_static_definitions_mistral_config_base_url | to_json }} + +api_key: {{ matrix_authentication_service_config_agents_static_definitions_mistral_config_api_key | to_json }} + +{% if matrix_authentication_service_config_agents_static_definitions_mistral_config_text_generation_enabled %} +text_generation: + model_id: {{ matrix_authentication_service_config_agents_static_definitions_mistral_config_text_generation_model_id | to_json }} + prompt: {{ matrix_authentication_service_config_agents_static_definitions_mistral_config_text_generation_prompt | to_json }} + temperature: {{ matrix_authentication_service_config_agents_static_definitions_mistral_config_text_generation_temperature | to_json }} + max_response_tokens: {{ matrix_authentication_service_config_agents_static_definitions_mistral_config_text_generation_max_response_tokens | int | to_json }} + max_context_tokens: {{ matrix_authentication_service_config_agents_static_definitions_mistral_config_text_generation_max_context_tokens | int | to_json }} +{% endif %} diff --git a/roles/custom/matrix-authentication-service/templates/provider/openai-config.yml.j2 b/roles/custom/matrix-authentication-service/templates/provider/openai-config.yml.j2 new file mode 100644 index 000000000..fcc462d1b --- /dev/null +++ b/roles/custom/matrix-authentication-service/templates/provider/openai-config.yml.j2 @@ -0,0 +1,33 @@ +#jinja2: lstrip_blocks: "True" +base_url: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_base_url | to_json }} + +api_key: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_api_key | to_json }} + +{% if matrix_authentication_service_config_agents_static_definitions_openai_config_text_generation_enabled %} +text_generation: + model_id: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_text_generation_model_id | to_json }} + prompt: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_text_generation_prompt | to_json }} + temperature: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_text_generation_temperature | to_json }} + max_response_tokens: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_text_generation_max_response_tokens | int | to_json }} + max_context_tokens: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_text_generation_max_context_tokens | int | to_json }} +{% endif %} + +{% if matrix_authentication_service_config_agents_static_definitions_openai_config_speech_to_text_enabled %} +speech_to_text: + model_id: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_speech_to_text_model_id | to_json }} +{% endif %} + +{% if matrix_authentication_service_config_agents_static_definitions_openai_config_text_to_speech_enabled %} +text_to_speech: + model_id: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_text_to_speech_model_id | to_json }} + voice: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_text_to_speech_voice | to_json }} + speed: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_text_to_speech_speed | float }} + response_format: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_text_to_speech_response_format | to_json }} +{% endif %} + +{% if matrix_authentication_service_config_agents_static_definitions_openai_config_image_generation_enabled %} +image_generation: + model_id: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_image_generation_model_id | to_json }} + style: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_image_generation_style | to_json }} + size: {{ matrix_authentication_service_config_agents_static_definitions_openai_config_image_generation_size | to_json }} +{% endif %} diff --git a/roles/custom/matrix-authentication-service/templates/systemd/matrix-authentication-service.service.j2 b/roles/custom/matrix-authentication-service/templates/systemd/matrix-authentication-service.service.j2 new file mode 100644 index 000000000..c8b487138 --- /dev/null +++ b/roles/custom/matrix-authentication-service/templates/systemd/matrix-authentication-service.service.j2 @@ -0,0 +1,49 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Matrix Authentication Service +{% for service in matrix_authentication_service_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_authentication_service_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-authentication-service 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-authentication-service 2>/dev/null || true' + +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \ + --rm \ + --name=matrix-authentication-service \ + --log-driver=none \ + --user={{ matrix_authentication_service_uid }}:{{ matrix_authentication_service_gid }} \ + --cap-drop=ALL \ + --read-only \ + --network={{ matrix_authentication_service_container_network }} \ + --env-file={{ matrix_authentication_service_config_path }}/env \ + --label-file={{ matrix_authentication_service_config_path }}/labels \ + --mount type=bind,src={{ matrix_authentication_service_config_path }}/config.yaml,dst=/config.yaml,ro \ + --mount type=bind,src={{ matrix_authentication_service_data_keys_path }},dst=/keys,ro \ + {% for arg in matrix_authentication_service_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_authentication_service_container_image }} + +{% for network in matrix_authentication_service_container_additional_networks %} +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-authentication-service +{% endfor %} + +ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-authentication-service + +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-authentication-service 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-authentication-service 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-authentication-service + +[Install] +WantedBy=multi-user.target diff --git a/roles/custom/matrix-authentication-service/vars/main.yml b/roles/custom/matrix-authentication-service/vars/main.yml new file mode 100644 index 000000000..4bedfdbfc --- /dev/null +++ b/roles/custom/matrix-authentication-service/vars/main.yml @@ -0,0 +1,6 @@ +--- + +# Like `matrix_authentication_service_config_http_public_base` but a private base URL only accessible from within the container network. +matrix_authentication_service_http_base_container_url: "http://matrix-authentication-service:8080{{ '/' if matrix_authentication_service_path_prefix == '/' else (matrix_authentication_service_path_prefix + '/') }}" + +matrix_authentication_service_account_management_url: "{{ matrix_authentication_service_config_http_public_base }}account" diff --git a/roles/custom/matrix-static-files/defaults/main.yml b/roles/custom/matrix-static-files/defaults/main.yml index d63a8c2cb..43cb4e967 100644 --- a/roles/custom/matrix-static-files/defaults/main.yml +++ b/roles/custom/matrix-static-files/defaults/main.yml @@ -145,6 +145,13 @@ matrix_static_files_file_matrix_client_property_m_integrations_managers_ui_url: # See: https://github.com/element-hq/element-web/blob/develop/docs/jitsi.md#configuring-element-to-use-your-self-hosted-jitsi-server matrix_static_files_file_matrix_client_property_io_element_jitsi_preferred_domain: "" +# Controls if the org.matrix.msc3575.authentication section of the /.well-known/matrix/client file is enabled. +matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_enabled: false +# Controls the org.matrix.msc2965.authentication/issuer property in the /.well-known/matrix/client file +matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_issuer: "" +# Controls the org.matrix.msc2965.authentication/account property in the /.well-known/matrix/client file +matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_account: "" + # Controls the org.matrix.msc3575.proxy/url (sliding sync) property in the /.well-known/matrix/client file matrix_static_files_file_matrix_client_property_org_matrix_msc3575_proxy_url: "" diff --git a/roles/custom/matrix-static-files/tasks/validate_config.yml b/roles/custom/matrix-static-files/tasks/validate_config.yml index ca079d029..9a590ea06 100644 --- a/roles/custom/matrix-static-files/tasks/validate_config.yml +++ b/roles/custom/matrix-static-files/tasks/validate_config.yml @@ -4,7 +4,7 @@ ansible.builtin.fail: msg: >- You need to define a required configuration setting (`{{ item.name }}`). - when: "item.when | bool and vars[item.name] == ''" + when: "item.when | bool and vars[item.name] | length == 0" with_items: - {'name': 'matrix_static_files_container_labels_well_known_matrix_endpoint_traefik_hostname', when: "{{ matrix_static_files_container_labels_well_known_matrix_endpoint_enabled }}"} - {'name': 'matrix_static_files_container_labels_well_known_matrix_endpoint_traefik_path_prefix', when: "{{ matrix_static_files_container_labels_well_known_matrix_endpoint_enabled }}"} @@ -13,3 +13,6 @@ - {'name': 'matrix_static_files_container_labels_base_domain_traefik_path_prefix', when: "{{ matrix_static_files_container_labels_base_domain_enabled }}"} - {'name': 'matrix_static_files_container_labels_base_domain_root_path_redirection_url', when: "{{ matrix_static_files_container_labels_base_domain_enabled and matrix_static_files_container_labels_base_domain_root_path_redirection_enabled }}"} + + - {'name': 'matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_issuer', when: "{{ matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_enabled and matrix_static_files_container_labels_base_domain_root_path_redirection_enabled }}"} + - {'name': 'matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_account', when: "{{ matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_enabled and matrix_static_files_container_labels_base_domain_root_path_redirection_enabled }}"} diff --git a/roles/custom/matrix-static-files/templates/public/.well-known/matrix/client.j2 b/roles/custom/matrix-static-files/templates/public/.well-known/matrix/client.j2 index 5a3deb6a2..99ed488fe 100644 --- a/roles/custom/matrix-static-files/templates/public/.well-known/matrix/client.j2 +++ b/roles/custom/matrix-static-files/templates/public/.well-known/matrix/client.j2 @@ -30,6 +30,12 @@ "url": "{{ matrix_static_files_file_matrix_client_property_org_matrix_msc3575_proxy_url }}" } {% endif %} + {% if matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_enabled %}, + "org.matrix.msc2965.authentication": { + "issuer": {{ matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_issuer | to_json }}, + "account": {{ matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authentication_account | to_json }} + } + {% endif %} {% if matrix_static_files_file_matrix_client_property_m_tile_server_entries_enabled %}, "m.tile_server": { "map_style_url": "{{ matrix_static_files_file_matrix_client_property_m_tile_server_map_style_url }}" diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 7948dd709..4f61886a4 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -1129,6 +1129,61 @@ matrix_synapse_email_client_base_url: "{{ 'https' if matrix_playbook_ssl_enabled matrix_synapse_email_invite_client_location: "https://app.element.io" +################################################################################ +# +# Next-generation auth for Matrix, based on OAuth 2.0/OIDC +# +################################################################################ + +# Controls whether to enable the "Next-generation auth for Matrix, based on OAuth 2.0/OIDC" experimental feature. +# +# See: +# - https://matrix.org/blog/2023/09/better-auth/ +# - https://github.com/matrix-org/matrix-spec-proposals/pull/3861 +matrix_synapse_experimental_features_msc3861_enabled: false + +# Specifies the issuer URL for the OAuth 2.0/OIDC authentication provider. +# +# This can be set to a private (container) URL. +# +# Example: https://matrix.example.com/auth/ +matrix_synapse_experimental_features_msc3861_issuer: '' + +# Specifies the introspection endpoint URL for the OAuth 2.0/OIDC authentication provider. +# +# This can be set to a private (container) URL. +# +# If this is left empty, `{issuer}/.well-known/openid-configuration` will be fetched and the `introspection_endpoint` will be extracted from there. +# We define it explicitly, because this allows us to override it and use an internal (container network) URL instead of using the public one. +# Avoiding public addresses is an optimization that decreases overhead due to public networking and SSL termination. +# +# Example: https://matrix.example.com/auth/oauth2/introspect +matrix_synapse_experimental_features_msc3861_introspection_endpoint: "{{ matrix_synapse_experimental_features_msc3861_issuer + 'oauth2/introspect' }}" + +# A unique identifier for the client. +# +# It must be a valid ULID (https://github.com/ulid/spec), +# and it happens that 0000000000000000000SYNAPSE is a valid ULID. +matrix_synapse_experimental_features_msc3861_client_id: '0000000000000000000SYNAPSE' + +matrix_synapse_experimental_features_msc3861_client_auth_method: client_secret_basic + +matrix_synapse_experimental_features_msc3861_client_secret: '' + +# A token that can be used to make admin API calls. +# Matches `matrix.secret` in the matrix-authentication-service config +matrix_synapse_experimental_features_msc3861_admin_token: '' + +# URL to advertise to clients where users can self-manage their account. +matrix_synapse_experimental_features_msc3861_account_management_url: '' + +################################################################################ +# +# /Next-generation auth for Matrix, based on OAuth 2.0/OIDC +# +################################################################################ + + # Enable this to activate the REST auth password provider module. # See: https://github.com/ma1uta/matrix-synapse-rest-password-provider matrix_synapse_ext_password_provider_rest_auth_enabled: false @@ -1406,3 +1461,8 @@ matrix_synapse_configuration_extension: "{{ matrix_synapse_configuration_extensi # Holds the final Synapse configuration (a combination of the default and its extension). # You most likely don't need to touch this variable. Instead, see `matrix_synapse_configuration_yaml`. matrix_synapse_configuration: "{{ matrix_synapse_configuration_yaml | from_yaml | combine(matrix_synapse_configuration_extension, recursive=True) }}" + +# Holds the path to the register-user script provided by the Matrix Authentication Service. +# When the Matrix Authentication Service is enabled, the register-user script from this role cannot be used +# and users will be pointed to the one provided by Matrix Authentication Service. +matrix_synapse_register_user_script_matrix_authentication_service_path: "" diff --git a/roles/custom/matrix-synapse/tasks/main.yml b/roles/custom/matrix-synapse/tasks/main.yml index 2a8a00942..8bdf05e84 100644 --- a/roles/custom/matrix-synapse/tasks/main.yml +++ b/roles/custom/matrix-synapse/tasks/main.yml @@ -54,7 +54,7 @@ - tags: - register-user block: - - when: matrix_synapse_enabled | bool + - when: matrix_synapse_enabled and not matrix_synapse_experimental_features_msc3861_enabled ansible.builtin.include_tasks: "{{ role_path }}/tasks/register_user.yml" - tags: diff --git a/roles/custom/matrix-synapse/tasks/validate_config.yml b/roles/custom/matrix-synapse/tasks/validate_config.yml index 4a3727733..e9f02b44c 100644 --- a/roles/custom/matrix-synapse/tasks/validate_config.yml +++ b/roles/custom/matrix-synapse/tasks/validate_config.yml @@ -4,7 +4,7 @@ ansible.builtin.fail: msg: >- You need to define a required configuration setting (`{{ item.name }}`). - when: "item.when | bool and vars[item.name] == ''" + when: "item.when | bool and vars[item.name] | length == 0" with_items: - {'name': 'matrix_synapse_username', when: true} - {'name': 'matrix_synapse_uid', when: true} @@ -32,6 +32,13 @@ - {'name': 'matrix_synapse_metrics_proxying_hostname', when: "{{ matrix_synapse_metrics_proxying_enabled }}"} - {'name': 'matrix_synapse_metrics_proxying_path_prefix', when: "{{ matrix_synapse_metrics_proxying_enabled }}"} + - {'name': 'matrix_synapse_experimental_features_msc3861_issuer', when: "{{ matrix_synapse_experimental_features_msc3861_enabled }}"} + - {'name': 'matrix_synapse_experimental_features_msc3861_client_id', when: "{{ matrix_synapse_experimental_features_msc3861_enabled }}"} + - {'name': 'matrix_synapse_experimental_features_msc3861_client_auth_method', when: "{{ matrix_synapse_experimental_features_msc3861_enabled }}"} + - {'name': 'matrix_synapse_experimental_features_msc3861_client_secret', when: "{{ matrix_synapse_experimental_features_msc3861_enabled }}"} + - {'name': 'matrix_synapse_experimental_features_msc3861_admin_token', when: "{{ matrix_synapse_experimental_features_msc3861_enabled }}"} + - {'name': 'matrix_synapse_experimental_features_msc3861_account_management_url', when: "{{ matrix_synapse_experimental_features_msc3861_enabled }}"} + - name: Fail if asking for more than 1 instance of single-instance workers ansible.builtin.fail: msg: >- @@ -133,3 +140,17 @@ when: - matrix_synapse_auto_accept_invites_enabled - matrix_synapse_ext_synapse_auto_accept_invite_enabled + +- name: Fail if known Synapse password provider modules are enabled when auth is delegated to Matrix Authentication Service + ansible.builtin.fail: + msg: "When Synapse is delegating authentication to Matrix Authentication Service, it does not make sense to enable password provider modules, because it is not Synapse that is handling authentication. Please disable {{ item }} before enabling Matrix Authentication Service integration for Synapse. Synapse will refuse to start otherwise." + when: matrix_synapse_experimental_features_msc3861_enabled and vars[item] | bool + with_items: + - matrix_synapse_ext_password_provider_rest_auth_enabled + - matrix_synapse_ext_password_provider_shared_secret_auth_enabled + - matrix_synapse_ext_password_provider_ldap_enabled + +- name: Fail if password config is enabled for Synapse when auth is delegated to Matrix Authentication Service + ansible.builtin.fail: + msg: "When Synapse is delegating authentication to Matrix Authentication Service, it doesn't make sense to enable the password config (`matrix_synapse_password_config_enabled: true`), because it is not Synapse that is handling authentication. Please remove your `matrix_synapse_password_config_enabled: true` setting before enabling Matrix Authentication Service integration for Synapse. Synapse will refuse to start otherwise." + when: matrix_synapse_experimental_features_msc3861_enabled and matrix_synapse_password_config_enabled diff --git a/roles/custom/matrix-synapse/templates/synapse/bin/register-user.j2 b/roles/custom/matrix-synapse/templates/synapse/bin/register-user.j2 index 9b80d397b..714e1e269 100644 --- a/roles/custom/matrix-synapse/templates/synapse/bin/register-user.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/bin/register-user.j2 @@ -1,6 +1,11 @@ #jinja2: lstrip_blocks: "True" #!/bin/bash +{% if matrix_synapse_experimental_features_msc3861_enabled %} + echo "Registering users is handled by the Matrix Authentication Service, so you cannot use this script anymore." + echo "Consider using the {{ matrix_synapse_register_user_script_matrix_authentication_service_path }} script instead." + exit 2 +{% else %} if [ $# -ne 3 ]; then echo "Usage: "$0" " exit 1 @@ -15,3 +20,4 @@ if [ "$admin" -eq "1" ]; then else {{ devture_systemd_docker_base_host_command_docker }} exec matrix-synapse register_new_matrix_user -u "$user" -p "$password" -c /data/homeserver.yaml --no-admin http://localhost:{{ matrix_synapse_container_client_api_port }} fi +{% endif %} diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 9e0d32ca8..a18e6173a 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2974,5 +2974,17 @@ background_updates: # #default_batch_size: 50 +experimental_features: + {% if matrix_synapse_experimental_features_msc3861_enabled %} + msc3861: + enabled: true + issuer: {{ matrix_synapse_experimental_features_msc3861_issuer | to_json }} + introspection_endpoint: {{ matrix_synapse_experimental_features_msc3861_introspection_endpoint | to_json }} + client_id: {{ matrix_synapse_experimental_features_msc3861_client_id | to_json }} + client_auth_method: {{ matrix_synapse_experimental_features_msc3861_client_auth_method | to_json }} + client_secret: {{ matrix_synapse_experimental_features_msc3861_client_secret | to_json }} + admin_token: {{ matrix_synapse_experimental_features_msc3861_admin_token | to_json }} + account_management_url: {{ matrix_synapse_experimental_features_msc3861_account_management_url | to_json }} + {% endif %} # vim:ft=yaml diff --git a/roles/custom/matrix-user-creator/tasks/setup.yml b/roles/custom/matrix-user-creator/tasks/setup.yml index bcf2fd65f..d63177736 100644 --- a/roles/custom/matrix-user-creator/tasks/setup.yml +++ b/roles/custom/matrix-user-creator/tasks/setup.yml @@ -8,22 +8,48 @@ # Suppress logging to avoid dumping the credentials to the shell no_log: true -- name: Ensure homeserver is started before creating Matrix users - ansible.builtin.service: - name: "matrix-{{ matrix_homeserver_implementation }}.service" - state: started - daemon_reload: true - register: matrix_user_registrator_homeserver_start_result +- when: not matrix_authentication_service_enabled | bool + block: + - name: Ensure homeserver is started before creating Matrix users + ansible.builtin.service: + name: "matrix-{{ matrix_homeserver_implementation }}.service" + state: started + daemon_reload: true + register: matrix_user_registrator_homeserver_start_result -- name: Wait a while, so that the homeserver can manage to start before creating Matrix users - ansible.builtin.pause: - seconds: "{{ matrix_user_creator_homeserver_start_wait_time_seconds }}" - when: matrix_user_registrator_homeserver_start_result.changed | bool + - name: Wait a while, so that the homeserver can manage to start before creating Matrix users + ansible.builtin.pause: + seconds: "{{ matrix_user_creator_homeserver_start_wait_time_seconds }}" + when: matrix_user_registrator_homeserver_start_result.changed | bool -- name: Ensure Matrix users are created - ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_user_registered_{{ matrix_homeserver_implementation }}.yml" - with_items: "{{ matrix_user_creator_users }}" - loop_control: - loop_var: user - # Suppress logging to avoid dumping the credentials to the shell - no_log: true + - name: Ensure Matrix users are created for homeservers + when: not matrix_authentication_service_enabled | bool + ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_user_registered_{{ matrix_homeserver_implementation }}.yml" + with_items: "{{ matrix_user_creator_users }}" + loop_control: + loop_var: user + # Suppress logging to avoid dumping the credentials to the shell + no_log: true + +- when: matrix_authentication_service_enabled | bool + block: + - name: Ensure Matrix Authentication Service is started before creating Matrix users + ansible.builtin.service: + name: "matrix-authentication-service.service" + state: started + daemon_reload: true + register: matrix_user_registrator_mas_start_result + + - name: Wait a while, so that the Matrix Authentication Service can manage to start before creating Matrix users + ansible.builtin.pause: + seconds: "{{ matrix_user_creator_homeserver_start_wait_time_seconds }}" + when: matrix_user_registrator_mas_start_result.changed | bool + + - name: Ensure Matrix users are created for Matrix Authentication Service + when: matrix_authentication_service_enabled | bool + ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_user_registered_matrix_authentication_service.yml" + with_items: "{{ matrix_user_creator_users }}" + loop_control: + loop_var: user + # Suppress logging to avoid dumping the credentials to the shell + no_log: true diff --git a/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_matrix_authentication_service.yml b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_matrix_authentication_service.yml new file mode 100644 index 000000000..ddf8eeff1 --- /dev/null +++ b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_matrix_authentication_service.yml @@ -0,0 +1,19 @@ +--- + +- name: Ensure Matrix Authentication Service user registered - {{ user.username | quote }} + ansible.builtin.command: + cmd: |- + {{ devture_systemd_docker_base_host_command_docker }} exec matrix-authentication-service + mas-cli manage register-user + -p {{ user.initial_password | quote }} + --yes + --ignore-password-complexity + {% if user.initial_type == 'admin' %} + --admin + {% else %} + --no-admin + {% endif %} + {{ user.username | quote }} + register: matrix_authentication_service_register_user_result + changed_when: "matrix_authentication_service_register_user_result.rc == 0 and 'Error: User already exists' not in matrix_authentication_service_register_user_result.stderr" + failed_when: "matrix_authentication_service_register_user_result.rc != 0 and 'Error: User already exists' not in matrix_authentication_service_register_user_result.stderr" diff --git a/setup.yml b/setup.yml index 3cff6dbb1..b9eb5b8d6 100644 --- a/setup.yml +++ b/setup.yml @@ -49,6 +49,7 @@ - galaxy/redis - galaxy/keydb + - role: custom/matrix-authentication-service - custom/matrix-corporal - custom/matrix-appservice-draupnir-for-all - custom/matrix-appservice-double-puppet From 7139431d46ec5dd08f623247440059229d456808 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 19 Oct 2024 14:50:21 +0300 Subject: [PATCH 130/404] Make ansible-lint happy --- .../matrix-authentication-service/defaults/main.yml | 1 - .../tasks/mas_cli_doctor.yml | 4 ++-- .../matrix-authentication-service/tasks/syn2mas.yml | 10 +++++----- .../tasks/util/prepare_key.yml | 2 ++ 4 files changed, 9 insertions(+), 8 deletions(-) diff --git a/roles/custom/matrix-authentication-service/defaults/main.yml b/roles/custom/matrix-authentication-service/defaults/main.yml index c0f99dadc..e6f9e09de 100644 --- a/roles/custom/matrix-authentication-service/defaults/main.yml +++ b/roles/custom/matrix-authentication-service/defaults/main.yml @@ -593,4 +593,3 @@ matrix_authentication_service_migration_in_progress: false # /Misc # # # ######################################################################################## - diff --git a/roles/custom/matrix-authentication-service/tasks/mas_cli_doctor.yml b/roles/custom/matrix-authentication-service/tasks/mas_cli_doctor.yml index 591b80803..96689d6e2 100644 --- a/roles/custom/matrix-authentication-service/tasks/mas_cli_doctor.yml +++ b/roles/custom/matrix-authentication-service/tasks/mas_cli_doctor.yml @@ -7,8 +7,8 @@ daemon_reload: true register: matrix_authentication_service_mas_ensure_started_result -- when: matrix_authentication_service_mas_ensure_started_result.changed | bool - name: Wait a bit, so that Matrix Authentication Service can start +- name: Wait a bit, so that Matrix Authentication Service can start + when: matrix_authentication_service_mas_ensure_started_result.changed | bool ansible.builtin.wait_for: timeout: "{{ matrix_authentication_service_syn2mas_start_wait_time_seconds }}" delegate_to: 127.0.0.1 diff --git a/roles/custom/matrix-authentication-service/tasks/syn2mas.yml b/roles/custom/matrix-authentication-service/tasks/syn2mas.yml index dd1c2f9c6..7887821a4 100644 --- a/roles/custom/matrix-authentication-service/tasks/syn2mas.yml +++ b/roles/custom/matrix-authentication-service/tasks/syn2mas.yml @@ -1,6 +1,6 @@ --- -- set_fact: +- ansible.builtin.set_fact: matrix_authentication_service_syn2mas_dry_run: "{{ matrix_authentication_service_syn2mas_dry_run | bool }}" - name: Abort, if not using Synapse @@ -124,14 +124,14 @@ ansible.builtin.debug: var: matrix_authentication_service_syn2mas_migration_command_result -- when: "not matrix_authentication_service_syn2mas_dry_run and matrix_authentication_service_synapse_ensure_stopped_result.changed" - name: Ensure Synapse is started (if it previously was) +- name: Ensure Synapse is started (if it previously was) + when: "not matrix_authentication_service_syn2mas_dry_run and matrix_authentication_service_synapse_ensure_stopped_result.changed" ansible.builtin.service: name: matrix-synapse state: started -- when: "not matrix_authentication_service_syn2mas_dry_run and matrix_authentication_service_mas_ensure_stopped_result.changed" - name: Ensure Matrix Authentication Service is started (if it previously was) +- name: Ensure Matrix Authentication Service is started (if it previously was) + when: "not matrix_authentication_service_syn2mas_dry_run and matrix_authentication_service_mas_ensure_stopped_result.changed" ansible.builtin.service: name: matrix-authentication-service state: started diff --git a/roles/custom/matrix-authentication-service/tasks/util/prepare_key.yml b/roles/custom/matrix-authentication-service/tasks/util/prepare_key.yml index 54e872ea3..79fdc2e73 100644 --- a/roles/custom/matrix-authentication-service/tasks/util/prepare_key.yml +++ b/roles/custom/matrix-authentication-service/tasks/util/prepare_key.yml @@ -1,3 +1,5 @@ +--- + - name: Prepare Matrix Authentication Service private key file path ({{ private_key_definition.key_file }}) ansible.builtin.set_fact: matrix_authentication_service_private_key_file_path: "{{ matrix_authentication_service_data_keys_path }}/{{ private_key_definition.key_file }}" From abbe7818e2780951251c003c2744526201fb6109 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 19 Oct 2024 14:57:43 +0300 Subject: [PATCH 131/404] Fix broken link in changelog entry --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5bdaa83be..f39a0d5f8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ ## Support for Matrix Authentication Service -The playbook now supports installing and configuring [Matrix Authentication Service](./docs/matrix-authentication-service.md) (MAS). +The playbook now supports installing and configuring [Matrix Authentication Service](./docs/configuring-playbook-matrix-authentication-service.md) (MAS). Huge thanks to [Quentin Gliech](https://github.com/sandhose) from the [Element](https://element.io/) / [Matrix Authentication Service](https://github.com/element-hq/matrix-authentication-service) team for answering our numerous questions about MAS. From 398f4bbea54a3e00743f03700c22620470c4cb8a Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 21:33:49 +0900 Subject: [PATCH 132/404] Fix list numbering Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 8 ++++---- docs/configuring-playbook-s3-goofys.md | 22 +++++++++++----------- docs/configuring-well-known.md | 2 +- docs/obtaining-access-tokens.md | 8 ++++---- 4 files changed, 20 insertions(+), 20 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4805544b7..86451b739 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2388,10 +2388,10 @@ The new version of [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bri 1. Add the following to your `vars.yml` file: `matrix_sms_bridge_container_extra_arguments=['--env SPRING_PROFILES_ACTIVE=initialsync']` 2. Login to your host shell and remove old systemd file from your host: `rm /etc/systemd/system/matrix-sms-bridge-database.service` -2. Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-matrix-sms-bridge,start` -3. Login to your host shell and check the logs with `journalctl -u matrix-sms-bridge` until the sync finished. -4. Remove the var from the first step. -5. Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start`. +3. Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-matrix-sms-bridge,start` +4. Login to your host shell and check the logs with `journalctl -u matrix-sms-bridge` until the sync finished. +5. Remove the var from the first step. +6. Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start`. # 2020-11-10 diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md index ac32c698c..6eeafbfd4 100644 --- a/docs/configuring-playbook-s3-goofys.md +++ b/docs/configuring-playbook-s3-goofys.md @@ -59,9 +59,9 @@ matrix_s3_media_store_path: /matrix/s3-media-store This enables S3 support, but mounts the S3 storage bucket to `/matrix/s3-media-store` without hooking it to your homeserver yet. Your homeserver will still continue using your local filesystem for its media store. -5. Run the playbook to apply the changes: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` +4. Run the playbook to apply the changes: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` -6. Do an **initial sync of your files** by running this **on the server** (it may take a very long time): +5. Do an **initial sync of your files** by running this **on the server** (it may take a very long time): ```sh sudo -u matrix -- rsync --size-only --ignore-existing -avr /matrix/synapse/storage/media-store/. /matrix/s3-media-store/. @@ -69,27 +69,27 @@ sudo -u matrix -- rsync --size-only --ignore-existing -avr /matrix/synapse/stora You may need to install `rsync` manually. -7. Stop all Matrix services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) +6. Stop all Matrix services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) -8. Start the S3 service by running this **on the server**: `systemctl start matrix-goofys` +7. Start the S3 service by running this **on the server**: `systemctl start matrix-goofys` -9. Sync the files again by re-running the `rsync` command you see in step #6 +8. Sync the files again by re-running the `rsync` command you see in step #6 -10. Stop the S3 service by running this **on the server**: `systemctl stop matrix-goofys` +9. Stop the S3 service by running this **on the server**: `systemctl stop matrix-goofys` -11. Get the old media store out of the way by running this command on the server: +10. Get the old media store out of the way by running this command on the server: ```sh mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup ``` -12. Remove the `matrix_s3_media_store_path` configuration from your `vars.yml` file (undoing step #3 above) +11. Remove the `matrix_s3_media_store_path` configuration from your `vars.yml` file (undoing step #3 above) -13. Run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` +12. Run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` -14. You're done! Verify that loading existing (old) media files works and that you can upload new ones. +13. You're done! Verify that loading existing (old) media files works and that you can upload new ones. -15. When confident that it all works, get rid of the local media store directory: `rm -rf /matrix/synapse/storage/media-store-local-backup` +14. When confident that it all works, get rid of the local media store directory: `rm -rf /matrix/synapse/storage/media-store-local-backup` ### Migrating to Backblaze B2 diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index ccbfd6643..ffe13092c 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -180,7 +180,7 @@ backend matrix-backend **For AWS CloudFront** 1. Add a custom origin with matrix.example.com to your distribution - 1. Add two behaviors, one for `.well-known/matrix/client` and one for `.well-known/matrix/server` and point them to your new origin. + 2. Add two behaviors, one for `.well-known/matrix/client` and one for `.well-known/matrix/server` and point them to your new origin. Make sure to: diff --git a/docs/obtaining-access-tokens.md b/docs/obtaining-access-tokens.md index 913f1b90c..301ea8db2 100644 --- a/docs/obtaining-access-tokens.md +++ b/docs/obtaining-access-tokens.md @@ -13,10 +13,10 @@ Below, we describe 2 ways to generate an access token for a user - using [Elemen ## Obtain an access token via Element 1. In a private browsing session (incognito window), open Element. -1. Log in with the user's credentials. -1. In the settings page, choose "Help & About", scroll down to the bottom and expand the `Access Token` section (see screenshot below). -1. Copy the access token to your configuration. -1. Close the private browsing session. **Do not log out**. Logging out will invalidate the token, making it not work. +2. Log in with the user's credentials. +3. In the settings page, choose "Help & About", scroll down to the bottom and expand the `Access Token` section (see screenshot below). +4. Copy the access token to your configuration. +5. Close the private browsing session. **Do not log out**. Logging out will invalidate the token, making it not work. ![Obtaining an access token with Element](assets/obtain_admin_access_token_element.png) From e3e16259c056b4b7b75824f2b40043a49d22023c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 11 Oct 2024 18:32:42 +0900 Subject: [PATCH 133/404] Update docs/configuring-playbook-conduit.md and docs/configuring-playbook-dendrite.md Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-conduit.md | 9 +++++---- docs/configuring-playbook-dendrite.md | 18 ++++++++++++------ 2 files changed, 17 insertions(+), 10 deletions(-) diff --git a/docs/configuring-playbook-conduit.md b/docs/configuring-playbook-conduit.md index 80d4a41f7..3707e7fe4 100644 --- a/docs/configuring-playbook-conduit.md +++ b/docs/configuring-playbook-conduit.md @@ -8,16 +8,17 @@ By default, this playbook configures the [Synapse](https://github.com/element-hq - **homeserver implementations other than Synapse may not be fully functional**. The playbook may also not assist you in an optimal way (like it does with Synapse). Make yourself familiar with the downsides before proceeding +## Adjusting the playbook configuration -## Installing - -To use Conduit, you **generally** need the following additional `vars.yml` configuration: +To use Conduit, you **generally** need to add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_homeserver_implementation: conduit ``` -However, since Conduit is difficult (see [famedly/conduit#276](https://gitlab.com/famedly/conduit/-/issues/276) and [famedly/conduit#354](https://gitlab.com/famedly/conduit/-/merge_requests/354)) when it comes to creating the first user account and does not support [registering users](registering-users.md) (via the command line or via the playbook) like Synapse and Dendrite do, we recommend the following flow: +## Creating the first user account + +Since it is difficult to create the first user account on Conduit (see [famedly/conduit#276](https://gitlab.com/famedly/conduit/-/issues/276) and [famedly/conduit#354](https://gitlab.com/famedly/conduit/-/merge_requests/354)) and it does not support [registering users](registering-users.md) (via the command line or via the playbook) like Synapse and Dendrite do, we recommend the following procedure: 1. Add `matrix_conduit_allow_registration: true` to your `vars.yml` the first time around, temporarily 2. Run the playbook (`ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` - see [Installing](installing.md)) diff --git a/docs/configuring-playbook-dendrite.md b/docs/configuring-playbook-dendrite.md index 87300b7fd..0ffa8ed04 100644 --- a/docs/configuring-playbook-dendrite.md +++ b/docs/configuring-playbook-dendrite.md @@ -8,7 +8,17 @@ By default, this playbook configures the [Synapse](https://github.com/element-hq - **homeserver implementations other than Synapse may not be fully functional**. The playbook may also not assist you in an optimal way (like it does with Synapse). Make yourself familiar with the downsides before proceeding -The playbook provided settings for Dendrite are defined in [`roles/custom/matrix-dendrite/defaults/main.yml`](../roles/custom/matrix-dendrite/defaults/main.yml) and they ultimately end up in the generated `/matrix/dendrite/config/dendrite.yaml` file (on the server). This file is generated from the [`roles/custom/matrix-dendrite/templates/dendrite/dendrite.yaml.j2`](../roles/custom/matrix-dendrite/templates/dendrite/dendrite.yaml.j2) template. +## Adjusting the playbook configuration + +To use Dendrite, you **generally** need to add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +matrix_homeserver_implementation: dendrite +``` + +The playbook provides lots of customization variables you could use to change Dendrite's settings. + +Their defaults are defined in [`roles/custom/matrix-dendrite/defaults/main.yml`](../roles/custom/matrix-dendrite/defaults/main.yml) and they ultimately end up in the generated `/matrix/dendrite/config/dendrite.yaml` file (on the server). This file is generated from the [`roles/custom/matrix-dendrite/templates/dendrite/dendrite.yaml.j2`](../roles/custom/matrix-dendrite/templates/dendrite/dendrite.yaml.j2) template. **If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`) and [re-run the playbook](installing.md) to apply the changes. @@ -24,8 +34,4 @@ Alternatively, **if there is no pre-defined variable** for a Dendrite setting yo ## Installing -To use Dendrite, you **generally** need the following additional `vars.yml` configuration: - -```yaml -matrix_homeserver_implementation: dendrite -``` +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` From 3e95e6d2f6d090f31aa35d354a28d48f1a56d12c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 20 Oct 2024 02:12:22 +0900 Subject: [PATCH 134/404] Add detail about setting up schildichat subdomain on docs/configuring-dns.md Signed-off-by: Suguru Hirahara --- docs/configuring-dns.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 3ecf05b83..e64c3b40e 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -77,6 +77,8 @@ The `hydrogen.example.com` subdomain may be necessary, because this playbook cou The `cinny.example.com` subdomain may be necessary, because this playbook could install the [Cinny](https://github.com/ajbura/cinny) web client. The installation of Cinny is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Cinny guide](configuring-playbook-client-cinny.md). If you do not wish to set up Cinny, feel free to skip the `cinny.example.com` DNS record. +The `schildichat.example.com` subdomain may be necessary, because this playbook could install the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) web client. The installation of SchildiChat is disabled by default, it is not a core required component. To learn how to install it, see our [configuring SchildiChat guide](configuring-playbook-client-schildichat.md). If you do not wish to set up SchildiChat, feel free to skip the `schildichat.example.com` DNS record. + The `wsproxy.example.com` subdomain may be necessary, because this playbook could install the [wsproxy](https://github.com/mautrix/wsproxy) web client. The installation of wsproxy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring wsproxy guide](configuring-playbook-bridge-mautrix-wsproxy.md). If you do not wish to set up wsproxy, feel free to skip the `wsproxy.example.com` DNS record. The `buscarron.example.com` subdomain may be necessary, because this playbook could install the [buscarron](https://github.com/etkecc/buscarron) bot. The installation of buscarron is disabled by default, it is not a core required component. To learn how to install it, see our [configuring buscarron guide](configuring-playbook-bot-buscarron.md). If you do not wish to set up buscarron, feel free to skip the `buscarron.example.com` DNS record. From 81d76989446ed8c471e06c14748e57d6c8690271 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 21 Oct 2024 05:07:51 +0900 Subject: [PATCH 135/404] Update documentation for components which require subdomain settings by default MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This adopts the structure of docs/configuring-playbook-matrix-authentication-service.md which was recently created. - … - Adjusting the playbook configuration - … - Adjusting the (service name here) URL - … - Adjusting DNS records - Installing - … Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-buscarron.md | 50 +++++++++--------- docs/configuring-playbook-bot-go-neb.md | 49 ++++++++--------- ...iguring-playbook-bridge-mautrix-wsproxy.md | 25 ++++++--- docs/configuring-playbook-client-cinny.md | 37 ++++++++----- docs/configuring-playbook-client-element.md | 35 +++++++++++-- docs/configuring-playbook-client-hydrogen.md | 37 ++++++++----- ...configuring-playbook-client-schildichat.md | 37 ++++++++----- docs/configuring-playbook-dimension.md | 52 ++++++++++--------- docs/configuring-playbook-etherpad.md | 34 ++++++------ docs/configuring-playbook-jitsi.md | 31 +++++++---- docs/configuring-playbook-ntfy.md | 25 ++++++--- ...configuring-playbook-prometheus-grafana.md | 32 ++++++++++-- docs/configuring-playbook-rageshake.md | 52 +++++++++---------- docs/configuring-playbook-sygnal.md | 50 +++++++++--------- 14 files changed, 339 insertions(+), 207 deletions(-) diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index fb01bb2ae..4c81cebb9 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -4,33 +4,9 @@ The playbook can install and configure [buscarron](https://github.com/etkecc/bus Buscarron is bot that receives HTTP POST submissions of web forms and forwards them to a Matrix room. - -## Decide on a domain and path - -By default, Buscarron is configured to use its own dedicated domain (`buscarron.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). - -You can override the domain and path like this: - -```yaml -# Switch to the domain used for Matrix services (`matrix.example.com`), -# so we won't need to add additional DNS records for Buscarron. -matrix_bot_buscarron_hostname: "{{ matrix_server_fqn_matrix }}" - -# Expose under the /buscarron subpath -matrix_bot_buscarron_path_prefix: /buscarron -``` - - -## Adjusting DNS records - -Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Buscarron domain to the Matrix server. - -If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. - - ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable Buscarron, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_bot_buscarron_enabled: true @@ -53,6 +29,30 @@ matrix_bot_buscarron_forms: matrix_bot_buscarron_spamlist: [] # (optional) list of emails/domains/hosts (with wildcards support) that should be rejected automatically ``` +### Adjusting the Buscarron URL + +By default, this playbook installs Buscarron on the `buscarron.` subdomain (`buscarron.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `matrix_bot_buscarron_hostname` and `matrix_bot_buscarron_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Switch to the domain used for Matrix services (`matrix.example.com`), +# so we won't need to add additional DNS records for Buscarron. +matrix_bot_buscarron_hostname: "{{ matrix_server_fqn_matrix }}" + +# Expose under the /buscarron subpath +matrix_bot_buscarron_path_prefix: /buscarron +``` + +## Adjusting DNS records + +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Buscarron domain to the Matrix server. + +By default, you will need to create a CNAME record for `buscarron`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. ## Installing diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 8e5e08a5f..72334f1a5 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -24,32 +24,9 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.go-neb Once the user is created you can [obtain an access token](obtaining-access-tokens.md). -## Decide on a domain and path - -By default, Go-NEB is configured to use its own dedicated domain (`goneb.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). - -You can override the domain and path like this: - -```yaml -# Switch to the domain used for Matrix services (`matrix.example.com`), -# so we won't need to add additional DNS records for Go-NEB. -matrix_bot_go_neb_hostname: "{{ matrix_server_fqn_matrix }}" - -# Expose under the /go-neb subpath -matrix_bot_go_neb_path_prefix: /go-neb -``` - - -## Adjusting DNS records - -Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Go-NEB domain to the Matrix server. - -If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. - - ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): +To enable Go-NEB, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_bot_go_neb_enabled: true @@ -213,6 +190,30 @@ matrix_bot_go_neb_services: msg_type: "m.text" # Must be either `m.text` or `m.notice` ``` +### Adjusting the Go-NEB URL + +By default, this playbook installs Go-NEB on the `goneb.` subdomain (`goneb.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `matrix_bot_go_neb_hostname` and `matrix_bot_go_neb_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Switch to the domain used for Matrix services (`matrix.example.com`), +# so we won't need to add additional DNS records for Go-NEB. +matrix_bot_go_neb_hostname: "{{ matrix_server_fqn_matrix }}" + +# Expose under the /buscarron subpath +matrix_bot_go_neb_path_prefix: /go-neb +``` + +## Adjusting DNS records + +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Go-NEB domain to the Matrix server. + +By default, you will need to create a CNAME record for `goneb`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. ## Installing diff --git a/docs/configuring-playbook-bridge-mautrix-wsproxy.md b/docs/configuring-playbook-bridge-mautrix-wsproxy.md index 2bff1ecda..48e3a9198 100644 --- a/docs/configuring-playbook-bridge-mautrix-wsproxy.md +++ b/docs/configuring-playbook-bridge-mautrix-wsproxy.md @@ -4,12 +4,6 @@ The playbook can install and configure [mautrix-wsproxy](https://github.com/maut See the project's [documentation](https://github.com/mautrix/wsproxy#readme) to learn what it does and why it might be useful to you. - -## DNS - -You need to create a `wsproxy.example.com` DNS record pointing to your Matrix server (a `CNAME` pointing to `matrix.example.com`) to use wsproxy. -The hostname is configurable via a `matrix_mautrix_wsproxy_hostname` variable. - ## Adjusting the playbook configuration To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: @@ -26,6 +20,25 @@ matrix_mautrix_wsproxy_syncproxy_shared_secret: 'secret token from bridge' Note that the tokens must match what is compiled into the [mautrix-imessage](https://github.com/mautrix/imessage) bridge running on your Mac or Android device. +### Adjusting the wsproxy URL + +By default, this playbook installs wsproxy on the `wsproxy.` subdomain (`wsproxy.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `matrix_mautrix_wsproxy_hostname` variable, you can easily make the service available at a **different hostname** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname +matrix_mautrix_wsproxy_hostname: wsproxy.example.com +``` + +## Adjusting DNS records + +Once you've decided on the domain, **you may need to adjust your DNS** records to point the wsproxy domain to the Matrix server. + +By default, you will need to create a CNAME record for `wsproxy`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. + ## Installing After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-client-cinny.md b/docs/configuring-playbook-client-cinny.md index d5deb3380..680baa1d8 100644 --- a/docs/configuring-playbook-client-cinny.md +++ b/docs/configuring-playbook-client-cinny.md @@ -4,18 +4,6 @@ This playbook can install the [cinny](https://github.com/ajbura/cinny) Matrix we Cinny is a web client focusing primarily on simple, elegant and secure interface. It can be installed alongside or instead of Element. -## DNS - -You need to add a DNS record so that Cinny can be accessed. - -By default Cinny will use https://cinny.example.com so you will need to create an CNAME record for `cinny`. See [Configuring DNS](configuring-dns.md). - -If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (changing it to use your preferred domain): - -```yaml -matrix_server_fqn_cinny: "app.{{ matrix_domain }}" -``` - ## Adjusting the playbook configuration To enable Cinny, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: @@ -24,6 +12,31 @@ To enable Cinny, add the following configuration to your `inventory/host_vars/ma matrix_client_cinny_enabled: true ``` +### Adjusting the Cinny URL + +By default, this playbook installs Cinny on the `cinny.` subdomain (`cinny.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `matrix_client_cinny_hostname` and `matrix_client_cinny_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Switch to the domain used for Matrix services (`matrix.example.com`), +# so we won't need to add additional DNS records for Cinny. +matrix_client_cinny_hostname: "{{ matrix_server_fqn_matrix }}" + +# Expose under the /cinny subpath +matrix_client_cinny_path_prefix: /cinny +``` + +## Adjusting DNS records + +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Cinny domain to the Matrix server. + +By default, you will need to create a CNAME record for `cinny`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. + ## Installing After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-client-element.md b/docs/configuring-playbook-client-element.md index 65ff2f577..159072cca 100644 --- a/docs/configuring-playbook-client-element.md +++ b/docs/configuring-playbook-client-element.md @@ -5,14 +5,14 @@ By default, this playbook installs the [Element](https://github.com/element-hq/e ## Disabling Element -If you'd like for the playbook to not install Element (or to uninstall it if it was previously installed), you can disable it in your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): +If you'd like for the playbook to not install Element (or to uninstall it if it was previously installed), add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_client_element_enabled: false ``` -## Configuring Element settings +## Adjusting the playbook configuration The playbook provides some customization variables you could use to change Element's settings. @@ -29,7 +29,7 @@ Alternatively, **if there is no pre-defined variable** for an Element setting yo - or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_client_element_configuration_default` (or `matrix_client_element_configuration`). You can find information about this in [`roles/custom/matrix-client-element/defaults/main.yml`](../roles/custom/matrix-client-element/defaults/main.yml). -## Themes +### Themes To change the look of Element, you can define your own themes manually by using the `matrix_client_element_setting_defaults_custom_themes` setting. @@ -38,3 +38,32 @@ Or better yet, you can automatically pull it all themes provided by the [aaronra If you make your own theme, we encourage you to submit it to the **aaronraimist/element-themes** project, so that the whole community could easily enjoy it. Note that for a custom theme to work well, all Element instances that you use must have the same theme installed. + +### Adjusting the Element URL + +By default, this playbook installs Element on the `element.` subdomain (`element.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `matrix_client_element_hostname` and `matrix_client_element_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Switch to the domain used for Matrix services (`matrix.example.com`), +# so we won't need to add additional DNS records for Element. +matrix_client_element_hostname: "{{ matrix_server_fqn_matrix }}" + +# Expose under the /element subpath +matrix_client_element_path_prefix: /element +``` + +## Adjusting DNS records + +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Element domain to the Matrix server. + +By default, you will need to create a CNAME record for `element`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. + +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-client-hydrogen.md b/docs/configuring-playbook-client-hydrogen.md index 94775eaae..6ad08c770 100644 --- a/docs/configuring-playbook-client-hydrogen.md +++ b/docs/configuring-playbook-client-hydrogen.md @@ -4,18 +4,6 @@ This playbook can install the [Hydrogen](https://github.com/element-hq/hydrogen- Hydrogen is a lightweight web client that supports mobile and legacy web browsers. It can be installed alongside or instead of Element. -## DNS - -You need to add a DNS record so that Hydrogen can be accessed. - -By default Hydrogen will use https://hydrogen.example.com so you will need to create an CNAME record for `hydrogen`. See [Configuring DNS](configuring-dns.md). - -If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (changing it to use your preferred domain): - -```yaml -matrix_server_fqn_hydrogen: "helium.{{ matrix_domain }}" -``` - ## Adjusting the playbook configuration To enable Hydrogen, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: @@ -24,6 +12,31 @@ To enable Hydrogen, add the following configuration to your `inventory/host_vars matrix_client_hydrogen_enabled: true ``` +### Adjusting the Hydrogen URL + +By default, this playbook installs Hydrogen on the `hydrogen.` subdomain (`hydrogen.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `matrix_client_hydrogen_hostname` and `matrix_client_hydrogen_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Switch to the domain used for Matrix services (`matrix.example.com`), +# so we won't need to add additional DNS records for Hydrogen. +matrix_client_hydrogen_hostname: "{{ matrix_server_fqn_matrix }}" + +# Expose under the /hydrogen subpath +matrix_client_hydrogen_path_prefix: /hydrogen +``` + +## Adjusting DNS records + +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Hydrogen domain to the Matrix server. + +By default, you will need to create a CNAME record for `hydrogen`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. + ## Installing After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat.md index 251a28933..6f220ad65 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat.md @@ -6,18 +6,6 @@ SchildiChat is a feature-rich messenger for Matrix based on Element with some ex **WARNING**: SchildiChat Web is based on Element-web, but its releases are lagging behind. As an example (from 2024-02-26), SchildiChat Web is 22 releases behind (it being based on element-web `v1.11.36`, while element-web is now on `v1.11.58`). Element-web frequently suffers from security issues, so running something based on an ancient Element-web release is **dangerous**. Use SchildiChat Web at your own risk! -## DNS - -You need to add a DNS record so that SchildiChat can be accessed. - -By default SchildiChat will use https://schildichat.example.com so you will need to create an CNAME record for `schildichat`. See [Configuring DNS](configuring-dns.md). - -If you would like to use a different domain, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (changing it to use your preferred domain): - -```yaml -matrix_server_fqn_schildichat: "sc.{{ matrix_domain }}" -``` - ## Adjusting the playbook configuration To enable SchildiChat, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: @@ -50,6 +38,31 @@ If you make your own theme, we encourage you to submit it to the **aaronraimist/ Note that for a custom theme to work well, all SchildiChat instances that you use must have the same theme installed. +### Adjusting the SchildiChat URL + +By default, this playbook installs SchildiChat on the `schildichat.` subdomain (`schildichat.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `matrix_client_schildichat_hostname` and `matrix_client_schildichat_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Switch to the domain used for Matrix services (`matrix.example.com`), +# so we won't need to add additional DNS records for SchildiChat. +matrix_client_schildichat_hostname: "{{ matrix_server_fqn_matrix }}" + +# Expose under the /schildichat subpath +matrix_client_schildichat_path_prefix: /schildichat +``` + +## Adjusting DNS records + +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the SchildiChat domain to the Matrix server. + +By default, you will need to create a CNAME record for `schildichat`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. + ## Installing After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index 15351282d..93f2c7d51 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -7,28 +7,7 @@ If you're just installing Matrix services for the first time, please continue wi **Note**: This playbook now supports running [Dimension](https://dimension.t2bot.io) in both a federated and [unfederated](https://github.com/turt2live/matrix-dimension/blob/master/docs/unfederated.md) environments. This is handled automatically based on the value of `matrix_homeserver_federation_enabled`. Enabling Dimension, means that the `openid` API endpoints will be exposed on the Matrix Federation port (usually `8448`), even if [federation](configuring-playbook-federation.md) is disabled. It's something to be aware of, especially in terms of firewall whitelisting (make sure port `8448` is accessible). - -## Decide on a domain and path - -By default, Dimension is configured to use its own dedicated domain (`dimension.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). - -You can override the domain and path like this: - -```yaml -# Switch to another hostname compared to the default (`dimension.{{ matrix_domain }}`) -matrix_dimension_hostname: "integrations.{{ matrix_domain }}" - -``` - -While there is a `matrix_dimension_path_prefix` variable for changing the path where Dimension is served, overriding it is not possible right now due to [this Dimension issue](https://github.com/turt2live/matrix-dimension/issues/510). You must serve Dimension at a dedicated subdomain until this issue is solved. - - -## Adjusting DNS records - -Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Dimension domain to the Matrix server. - - -## Enable +## Adjusting the playbook configuration To enable Dimension, add this to your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): @@ -36,8 +15,7 @@ To enable Dimension, add this to your configuration file (`inventory/host_vars/m matrix_dimension_enabled: true ``` - -## Define admin users +### Define admin users These users can modify the integrations this Dimension supports. Add this to your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): @@ -50,7 +28,7 @@ matrix_dimension_admins: The admin interface is accessible within Element by accessing it in any room and clicking the cog wheel/settings icon in the top right. Currently, Dimension can be opened in Element by the "Add widgets, bridges, & bots" link in the room information. -## Access token +### Access token We recommend that you create a dedicated Matrix user for Dimension (`dimension` is a good username). Follow our [Registering users](registering-users.md) guide to learn how to register **a regular (non-admin) user**. @@ -68,6 +46,30 @@ matrix_dimension_access_token: "YOUR ACCESS TOKEN HERE" For more information on how to acquire an access token, visit [https://t2bot.io/docs/access_tokens](https://t2bot.io/docs/access_tokens). +### Adjusting the Dimension URL + +By default, this playbook installs Dimension on the `dimension.` subdomain (`dimension.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `matrix_dimension_hostname` and `matrix_dimension_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Switch to the domain used for Matrix services (`matrix.example.com`), +# so we won't need to add additional DNS records for Dimension. +matrix_dimension_hostname: "{{ matrix_server_fqn_matrix }}" + +# Expose under the /dimension subpath +# matrix_dimension_path_prefix: /dimension +``` + +**Note**: While there is a `matrix_dimension_path_prefix` variable for changing the path where Dimension is served, overriding it is not possible due to [this Dimension issue](https://github.com/turt2live/matrix-dimension/issues/510). You must serve Dimension at a dedicated subdomain. + +## Adjusting DNS records + +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Dimension domain to the Matrix server. + +By default, you will need to create a CNAME record for `dimension`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. ## Installing diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 4810c24d6..18e37c5f4 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -4,12 +4,25 @@ When enabled together with the Jitsi audio/video conferencing system (see [our docs on Jitsi](configuring-playbook-jitsi.md)), it will be made available as an option during the conferences. +## Adjusting the playbook configuration -## Decide on a domain and path +To enable Etherpad, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: -By default, Etherpad is configured to use its own dedicated domain (`etherpad.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). +```yaml +etherpad_enabled: true -You can override the domain and path like this: +# Uncomment and adjust this part if you'd like to enable the admin web UI +# etherpad_admin_username: YOUR_USERNAME_HERE +# etherpad_admin_password: YOUR_PASSWORD_HERE +``` + +### Adjusting the Etherpad URL + +By default, this playbook installs Etherpad on the `etherpad.` subdomain (`etherpad.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `etherpad_hostname` and `etherpad_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml # Switch to the domain used for Matrix services (`matrix.example.com`), @@ -25,21 +38,10 @@ etherpad_path_prefix: /etherpad Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Etherpad domain to the Matrix server. +By default, you will need to create a CNAME record for `etherpad`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. + If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. - -## Adjusting the playbook configuration - -[Etherpad](https://etherpad.org) installation is disabled by default. To enable Etherpad, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: - -```yaml -etherpad_enabled: true - -# Uncomment and adjust this part if you'd like to enable the admin web UI -# etherpad_admin_username: YOUR_USERNAME_HERE -# etherpad_admin_password: YOUR_PASSWORD_HERE -``` - ## Installing After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 3b395b319..3398bf3c1 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -9,9 +9,7 @@ The setup done by the playbook is very similar to [docker-jitsi-meet](https://gi ## Prerequisites -Before installing Jitsi, make sure you've created the `jitsi.example.com` DNS record (unless you've changed `jitsi_hostname`, as described below). See [Configuring DNS](configuring-dns.md) for details about DNS changes. - -You may also need to open the following ports to your server: +You may need to open the following ports to your server: - `4443/tcp` - RTP media fallback over TCP - `10000/udp` - RTP media over UDP. Depending on your firewall/NAT setup, incoming RTP packets on port `10000` may have the external IP of your firewall as destination address, due to the usage of STUN in JVB (see [`jitsi_jvb_stun_servers`](https://github.com/mother-of-all-self-hosting/ansible-role-jitsi/blob/main/defaults/main.yml)). @@ -19,18 +17,31 @@ You may also need to open the following ports to your server: ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable Jitsi, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml jitsi_enabled: true - -# Uncomment and adjust this part if you'd like to use a hostname different than the default -# jitsi_hostname: "jitsi.{{ matrix_domain }}" - -# Uncomment and possible adjust this part if you'd like to host under a subpath -# jitsi_path_prefix: /jitsi ``` +### Adjusting the Jitsi URL + +By default, this playbook installs Jitsi on the `jitsi.` subdomain (`jitsi.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `jitsi_hostname` variable, you can easily make the service available at a **different hostname** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname +jitsi_hostname: jitsi.example.com +``` + +## Adjusting DNS records + +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Jitsi domain to the Matrix server. + +By default, you will need to create a CNAME record for `jitsi`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. + ## (Optional) Configure Jitsi authentication and guests mode By default the Jitsi Meet instance does not require any kind of login and is open to use for anyone without registration. diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index 67f7ce6c7..aedd51b81 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -11,15 +11,12 @@ This role is intended to support UnifiedPush notifications for use with the Matr ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): +To enable ntfy, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml # Enabling it is the only required setting ntfy_enabled: true -# Uncomment and adjust this part if you'd like to use a hostname different than the default -# matrix_server_fqn_ntfy: "ntfy.{{ matrix_domain }}" - # Uncomment to enable the ntfy web app (disabled by default) # ntfy_web_root: app # defaults to "disable" @@ -32,11 +29,27 @@ For a more complete list of variables that you could override, see the [`default For a complete list of ntfy config options that you could put in `ntfy_configuration_extension_yaml`, see the [ntfy config documentation](https://ntfy.sh/docs/config/#config-options). +### Adjusting the ntfy URL + +By default, this playbook installs ntfy on the `ntfy.` subdomain (`ntfy.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `ntfy_hostname` variable, you can easily make the service available at a **different hostname** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname +ntfy_hostname: ntfy.example.com +``` + +## Adjusting DNS records + +Once you've decided on the domain, **you may need to adjust your DNS** records to point the ntfy domain to the Matrix server. + +By default, you will need to create a CNAME record for `ntfy`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. ## Installing -Don't forget to add `ntfy.example.com` to DNS as described in [Configuring DNS](configuring-dns.md) before running the playbook. - After configuring the playbook, run the [installation](installing.md) command: ``` diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index d1f2e2fa5..3b0426b07 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -1,10 +1,10 @@ # Enabling metrics and graphs for your Matrix server (optional) -It can be useful to have some (visual) insight into the performance of your homeserver. +The playbook can install [Grafana](https://grafana.com/) with [Prometheus](https://prometheus.io/) and configure performance metrics of your homeserver with graphs for you. -You can enable this with the following settings in your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): +## Adjusting the playbook configuration -Remember to add `stats.example.com` to DNS as described in [Configuring DNS](configuring-dns.md) before running the playbook. +To enable Grafana and/or Prometheus, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml prometheus_enabled: true @@ -30,10 +30,32 @@ grafana_default_admin_user: "some_username_chosen_by_you" grafana_default_admin_password: "some_strong_password_chosen_by_you" ``` -By default, a [Grafana](https://grafana.com/) web user-interface will be available at `https://stats.example.com`. - The retention policy of Prometheus metrics is [15 days by default](https://prometheus.io/docs/prometheus/latest/storage/#operational-aspects). Older data gets deleted automatically. +### Adjusting the Grafana URL + +By default, this playbook installs Grafana web user-interface on the `stats.` subdomain (`stats.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `grafana_hostname` variable, you can easily make the service available at a **different hostname** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname +grafana_hostname: stats.example.com +``` + +## Adjusting DNS records + +Once you've decided on the domain, **you may need to adjust your DNS** records to point the Grafana domain to the Matrix server. + +By default, you will need to create a CNAME record for `stats`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +**Note**: It is possible to install Prometheus without installing Grafana. This case it is not required to create the CNAME record. + +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## What does it do? diff --git a/docs/configuring-playbook-rageshake.md b/docs/configuring-playbook-rageshake.md index 34fd08633..a9f7f63b6 100644 --- a/docs/configuring-playbook-rageshake.md +++ b/docs/configuring-playbook-rageshake.md @@ -4,33 +4,9 @@ The playbook can install and configure the [rageshake](https://github.com/matrix This is useful if you're developing your own applications and would like to collect bug reports for them. +## Adjusting the playbook configuration -## Decide on a domain and path - -By default, Rageshake is configured to use its own dedicated domain (`rageshake.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). - -You can override the domain and path like this: - -```yaml -# Switch to the domain used for Matrix services (`matrix.example.com`), -# so we won't need to add additional DNS records for Rageshake. -matrix_rageshake_hostname: "{{ matrix_server_fqn_matrix }}" - -# Expose under the /rageshake subpath -matrix_rageshake_path_prefix: /rageshake -``` - - -## Adjusting DNS records - -Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Rageshake domain to the Matrix server. - -If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. - - -## Enabling the Rageshake service - -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): +To enable Rageshake, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_rageshake_enabled: true @@ -48,6 +24,30 @@ matrix_rageshake_configuration_extension_yaml: | my-app: octocat/HelloWorld ``` +### Adjusting the Rageshake URL + +By default, this playbook installs Rageshake on the `rageshake.` subdomain (`rageshake.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `matrix_rageshake_hostname` and `matrix_rageshake_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Switch to the domain used for Matrix services (`matrix.example.com`), +# so we won't need to add additional DNS records for Rageshake. +matrix_rageshake_hostname: "{{ matrix_server_fqn_matrix }}" + +# Expose under the /rageshake subpath +matrix_rageshake_path_prefix: /rageshake +``` + +## Adjusting DNS records + +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Rageshake domain to the Matrix server. + +By default, you will need to create a CNAME record for `rageshake`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. ## Installing diff --git a/docs/configuring-playbook-sygnal.md b/docs/configuring-playbook-sygnal.md index d7382c3d0..642ed5488 100644 --- a/docs/configuring-playbook-sygnal.md +++ b/docs/configuring-playbook-sygnal.md @@ -10,33 +10,9 @@ See the project's [documentation](https://github.com/matrix-org/sygnal) to learn This optional playbook component is only useful to people who develop/build their own Matrix client applications themselves. - -## Decide on a domain and path - -By default, Sygnal is configured to use its own dedicated domain (`sygnal.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). - -You can override the domain and path like this: - -```yaml -# Switch to the domain used for Matrix services (`matrix.example.com`), -# so we won't need to add additional DNS records for Sygnal. -matrix_sygnal_hostname: "{{ matrix_server_fqn_matrix }}" - -# Expose under the /sygnal subpath -matrix_sygnal_path_prefix: /sygnal -``` - - -## Adjusting DNS records - -Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Sygnal domain to the Matrix server. - -If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. - - ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): +To enable Sygnal, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_sygnal_enabled: true @@ -75,6 +51,30 @@ To do that, the above example configuration: - references these files in the Sygnal configuration (`matrix_sygnal_apps`) using a path like `/data/..` (the `/matrix/sygnal/data` directory on the host system is mounted into the `/data` directory inside the container) +### Adjusting the Sygnal URL + +By default, this playbook installs Sygnal on the `sygnal.` subdomain (`sygnal.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). + +By tweaking the `matrix_sygnal_hostname` and `matrix_sygnal_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Switch to the domain used for Matrix services (`matrix.example.com`), +# so we won't need to add additional DNS records for Sygnal. +matrix_sygnal_hostname: "{{ matrix_server_fqn_matrix }}" + +# Expose under the /sygnal subpath +matrix_sygnal_path_prefix: /sygnal +``` + +## Adjusting DNS records + +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Sygnal domain to the Matrix server. + +By default, you will need to create a CNAME record for `sygnal`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. ## Installing From ea6e8794870074c6ebffc0ac3893c82eca0e0aa6 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 21 Oct 2024 05:13:48 +0900 Subject: [PATCH 136/404] Update docs/configuring-dns.md: add an entry for Rageshake Signed-off-by: Suguru Hirahara --- docs/configuring-dns.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index e64c3b40e..720424425 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -45,6 +45,7 @@ When you're done configuring DNS, proceed to [Configuring the playbook](configur | [SchildiChat](configuring-playbook-client-schildichat.md) web client | CNAME | `schildichat` | - | - | - | `matrix.example.com` | | [wsproxy](configuring-playbook-bridge-mautrix-wsproxy.md) sms bridge | CNAME | `wsproxy` | - | - | - | `matrix.example.com` | | [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.example.com` | +| [Rageshake](docs/configuring-playbook-rageshake.md) bug report server | CNAME | `rageshake` | - | - | - | `matrix.example.com` | | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | MX | `matrix` | 10 | 0 | - | `matrix.example.com` | | [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | | [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | @@ -83,6 +84,8 @@ The `wsproxy.example.com` subdomain may be necessary, because this playbook coul The `buscarron.example.com` subdomain may be necessary, because this playbook could install the [buscarron](https://github.com/etkecc/buscarron) bot. The installation of buscarron is disabled by default, it is not a core required component. To learn how to install it, see our [configuring buscarron guide](configuring-playbook-bot-buscarron.md). If you do not wish to set up buscarron, feel free to skip the `buscarron.example.com` DNS record. +The `rageshake.example.com` subdomain may be necessary, because this playbook could install the [rageshake](https://github.com/matrix-org/rageshake) bug report server. The installation of Rageshake is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Rageshake guide](docs/configuring-playbook-rageshake.md). If you do not wish to set up Rageshake, feel free to skip the `rageshake.example.com` DNS record. + ## `_matrix-identity._tcp` SRV record setup To make the [ma1sd](https://github.com/ma1uta/ma1sd) Identity Server (which this playbook may optionally install for you) enable its federation features, set up an SRV record that looks like this: From c892971e89419cff69e11fc4cb7925436b0e1a56 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 21 Oct 2024 05:15:21 +0900 Subject: [PATCH 137/404] Update documentation for components which do not require subdomain settings by default MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This adopts the structure of docs/configuring-playbook-matrix-authentication-service.md which was recently created. - … - Adjusting the playbook configuration - … - Adjusting the (service name here) URL - … - Adjusting DNS records - Installing - … Signed-off-by: Suguru Hirahara --- ...figuring-playbook-alertmanager-receiver.md | 31 ++++++++++----- docs/configuring-playbook-bot-honoroit.md | 27 ++++++++++--- docs/configuring-playbook-bot-maubot.md | 25 +++++++++++- ...onfiguring-playbook-bridge-heisenbridge.md | 38 ++++++++++++++----- docs/configuring-playbook-cactus-comments.md | 32 +++++++++++++--- ...-playbook-matrix-authentication-service.md | 11 +++++- ...onfiguring-playbook-matrix-registration.md | 24 +++++++++++- ...configuring-playbook-sliding-sync-proxy.md | 37 ++++++++++-------- docs/configuring-playbook-synapse-admin.md | 23 ++++++++++- ...iguring-playbook-synapse-usage-exporter.md | 31 ++++++++++++++- 10 files changed, 226 insertions(+), 53 deletions(-) diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index c11b759fc..566cfc550 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -10,19 +10,11 @@ This service is meant to be used with an external [Alertmanager](https://prometh ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable matrix-alertmanager-receiver, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yml matrix_alertmanager_receiver_enabled: true -# This exposes matrix-alertmanager-receiver on the `matrix.` domain. -# Adjust, if necessary. -matrix_alertmanager_receiver_hostname: "{{ matrix_server_fqn_matrix }}" - -# This exposes matrix-alertmanager-receiver under a path prefix containing a random (secret) value. -# Adjust the `RANDOM_VALUE_HERE` part with a long and secure value. -matrix_alertmanager_receiver_path_prefix: /matrix-alertmanager-receiver-RANDOM_VALUE_HERE - # If you'd like to change the username for this bot, uncomment and adjust. Otherwise, remove. # matrix_alertmanager_receiver_config_matrix_user_id_localpart: "bot.alertmanager.receiver" @@ -43,6 +35,27 @@ matrix_alertmanager_receiver_config_matrix_room_mapping: See `roles/custom/matrix-alertmanager-receiver/defaults/main.yml` for additional configuration variables. +### Adjusting the matrix-alertmanager-receiver URL + +By default, this playbook installs matrix-alertmanager-receiver on the `matrix.` subdomain, at the `/matrix-alertmanager-receiver` path (https://matrix.example.com/matrix-alertmanager-receiver). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. + +By tweaking the `matrix_alertmanager_receiver_hostname` and `matrix_alertmanager_receiver_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname and path prefix +matrix_alertmanager_receiver_hostname: alertmanager.example.com +matrix_alertmanager_receiver_path_prefix: / +``` + +## Adjusting DNS records + +If you've changed the default hostname, **you may need to adjust your DNS** records to point the matrix-alertmanager-receiver domain to the Matrix server. + +See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to use the default hostname, you won't need to do any extra DNS configuration. ## Account and room preparation diff --git a/docs/configuring-playbook-bot-honoroit.md b/docs/configuring-playbook-bot-honoroit.md index 5cd218d2f..717791573 100644 --- a/docs/configuring-playbook-bot-honoroit.md +++ b/docs/configuring-playbook-bot-honoroit.md @@ -9,15 +9,11 @@ See the project's [documentation](https://github.com/etkecc/honoroit#how-it-look ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable Honoroit, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_bot_honoroit_enabled: true -# Uncomment and adjust this part if you'd like to use a hostname or path different than the default -# matrix_bot_honoroit_hostname: "{{ matrix_server_fqn_matrix }}" -# matrix_bot_honoroit_path_prefix: /honoroit - # Uncomment and adjust this part if you'd like to use a username different than the default # matrix_bot_honoroit_login: honoroit @@ -28,6 +24,27 @@ matrix_bot_honoroit_password: PASSWORD_FOR_THE_BOT matrix_bot_honoroit_roomid: "!yourRoomID:{{ matrix_domain }}" ``` +### Adjusting the Honoroit URL + +By default, this playbook installs Honoroit on the `matrix.` subdomain, at the `/honoroit` path (https://matrix.example.com/honoroit). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. + +By tweaking the `matrix_bot_honoroit_hostname` and `matrix_bot_honoroit_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname and path prefix +matrix_bot_honoroit_hostname: honoroit.example.com +matrix_bot_honoroit_path_prefix: / +``` + +## Adjusting DNS records + +If you've changed the default hostname, **you may need to adjust your DNS** records to point the Honoroit domain to the Matrix server. + +See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to use the default hostname, you won't need to do any extra DNS configuration. ## Installing diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index 22b638f4c..cd866f6fd 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -10,7 +10,7 @@ does and why it might be useful to you. ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable maubot, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_bot_maubot_enabled: true @@ -27,6 +27,27 @@ matrix_bot_maubot_admins: You can add multiple admins. The admin accounts are only used to access the maubot administration interface. +### Adjusting the maubot URL + +By default, this playbook installs maubot on the `matrix.` subdomain, at the `/_matrix/maubot/` path (https://matrix.example.com/_matrix/maubot/). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. + +By tweaking the `matrix_bot_maubot_hostname` and `matrix_bot_maubot_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname and path prefix +matrix_bot_maubot_hostname: maubot.example.com +matrix_bot_maubot_path_prefix: / +``` + +## Adjusting DNS records + +If you've changed the default hostname, **you may need to adjust your DNS** records to point the maubot domain to the Matrix server. + +See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to use the default hostname, you won't need to do any extra DNS configuration. ## Installing @@ -38,7 +59,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -You can visit `matrix.example.com/_matrix/maubot/` to manage your available plugins, clients and instances. +By default, you can visit `matrix.example.com/_matrix/maubot/` to manage your available plugins, clients and instances. You should start in the following order 1. **Create one or more clients**: A client is a Matrix account which the bot will use to message. By default, the playbook creates a `bot.maubot` account (as per the configuration above). You only need to [obtain an access token](#obtaining-an-access-token) for it diff --git a/docs/configuring-playbook-bridge-heisenbridge.md b/docs/configuring-playbook-bridge-heisenbridge.md index 75c6b1315..f09e9add3 100644 --- a/docs/configuring-playbook-bridge-heisenbridge.md +++ b/docs/configuring-playbook-bridge-heisenbridge.md @@ -8,26 +8,44 @@ See the project's [README](https://github.com/hifi/heisenbridge/blob/master/READ ## Configuration -Below are the common configuration options that you may want to set, exhaustive list is in [the bridge's defaults var file](../roles/custom/matrix-bridge-heisenbridge/defaults/main.yml). - -At a minimum, you only need to enable the bridge to get it up and running (`inventory/host_vars/matrix.example.com/vars.yml`): +To enable Heisenbridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_heisenbridge_enabled: true -# set owner (optional) +# Setting the owner is optional as the first local user to DM `@heisenbridge:your-homeserver` will be made the owner. +# If you are not using a local user you must set it as otherwise you can't DM it at all. matrix_heisenbridge_owner: "@you:your-homeserver" -# to enable identd on host port 113/TCP (optional) -matrix_heisenbridge_identd_enabled: true +# Uncomment to enable identd on host port 113/TCP (optional) +# matrix_heisenbridge_identd_enabled: true ``` -By default, Heisenbrdige would be exposed on the Matrix domain (`matrix.example.com`, as specified in `matrix_server_fqn_matrix`) under the `/heisenbridge` path prefix. It would handle media requests there (see the [release notes for Heisenbridge v1.15.0](https://github.com/hifi/heisenbridge/releases/tag/v1.15.0)). +For a more complete list of variables that you could override, see the [`defaults/main.yml` file](../roles/custom/matrix-bridge-heisenbridge/defaults/main.yml) of the Heisenbridge Ansible role. -That's it! A registration file is automatically generated during the setup phase. +### Adjusting the Heisenbridge URL -Setting the owner is optional as the first local user to DM `@heisenbridge:your-homeserver` will be made the owner. -If you are not using a local user you must set it as otherwise you can't DM it at all. +By default, this playbook installs Heisenbridge on the `matrix.` subdomain, at the `/heisenbridge` path (https://matrix.example.com/heisenbridge). It would handle media requests there (see the [release notes for Heisenbridge v1.15.0](https://github.com/hifi/heisenbridge/releases/tag/v1.15.0)). + +This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. + +By tweaking the `matrix_heisenbridge_hostname` and `matrix_heisenbridge_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname and path prefix +matrix_heisenbridge_hostname: heisenbridge.example.com +matrix_heisenbridge_path_prefix: / +``` + +## Adjusting DNS records + +If you've changed the default hostname, **you may need to adjust your DNS** records to point the Heisenbridge domain to the Matrix server. + +See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to use the default hostname, you won't need to do any extra DNS configuration. ## Installing diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index d808d3e6e..735bf1edd 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -16,7 +16,7 @@ You can enable whichever component you need (typically both). ## Configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable Cactus Comments, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml ################# @@ -36,13 +36,31 @@ matrix_cactus_comments_enabled: true # When the backend (appservice) is enabled, this is also enabled automatically, # but we explicitly enable it here. matrix_cactus_comments_client_enabled: true - -# Uncomment and adjust this part if you'd like to host the client assets at a different location. -# These variables are only make used if (`matrix_cactus_comments_client_enabled: true`) -# matrix_cactus_comments_client_hostname: "{{ matrix_server_fqn_matrix }}" -# matrix_cactus_comments_client_path_prefix: /cactus-comments ``` +### Adjusting the Cactus Comments' client URL + +By default, this playbook installs Cactus Comments' client on the `matrix.` subdomain, at the `/cactus-comments` path (https://matrix.example.com/cactus-comments). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. + +By tweaking the `matrix_cactus_comments_client_hostname` and `matrix_cactus_comments_client_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname and path prefix to host the client assets at a different location +# These variables are used only if (`matrix_cactus_comments_client_enabled: true`) +matrix_cactus_comments_client_hostname: cactus.example.com +matrix_cactus_comments_client_path_prefix: / +``` + +## Adjusting DNS records + +If you've changed the default hostname, **you may need to adjust your DNS** records to point the Cactus Comments' client domain to the Matrix server. + +See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to use the default hostname, you won't need to do any extra DNS configuration. + ## Installing After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` @@ -91,3 +109,5 @@ Make sure to replace `example.com` with your base domain before you include the ``` + +**Note**: if the `matrix_cactus_comments_client_hostname` and `matrix_cactus_comments_client_path_prefix` variables are tweaked, you would need to adjust the URLs of the assets accordingly. diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index 9fd2620a1..b0a0a8d9c 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -94,7 +94,7 @@ For existing Synapse homeservers: ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable Matrix Authentication Service, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_authentication_service_enabled: true @@ -115,7 +115,7 @@ There are many other configuration options available. Consult the [`defaults/mai ### Adjusting the Matrix Authentication Service URL -By default, this playbook installs the Matrix Authentication Service on the `matrix.` subdomain, at the `/auth` path (e.g. https://matrix.example.com/auth). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. +By default, this playbook installs the Matrix Authentication Service on the `matrix.` subdomain, at the `/auth` path (https://matrix.example.com/auth). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. By tweaking the `matrix_authentication_service_hostname` and `matrix_authentication_service_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. @@ -259,6 +259,13 @@ matrix_authentication_service_config_upstream_oauth2_providers: ⚠ The syntax for existing [OIDC providers configured in Synapse](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on) is slightly different, so you will need to adjust your configuration when switching from Synapse OIDC to MAS upstream OAuth2. +## Adjusting DNS records + +If you've changed the default hostname, **you may need to adjust your DNS** records to point the Matrix Authentication Service domain to the Matrix server. + +See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to use the default hostname, you won't need to do any extra DNS configuration. ## Installing diff --git a/docs/configuring-playbook-matrix-registration.md b/docs/configuring-playbook-matrix-registration.md index cc5c0f69c..974789525 100644 --- a/docs/configuring-playbook-matrix-registration.md +++ b/docs/configuring-playbook-matrix-registration.md @@ -19,7 +19,7 @@ Use matrix-registration to **create unique registration links**, which people ca ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable matrix-registration, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_registration_enabled: true @@ -28,6 +28,28 @@ matrix_registration_enabled: true matrix_registration_admin_secret: "ENTER_SOME_SECRET_HERE" ``` +### Adjusting the matrix-registration URL + +By default, this playbook installs the matrix-registration on the `matrix.` subdomain, at the `/matrix-registration` path (https://matrix.example.com/matrix-registration). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. + +By tweaking the `matrix_registration_hostname` and `matrix_registration_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname and path prefix +matrix_registration_hostname: registration.example.com +matrix_registration_path_prefix: / +``` + +## Adjusting DNS records + +If you've changed the default hostname, **you may need to adjust your DNS** records to point the matrix-registration domain to the Matrix server. + +See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to use the default hostname, you won't need to do any extra DNS configuration. + ## Installing After configuring the playbook, run the [installation](installing.md) command: diff --git a/docs/configuring-playbook-sliding-sync-proxy.md b/docs/configuring-playbook-sliding-sync-proxy.md index 0368f4a3a..4193547f8 100644 --- a/docs/configuring-playbook-sliding-sync-proxy.md +++ b/docs/configuring-playbook-sliding-sync-proxy.md @@ -12,28 +12,35 @@ Element X Android is [available on the Github Releases page](https://github.com/ **Note**: The sliding-sync proxy is **not required** when using the **Conduit homeserver**. Starting from version `0.6.0` Conduit has native support for some sliding sync features. If there are issues with the native implementation, you might have a better experience when enabling the sliding-sync proxy anyway. -## Decide on a domain and path - -By default, the Sliding Sync proxy is configured to be served on the Matrix domain (`matrix.example.com`, controlled by `matrix_server_fqn_matrix`), under the `/sliding-sync` path. - -This makes it easy to set it up, **without** having to [adjust your DNS records](#adjusting-dns-records). - -If you'd like to run the Sliding Sync proxy on another hostname or path, use the `matrix_sliding_sync_hostname` and `matrix_sliding_sync_path_prefix` variables. - - -## Adjusting DNS records - -If you've changed the default hostname, **you may need to adjust your DNS** records. - - ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable Sliding Sync proxy, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_sliding_sync_enabled: true ``` +### Adjusting the Sliding Sync proxy URL + +By default, this playbook installs the Sliding Sync proxy on the `matrix.` subdomain, at the `/sliding-sync` path (https://matrix.example.com/sliding-sync). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. + +By tweaking the `matrix_sliding_sync_hostname` and `matrix_sliding_sync_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname and path prefix +matrix_sliding_sync_hostname: ss.example.com +matrix_sliding_sync_path_prefix: / +``` + +## Adjusting DNS records + +If you've changed the default hostname, **you may need to adjust your DNS** records to point the Honoroit domain to the Matrix server. + +See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to use the default hostname, you won't need to do any extra DNS configuration. ## Installing diff --git a/docs/configuring-playbook-synapse-admin.md b/docs/configuring-playbook-synapse-admin.md index 2482f83bb..497c0a709 100644 --- a/docs/configuring-playbook-synapse-admin.md +++ b/docs/configuring-playbook-synapse-admin.md @@ -9,7 +9,7 @@ See the project's [documentation](https://github.com/etkecc/synapse-admin) to le ## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable Synapse Admin, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_synapse_admin_enabled: true @@ -24,6 +24,27 @@ By default, synapse-admin installation will be [restricted to only work with one ⚠ **Warning**: If you're using [Matrix Authentication Service](./configuring-playbook-matrix-authentication-service.md) (MAS) for authentication, you will be able to [log into synapse-admin with an access token](https://github.com/etkecc/synapse-admin/pull/58), but certain synapse-admin features (especially those around user management) will be limited or not work at all. +### Adjusting the Synapse Admin URL + +By default, this playbook installs Synapse Admin on the `matrix.` subdomain, at the `/synapse-admin` path (https://matrix.example.com/synapse-admin). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. + +By tweaking the `matrix_synapse_admin_hostname` and `matrix_synapse_admin_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname and path prefix +matrix_synapse_admin_hostname: admin.example.com +matrix_synapse_admin_path_prefix: / +``` + +## Adjusting DNS records + +If you've changed the default hostname, **you may need to adjust your DNS** records to point the Synapse Admin domain to the Matrix server. + +See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to use the default hostname, you won't need to do any extra DNS configuration. ## Installing diff --git a/docs/configuring-playbook-synapse-usage-exporter.md b/docs/configuring-playbook-synapse-usage-exporter.md index 85c455b0f..0c9e19880 100644 --- a/docs/configuring-playbook-synapse-usage-exporter.md +++ b/docs/configuring-playbook-synapse-usage-exporter.md @@ -11,9 +11,9 @@ Enabling this service will automatically: - re-configure [Prometheus](./configuring-playbook-prometheus-grafana.md) (if Prometheus is enabled), to periodically scrape metrics from synapse-usage-exporter - add a new [Grafana](./configuring-playbook-prometheus-grafana.md) dashboard (if Grafana is enabled) containing Synapse usage statistics -## Quickstart +## Adjusting the playbook configuration -Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file and [re-run the installation process](./installing.md) for the playbook: +To enable synapse-usage-exporter, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_synapse_usage_exporter_enabled: true @@ -24,3 +24,30 @@ matrix_synapse_usage_exporter_enabled: true # You can adjust the hostname and path via `matrix_synapse_usage_exporter_hostname` and `matrix_synapse_usage_exporter_path_prefix`. # matrix_synapse_usage_exporter_proxying_enabled: true ``` + +### Adjusting the synapse-usage-exporter URL + +By default, this playbook installs synapse-usage-exporter on the `matrix.` subdomain, at the `/report-usage-stats/push` path (https://matrix.example.com/report-usage-stats/push). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. + +By tweaking the `matrix_synapse_usage_exporter_hostname` and `matrix_synapse_usage_exporter_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. + +Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +# Change the default hostname and path prefix +# These variables are used only if (`matrix_synapse_usage_exporter_proxying_enabled: true`) +matrix_synapse_usage_exporter_hostname: sue.example.com +matrix_synapse_usage_exporter_path_prefix: / +``` + +## Adjusting DNS records + +If you've changed the default hostname, **you may need to adjust your DNS** records to point the synapse-usage-exporter domain to the Matrix server. + +See [Configuring DNS](configuring-dns.md) for details about DNS changes. + +If you've decided to use the default hostname, you won't need to do any extra DNS configuration. + +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` From e8c61b0a3c22d546abe07dc7c7e1941bb59a495a Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 21 Oct 2024 05:42:21 +0900 Subject: [PATCH 138/404] Update lines for installing instruction: add anchor link to "adjusting DNS records" header Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-alertmanager-receiver.md | 2 +- docs/configuring-playbook-bot-buscarron.md | 2 +- docs/configuring-playbook-bot-go-neb.md | 2 +- docs/configuring-playbook-bot-honoroit.md | 2 +- docs/configuring-playbook-bot-maubot.md | 2 +- docs/configuring-playbook-bridge-heisenbridge.md | 2 +- docs/configuring-playbook-bridge-mautrix-wsproxy.md | 2 +- docs/configuring-playbook-cactus-comments.md | 2 +- docs/configuring-playbook-client-cinny.md | 2 +- docs/configuring-playbook-client-element.md | 2 +- docs/configuring-playbook-client-hydrogen.md | 2 +- docs/configuring-playbook-client-schildichat.md | 2 +- docs/configuring-playbook-dimension.md | 2 +- docs/configuring-playbook-etherpad.md | 2 +- docs/configuring-playbook-jitsi.md | 2 +- docs/configuring-playbook-matrix-authentication-service.md | 2 +- docs/configuring-playbook-matrix-registration.md | 2 +- docs/configuring-playbook-ntfy.md | 2 +- docs/configuring-playbook-prometheus-grafana.md | 2 +- docs/configuring-playbook-rageshake.md | 2 +- docs/configuring-playbook-sliding-sync-proxy.md | 2 +- docs/configuring-playbook-synapse-admin.md | 3 +-- docs/configuring-playbook-synapse-usage-exporter.md | 2 +- 23 files changed, 23 insertions(+), 24 deletions(-) diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index 566cfc550..1de72ee21 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -76,7 +76,7 @@ Steps 3 and 4 need to be done for each new room you'd like the bot to deliver al ## Installing -Now that you've [prepared the bot account and room](#account-and-room-preparation) and have [configured the playbook](#configuration), you can run the [installation](installing.md) command: `just install-all` +Now that you've [prepared the bot account and room](#account-and-room-preparation), [configured the playbook](#configuration), and potentially [adjusted your DNS records](#adjusting-dns-records), you can run the [installation](installing.md) command: `just install-all` Then, you can proceed to [Usage](#usage). diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index 4c81cebb9..20cd40c9f 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -56,7 +56,7 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Installing -After configuring the playbook, run the [installation](installing.md) command: +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: ```sh ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 72334f1a5..e3316a54b 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -217,7 +217,7 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Installing -After potentially [adjusting DNS records](#adjusting-dns-records) and configuring the playbook, run the [installation](installing.md) command again: +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start diff --git a/docs/configuring-playbook-bot-honoroit.md b/docs/configuring-playbook-bot-honoroit.md index 717791573..29680cb04 100644 --- a/docs/configuring-playbook-bot-honoroit.md +++ b/docs/configuring-playbook-bot-honoroit.md @@ -48,7 +48,7 @@ If you've decided to use the default hostname, you won't need to do any extra DN ## Installing -After configuring the playbook, run the [installation](installing.md) command: +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: ```sh ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index cd866f6fd..8a59ac919 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -51,7 +51,7 @@ If you've decided to use the default hostname, you won't need to do any extra DN ## Installing -After configuring the playbook, run the [installation](installing.md) command: `just install-all` +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` **Notes**: diff --git a/docs/configuring-playbook-bridge-heisenbridge.md b/docs/configuring-playbook-bridge-heisenbridge.md index f09e9add3..9a96330ff 100644 --- a/docs/configuring-playbook-bridge-heisenbridge.md +++ b/docs/configuring-playbook-bridge-heisenbridge.md @@ -49,7 +49,7 @@ If you've decided to use the default hostname, you won't need to do any extra DN ## Installing -After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-bridge-mautrix-wsproxy.md b/docs/configuring-playbook-bridge-mautrix-wsproxy.md index 48e3a9198..14af101dc 100644 --- a/docs/configuring-playbook-bridge-mautrix-wsproxy.md +++ b/docs/configuring-playbook-bridge-mautrix-wsproxy.md @@ -41,7 +41,7 @@ By default, you will need to create a CNAME record for `wsproxy`. See [Configuri ## Installing -After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index 735bf1edd..0607e288e 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -63,7 +63,7 @@ If you've decided to use the default hostname, you won't need to do any extra DN ## Installing -After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-client-cinny.md b/docs/configuring-playbook-client-cinny.md index 680baa1d8..9925c836f 100644 --- a/docs/configuring-playbook-client-cinny.md +++ b/docs/configuring-playbook-client-cinny.md @@ -39,4 +39,4 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Installing -After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-client-element.md b/docs/configuring-playbook-client-element.md index 159072cca..c0f7c348c 100644 --- a/docs/configuring-playbook-client-element.md +++ b/docs/configuring-playbook-client-element.md @@ -66,4 +66,4 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Installing -After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-client-hydrogen.md b/docs/configuring-playbook-client-hydrogen.md index 6ad08c770..7e3aab465 100644 --- a/docs/configuring-playbook-client-hydrogen.md +++ b/docs/configuring-playbook-client-hydrogen.md @@ -39,4 +39,4 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Installing -After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat.md index 6f220ad65..0cf640f6f 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat.md @@ -65,4 +65,4 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Installing -After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index 93f2c7d51..aca5fdb83 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -73,7 +73,7 @@ By default, you will need to create a CNAME record for `dimension`. See [Configu ## Installing -After these variables have been set and you have potentially [adjusted your DNS records](#adjusting-dns-records), please run the following command to re-run setup and to restart Dimension: +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 18e37c5f4..8a734a739 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -44,7 +44,7 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Installing -After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Usage diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 3398bf3c1..ac39b3b88 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -284,7 +284,7 @@ Besides metadata, this includes the Matrix user_id and possibly the room identif ## Installing -After configuring the playbook, run the [installation](installing.md) command: +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index b0a0a8d9c..8c2631d40 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -269,7 +269,7 @@ If you've decided to use the default hostname, you won't need to do any extra DN ## Installing -Now that you've [adjusted the playbook configuration](#adjusting-the-playbook-configuration), you can run the [installation](installing.md) command: `just install-all` +Now that you've [adjusted the playbook configuration](#adjusting-the-playbook-configuration) and [your DNS records](#adjusting-dns-records), you can run the [installation](installing.md) command: `just install-all` If you're in the process of migrating an existing Synapse homeserver to MAS, you should now follow the rest of the steps in the [Migrating an existing homeserver to Matrix Authentication Service](#migrating-an-existing-homeserver-to-matrix-authentication-service) guide. diff --git a/docs/configuring-playbook-matrix-registration.md b/docs/configuring-playbook-matrix-registration.md index 974789525..2b89a3eca 100644 --- a/docs/configuring-playbook-matrix-registration.md +++ b/docs/configuring-playbook-matrix-registration.md @@ -52,7 +52,7 @@ If you've decided to use the default hostname, you won't need to do any extra DN ## Installing -After configuring the playbook, run the [installation](installing.md) command: +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index aedd51b81..48a51da48 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -50,7 +50,7 @@ By default, you will need to create a CNAME record for `ntfy`. See [Configuring ## Installing -After configuring the playbook, run the [installation](installing.md) command: +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index 3b0426b07..c92fd1ede 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -55,7 +55,7 @@ By default, you will need to create a CNAME record for `stats`. See [Configuring ## Installing -After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` or `just setup-all` ## What does it do? diff --git a/docs/configuring-playbook-rageshake.md b/docs/configuring-playbook-rageshake.md index a9f7f63b6..154949499 100644 --- a/docs/configuring-playbook-rageshake.md +++ b/docs/configuring-playbook-rageshake.md @@ -51,7 +51,7 @@ If you've decided to reuse the `matrix.` domain, you won't need to do any extra ## Installing -After configuring the playbook, run the [installation](installing.md) command: +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start diff --git a/docs/configuring-playbook-sliding-sync-proxy.md b/docs/configuring-playbook-sliding-sync-proxy.md index 4193547f8..b35fe25ba 100644 --- a/docs/configuring-playbook-sliding-sync-proxy.md +++ b/docs/configuring-playbook-sliding-sync-proxy.md @@ -44,7 +44,7 @@ If you've decided to use the default hostname, you won't need to do any extra DN ## Installing -After potentially [adjusting DNS records](#adjusting-dns-records) and configuring the playbook, run the [installation](installing.md) command again: `just install-all`. +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all`. ### External databases diff --git a/docs/configuring-playbook-synapse-admin.md b/docs/configuring-playbook-synapse-admin.md index 497c0a709..39d9d3df4 100644 --- a/docs/configuring-playbook-synapse-admin.md +++ b/docs/configuring-playbook-synapse-admin.md @@ -48,8 +48,7 @@ If you've decided to use the default hostname, you won't need to do any extra DN ## Installing -After configuring the playbook, run the [installation](installing.md) command: `just install-all` - +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: ## Usage diff --git a/docs/configuring-playbook-synapse-usage-exporter.md b/docs/configuring-playbook-synapse-usage-exporter.md index 0c9e19880..8a472f345 100644 --- a/docs/configuring-playbook-synapse-usage-exporter.md +++ b/docs/configuring-playbook-synapse-usage-exporter.md @@ -50,4 +50,4 @@ If you've decided to use the default hostname, you won't need to do any extra DN ## Installing -After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` or `just setup-all` From a6fa33e16c00cfc55285297dce3d124aed79ba3a Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 21 Oct 2024 05:48:02 +0900 Subject: [PATCH 139/404] Update docs/configuring-playbook-alertmanager-receiver.md: fix anchor links Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-alertmanager-receiver.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index 1de72ee21..0e10a5016 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -69,14 +69,14 @@ The playbook can automatically create users, but it cannot automatically obtain 4. Log in as the bot using any Matrix client of your choosing, accept the room invitation from the bot's account and log out 5. (Optionally) Adjust `matrix_alertmanager_receiver_config_matrix_room_mapping` to create a mapping between the new room and its ID -Steps 1 and 2 above only need to be done once, while preparing your [configuration](#configuration). +Steps 1 and 2 above only need to be done once, while preparing your [configuration](#adjusting-the-playbook-configuration). Steps 3 and 4 need to be done for each new room you'd like the bot to deliver alerts to. Step 5 is optional and provides cleaner `/alert/` URLs. ## Installing -Now that you've [prepared the bot account and room](#account-and-room-preparation), [configured the playbook](#configuration), and potentially [adjusted your DNS records](#adjusting-dns-records), you can run the [installation](installing.md) command: `just install-all` +Now that you've [prepared the bot account and room](#account-and-room-preparation), [configured the playbook](#adjusting-the-playbook-configuration), and potentially [adjusted your DNS records](#adjusting-dns-records), you can run the [installation](installing.md) command: `just install-all` Then, you can proceed to [Usage](#usage). From 8f2e9e03a2ef0cc3379b4af3edd4b50e45cddca4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 21 Oct 2024 09:13:14 +0300 Subject: [PATCH 140/404] Use raw/endraw around templated strings in matrix_authentication_service_config_upstream_oauth2_providers sample config Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3645 --- .../configuring-playbook-matrix-authentication-service.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index 9fd2620a1..939aaf35e 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -229,21 +229,21 @@ matrix_authentication_service_config_upstream_oauth2_providers: # By default it uses the `sub` claim as per the OIDC spec, # which should fit most use cases. subject: - #template: "{{ user.sub }}" + #template: "{% raw %}{{ user.sub }}{% endraw %}" # The localpart is the local part of the user's Matrix ID. # For example, on the `example.com` server, if the localpart is `alice`, # the user's Matrix ID will be `@alice:example.com`. localpart: #action: force - #template: "{{ user.preferred_username }}" + #template: "{% raw %}{{ user.preferred_username }}{% endraw %}" # The display name is the user's display name. displayname: #action: suggest - #template: "{{ user.name }}" + #template: "{% raw %}{{ user.name }}{% endraw %}" # An email address to import. email: #action: suggest - #template: "{{ user.email }}" + #template: "{% raw %}{{ user.email }}{% endraw %}" # Whether the email address must be marked as verified. # Possible values are: # - `import`: mark the email address as verified if the upstream provider From 44682a9e0f162ede99ad6ab12ab33b07cd499af1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 21 Oct 2024 10:52:17 +0300 Subject: [PATCH 141/404] Disable automatic user creation when MAS migration is in progress Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3647 --- roles/custom/matrix-user-creator/tasks/setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-user-creator/tasks/setup.yml b/roles/custom/matrix-user-creator/tasks/setup.yml index d63177736..55e1dedef 100644 --- a/roles/custom/matrix-user-creator/tasks/setup.yml +++ b/roles/custom/matrix-user-creator/tasks/setup.yml @@ -31,7 +31,7 @@ # Suppress logging to avoid dumping the credentials to the shell no_log: true -- when: matrix_authentication_service_enabled | bool +- when: matrix_authentication_service_enabled and not matrix_authentication_service_migration_in_progress block: - name: Ensure Matrix Authentication Service is started before creating Matrix users ansible.builtin.service: From 5431a34c69d5ac3298becc2985077703986ac5ed Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 21 Oct 2024 10:57:05 +0300 Subject: [PATCH 142/404] Document matrix-user-creator suppression during MAS migration Related to 3d7a926c1993927054717eff56dc23b076206757 Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3647 --- docs/configuring-playbook-matrix-authentication-service.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index 25d5f4fe2..8efde619f 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -294,6 +294,8 @@ The installation + migration steps are like this: - Various [compatibility layer URLs](https://element-hq.github.io/matrix-authentication-service/setup/homeserver.html#set-up-the-compatibility-layer) are not yet installed. New login sessions will still be forwarded to the homeserver, which is capable of completing them. + - The `matrix-user-creator` role would be suppressed, so that it doesn't automatically attempt to create users (for bots, etc.) in the MAS database. These user accounts likely already exist in Synapse's user database and could be migrated over (via syn2mas, as per the steps below), so creating them in the MAS database would have been unnecessary and potentially problematic (conflicts during the syn2mas migration). + 3. Consider taking a full [backup of your Postgres database](./maintenance-postgres.md#backing-up-postgresql). This is done just in case. The **syn2mas migration tool does not delete any data**, so it should be possible to revert to your previous setup by merely disabling MAS and re-running the playbook (no need to restore a Postgres backup). However, do note that as users start logging in (creating new login sessions) via the new MAS setup, disabling MAS and reverting back to the Synapse user database will cause these new sessions to break. 4. [Migrate your data from Synapse to Matrix Authentication Service using syn2mas](#migrate-your-data-from-synapse-to-matrix-authentication-service-using-syn2mas) From fce459d04c5fac8326586c8926146f73639652e7 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 21 Oct 2024 17:02:33 +0900 Subject: [PATCH 143/404] Replace the default hostnames with others on documentation files for components about adjusting the service URL Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-mautrix-wsproxy.md | 2 +- docs/configuring-playbook-jitsi.md | 2 +- docs/configuring-playbook-ntfy.md | 2 +- docs/configuring-playbook-prometheus-grafana.md | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-wsproxy.md b/docs/configuring-playbook-bridge-mautrix-wsproxy.md index 14af101dc..b32a4749d 100644 --- a/docs/configuring-playbook-bridge-mautrix-wsproxy.md +++ b/docs/configuring-playbook-bridge-mautrix-wsproxy.md @@ -30,7 +30,7 @@ Example additional configuration for your `inventory/host_vars/matrix.example.co ```yaml # Change the default hostname -matrix_mautrix_wsproxy_hostname: wsproxy.example.com +matrix_mautrix_wsproxy_hostname: ws.example.com ``` ## Adjusting DNS records diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index ac39b3b88..e81d748a4 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -33,7 +33,7 @@ Example additional configuration for your `inventory/host_vars/matrix.example.co ```yaml # Change the default hostname -jitsi_hostname: jitsi.example.com +jitsi_hostname: call.example.com ``` ## Adjusting DNS records diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index 48a51da48..e89f20ea7 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -39,7 +39,7 @@ Example additional configuration for your `inventory/host_vars/matrix.example.co ```yaml # Change the default hostname -ntfy_hostname: ntfy.example.com +ntfy_hostname: push.example.com ``` ## Adjusting DNS records diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index c92fd1ede..3b0423e2a 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -42,7 +42,7 @@ Example additional configuration for your `inventory/host_vars/matrix.example.co ```yaml # Change the default hostname -grafana_hostname: stats.example.com +grafana_hostname: grafana.example.com ``` ## Adjusting DNS records From 8f1262b59620dabf2dccc327f4397391cfd78c12 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 21 Oct 2024 11:33:36 +0300 Subject: [PATCH 144/404] Add matrix_authentication_service_syn2mas_process_extra_arguments to allow for --upstreamProviderMapping to be used with syn2mas This makes it possible to migrate from Synapse when OIDC had been used and the Synapse user database contains OIDC-sourced users. --- ...-playbook-matrix-authentication-service.md | 48 +++++++++++++++++-- .../defaults/main.yml | 7 +++ 2 files changed, 50 insertions(+), 5 deletions(-) diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index 8efde619f..521ee5db9 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -259,6 +259,9 @@ matrix_authentication_service_config_upstream_oauth2_providers: ⚠ The syntax for existing [OIDC providers configured in Synapse](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on) is slightly different, so you will need to adjust your configuration when switching from Synapse OIDC to MAS upstream OAuth2. +⚠ When [migrating an existing homeserver](#migrating-an-existing-homeserver-to-matrix-authentication-service) which contains OIDC-sourced users, you will need to [Configure upstream OIDC provider mapping for syn2mas](#configuring-upstream-oidc-provider-mapping-for-syn2mas). + + ## Adjusting DNS records If you've changed the default hostname, **you may need to adjust your DNS** records to point the Matrix Authentication Service domain to the Matrix server. @@ -317,9 +320,40 @@ We **don't** ask you to [run the `syn2mas` migration advisor command](https://el You can invoke the `syn2mas` tool via the playbook by running the playbook's `matrix-authentication-service-syn2mas` tag. We recommend first doing a [dry-run](#performing-a-syn2mas-dry-run) and then a [real migration](#performing-a-real-syn2mas-migration). +#### Configuring syn2mas + +If you're using [OIDC with Synapse](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on), you will need to [Configuring upstream OIDC provider mapping for syn2mas](#configuring-upstream-oidc-provider-mapping-for-syn2mas). + +If you only have local (non-OIDC) users in your Synapse database, you can likely run `syn2mas` as-is (without doing additional configuration changes). + +When you're done with potentially configuring `syn2mas`, proceed to doing a [dry-run](#performing-a-syn2mas-dry-run) and then a [real migration](#performing-a-real-syn2mas-migration). + +##### Configuring upstream OIDC provider mapping for syn2mas + +If you have existing OIDC users in your Synapse user database (which will be the case if when using [OIDC with Synapse](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on)), you may need to pass an additional `--upstreamProviderMapping` argument to the `syn2mas` tool to tell it which provider (on the Synapse side) maps to which other provider on the MAS side. + +If you don't do this, `syn2mas` would report errors like this one: + +> [FATAL] migrate - [Failed to import external id 4264b0f0-4f11-4ddd-aedb-b500e4d07c25 with oidc-keycloak for user @user:example.com: Error: Unknown upstream provider oidc-keycloak] + +Below is an example situation and a guide for how to solve it. + +If in `matrix_synapse_oidc_providers` your provider `idp_id` is (was) named `keycloak`, in the Synapse database users would be associated with the `oidc-keycloak` provider (note the `oidc-` prefix that was added automatically by Synapse to your `idp_id` value). + +The same OIDC provider may have an `id` of `01HFVBY12TMNTYTBV8W921M5FA` on the MAS side, as defined in `matrix_authentication_service_config_upstream_oauth2_providers` (see the [Upstream OAuth2 configuration](#upstream-oauth2-configuration) section above). + +To tell `syn2mas` how the Synapse-configured OIDC provider maps to the new MAS-configured OIDC provider, add this additional configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yml +# Adjust the mapping below to match your provider ids on the Synapse side and the MAS side. +# Don't forget that Synapse automatically adds an `oidc-` prefix to provider ids defined in its configuration. +matrix_authentication_service_syn2mas_process_extra_arguments: + - "--upstreamProviderMapping oidc-keycloak:01HFVBY12TMNTYTBV8W921M5FA" +``` + #### Performing a syn2mas dry-run -We recommend doing a [dry-run](https://en.wikipedia.org/wiki/Dry_run_(testing)) first to verify that everything will work out as expected. +Having [configured syn2mas](#configuring-syn2mas), we recommend doing a [dry-run](https://en.wikipedia.org/wiki/Dry_run_(testing)) first to verify that everything will work out as expected. A dry-run would not cause downtime, because it avoids stopping Synapse. @@ -333,13 +367,17 @@ Observe the command output (especially the last line of the the syn2mas output). #### Performing a real syn2mas migration -Before performing a real migration: +Before performing a real migration make sure: -- make sure you've familiarized yourself with the [expectations](#expectations) +- you've familiarized yourself with the [expectations](#expectations) -- make sure you've performed a Postgres backup, just in case +- you've performed a Postgres backup, just in case -- make sure you're aware of the irreversibility of the migration process without disruption after users have created new login sessions via the new MAS setup +- you're aware of the irreversibility of the migration process without disruption after users have created new login sessions via the new MAS setup + +- you've [configured syn2mas](#configuring-syn2mas), especially if you've used [OIDC with Synapse](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on) + +- you've performed a [syn2mas dry-run](#performing-a-syn2mas-dry-run) and don't see any issues in its output To perform a real migration, run the `matrix-authentication-service-syn2mas` tag **without** the `matrix_authentication_service_syn2mas_dry_run` variable: diff --git a/roles/custom/matrix-authentication-service/defaults/main.yml b/roles/custom/matrix-authentication-service/defaults/main.yml index e6f9e09de..9e7780e34 100644 --- a/roles/custom/matrix-authentication-service/defaults/main.yml +++ b/roles/custom/matrix-authentication-service/defaults/main.yml @@ -567,6 +567,13 @@ matrix_authentication_service_syn2mas_container_network: "{{ matrix_authenticati # Path to Synapse's homeserver.yaml configuration file. matrix_authentication_service_syn2mas_synapse_homeserver_config_path: "" +# Additional arguments passed to the syn2mas process. +# +# Example: +# matrix_authentication_service_syn2mas_process_extra_arguments: +# - "--upstreamProviderMapping oidc-keycloak:01H8PKNWKKRPCBW4YGH1RWV279" +matrix_authentication_service_syn2mas_process_extra_arguments: [] + ######################################################################################## # # # /syn2mas configuration # From 70411706a9d716d582bdaabacf5678a67193b96c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 21 Oct 2024 17:52:57 +0900 Subject: [PATCH 145/404] Update docs/configuring-playbook-bridge-heisenbridge.md: matrix_heisenbridge_owner domain and usage Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-heisenbridge.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bridge-heisenbridge.md b/docs/configuring-playbook-bridge-heisenbridge.md index 9a96330ff..c5b7f4a7c 100644 --- a/docs/configuring-playbook-bridge-heisenbridge.md +++ b/docs/configuring-playbook-bridge-heisenbridge.md @@ -13,9 +13,9 @@ To enable Heisenbridge, add the following configuration to your `inventory/host_ ```yaml matrix_heisenbridge_enabled: true -# Setting the owner is optional as the first local user to DM `@heisenbridge:your-homeserver` will be made the owner. +# Setting the owner is optional as the first local user to DM `@heisenbridge:example.com` will be made the owner. # If you are not using a local user you must set it as otherwise you can't DM it at all. -matrix_heisenbridge_owner: "@you:your-homeserver" +matrix_heisenbridge_owner: "@you:example.com" # Uncomment to enable identd on host port 113/TCP (optional) # matrix_heisenbridge_identd_enabled: true @@ -53,9 +53,9 @@ After configuring the playbook and potentially [adjusting your DNS records](#adj ## Usage -After the bridge is successfully running just DM `@heisenbridge:your-homeserver` to start setting it up. +After the bridge is successfully running just DM `@heisenbridge:example.com` to start setting it up. If the bridge ignores you and a DM is not accepted then the owner setting may be wrong. + Help is available for all commands with the `-h` switch. -If the bridge ignores you and a DM is not accepted then the owner setting may be wrong. You can also learn the basics by watching [this demonstration video](https://www.youtube.com/watch?v=nQk1Bp4tk4I). From b9ca98d1e3a6aab186a5e26964d990efb57ae193 Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Mon, 21 Oct 2024 13:54:38 +0300 Subject: [PATCH 146/404] do not create MAS DB if MAS is disabled --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 2f10e72e0..1d89b451c 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -4027,7 +4027,7 @@ postgres_managed_databases_auto: | 'name': matrix_authentication_service_config_database_database, 'username': matrix_authentication_service_config_database_username, 'password': matrix_authentication_service_config_database_password, - }] if (matrix_authentication_service_config_database_host == postgres_connection_hostname) else []) + }] if (matrix_authentication_service_enabled and matrix_authentication_service_config_database_host == postgres_connection_hostname) else []) + ([{ 'name': matrix_sliding_sync_database_name, From a897841f9bc11c6810d03e5cee02404768e7c464 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 21 Oct 2024 14:26:41 +0300 Subject: [PATCH 147/404] Add missing usage of matrix_authentication_service_syn2mas_process_extra_arguments when constructing matrix_authentication_service_syn2mas_migration_command --- roles/custom/matrix-authentication-service/tasks/syn2mas.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/custom/matrix-authentication-service/tasks/syn2mas.yml b/roles/custom/matrix-authentication-service/tasks/syn2mas.yml index 7887821a4..46ae2688c 100644 --- a/roles/custom/matrix-authentication-service/tasks/syn2mas.yml +++ b/roles/custom/matrix-authentication-service/tasks/syn2mas.yml @@ -97,6 +97,7 @@ --command=migrate --synapseConfigFile=/homeserver.yaml --masConfigFile=/mas-config.yaml + {{ matrix_authentication_service_syn2mas_process_extra_arguments | join(' ') }} {% if matrix_authentication_service_syn2mas_dry_run | bool %}--dryRun{% endif %} tags: - skip_ansible_lint From 17f98f005e4d2f2d596109a4af368f3b44fcd482 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 21 Oct 2024 14:29:04 +0300 Subject: [PATCH 148/404] Upgrade Hydrogen (v0.5.0 -> v0.5.1) --- roles/custom/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-hydrogen/defaults/main.yml b/roles/custom/matrix-client-hydrogen/defaults/main.yml index 820adf844..480492b42 100644 --- a/roles/custom/matrix-client-hydrogen/defaults/main.yml +++ b/roles/custom/matrix-client-hydrogen/defaults/main.yml @@ -7,7 +7,7 @@ matrix_client_hydrogen_container_image_self_build: false matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/element-hq/hydrogen-web.git" # renovate: datasource=docker depName=ghcr.io/element-hq/hydrogen-web -matrix_client_hydrogen_version: v0.5.0 +matrix_client_hydrogen_version: v0.5.1 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}element-hq/hydrogen-web:{{ matrix_client_hydrogen_version }}" matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build else 'ghcr.io/' }}" matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}" From 7b35beb84303a5f9a10f06372f7b26b6c52a2513 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 21 Oct 2024 14:31:53 +0300 Subject: [PATCH 149/404] Get rid of some double spaces --- CHANGELOG.md | 2 +- docs/configuring-dns.md | 2 +- examples/reverse-proxies/caddy2-in-container/Caddyfile | 8 ++++---- examples/reverse-proxies/haproxy/haproxy.cfg | 9 ++++----- group_vars/matrix_servers | 4 ++-- .../templates/config.yaml.j2 | 3 +-- 6 files changed, 13 insertions(+), 15 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 83ccb5920..21b59f9d6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -927,7 +927,7 @@ Until now, we've been doing the migration gradually and keeping full backward co Each change we do and each new feature that comes in needs to support all these different ways of reverse-proxying. Because `matrix-nginx-proxy` was the default and pretty much everyone was (and still is) using it, means that new PRs also come with `matrix-nginx-proxy` as their main focus and Traefik as an afterthought, which means we need to spend hours fixing up Traefik support. -We can't spend all this time maintaining so many different configurations anymore. Traefik support has been an option for 2 weeks and lots of people have already migrated their server and have tested things out. Traefik is what we use and preferentially test for. +We can't spend all this time maintaining so many different configurations anymore. Traefik support has been an option for 2 weeks and lots of people have already migrated their server and have tested things out. Traefik is what we use and preferentially test for. It's time for the **next step in our migration process** to Traefik and elimination of `matrix-nginx-proxy`: diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 720424425..f818dc672 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -10,7 +10,7 @@ over to `matrix.example.com`. As we discuss in [Server Delegation](howto-server-delegation.md), there are 2 different ways to set up such delegation: - either by serving a `https://example.com/.well-known/matrix/server` file (from the base domain!) -- or by using a `_matrix._tcp` DNS SRV record (don't confuse this with the `_matrix-identity._tcp` SRV record described below) +- or by using a `_matrix._tcp` DNS SRV record (don't confuse this with the `_matrix-identity._tcp` SRV record described below) This playbook mostly discusses the well-known file method, because it's easier to manage with regard to certificates. If you decide to go with the alternative method ([Server Delegation via a DNS SRV record (advanced)](howto-server-delegation.md#server-delegation-via-a-dns-srv-record-advanced)), please be aware that the general flow that this playbook guides you through may not match what you need to do. diff --git a/examples/reverse-proxies/caddy2-in-container/Caddyfile b/examples/reverse-proxies/caddy2-in-container/Caddyfile index 10df00d46..0a3d1df07 100644 --- a/examples/reverse-proxies/caddy2-in-container/Caddyfile +++ b/examples/reverse-proxies/caddy2-in-container/Caddyfile @@ -3,8 +3,8 @@ matrix.example.com { handle { encode zstd gzip - # Use the docker service name instead of localhost or 127.0.0.1 here - matrix-traefik:8080 { + # Use the docker service name instead of localhost or 127.0.0.1 here + matrix-traefik:8080 { header_up X-Forwarded-Port {http.request.port} header_up X-Forwarded-TlsProto {tls_protocol} header_up X-Forwarded-TlsCipher {tls_cipher} @@ -13,12 +13,12 @@ matrix.example.com { } } -# Put `https://` at the beginning to enforce https protocol as 8448 is not the default https port (which is 443) +# Put `https://` at the beginning to enforce https protocol as 8448 is not the default https port (which is 443) https://matrix.example.com:8448 { handle { encode zstd gzip - # Use the docker service name instead of localhost or 127.0.0.1 here + # Use the docker service name instead of localhost or 127.0.0.1 here reverse_proxy matrix-traefik:8448 { header_up X-Forwarded-Port {http.request.port} header_up X-Forwarded-TlsProto {tls_protocol} diff --git a/examples/reverse-proxies/haproxy/haproxy.cfg b/examples/reverse-proxies/haproxy/haproxy.cfg index b3e176a89..57c562bdd 100644 --- a/examples/reverse-proxies/haproxy/haproxy.cfg +++ b/examples/reverse-proxies/haproxy/haproxy.cfg @@ -24,8 +24,8 @@ defaults option forwardfor option redispatch timeout connect 5000 - timeout client 50000 - timeout server 50000 + timeout client 50000 + timeout server 50000 errorfile 400 /etc/haproxy/errors/400.http errorfile 403 /etc/haproxy/errors/403.http errorfile 408 /etc/haproxy/errors/408.http @@ -71,11 +71,10 @@ backend matrix-federation backend nginx-static capture request header origin len 128 http-response add-header Access-Control-Allow-Origin * - rspadd Access-Control-Allow-Methods:\ GET,\ HEAD,\ OPTIONS,\ POST,\ PUT if { capture.req.hdr(0) -m found } - rspadd Access-Control-Allow-Credentials:\ true if { capture.req.hdr(0) -m found } + rspadd Access-Control-Allow-Methods:\ GET,\ HEAD,\ OPTIONS,\ POST,\ PUT if { capture.req.hdr(0) -m found } + rspadd Access-Control-Allow-Credentials:\ true if { capture.req.hdr(0) -m found } rspadd Access-Control-Allow-Headers:\ Origin,\ Accept,\ X-Requested-With,\ Content-Type,\ Access-Control-Request-Method,\ Access-Control-Request-Headers,\ Authorization if { capture.req.hdr(0) -m found } server nginx 127.0.0.1:40888 check backend element server element 127.0.0.1:8765 check - diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 1d89b451c..eecdf9264 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -4063,7 +4063,7 @@ postgres_managed_databases_auto: | 'name': matrix_bot_maubot_database_name, 'username': matrix_bot_maubot_database_username, 'password': matrix_bot_maubot_database_password, - }] if (matrix_bot_maubot_enabled and matrix_bot_maubot_database_engine == 'postgres' and matrix_bot_maubot_database_hostname == postgres_connection_hostname) else []) + }] if (matrix_bot_maubot_enabled and matrix_bot_maubot_database_engine == 'postgres' and matrix_bot_maubot_database_hostname == postgres_connection_hostname) else []) + ([{ 'name': matrix_bot_buscarron_database_name, @@ -4231,7 +4231,7 @@ postgres_managed_databases_auto: | 'name': matrix_mx_puppet_discord_database_name, 'username': matrix_mx_puppet_discord_database_username, 'password': matrix_mx_puppet_discord_database_password, - }] if (matrix_mx_puppet_discord_enabled and matrix_mx_puppet_discord_database_engine == 'postgres' and matrix_mx_puppet_discord_database_hostname == postgres_connection_hostname) else []) + }] if (matrix_mx_puppet_discord_enabled and matrix_mx_puppet_discord_database_engine == 'postgres' and matrix_mx_puppet_discord_database_hostname == postgres_connection_hostname) else []) + ([{ 'name': matrix_mx_puppet_steam_database_name, diff --git a/roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 b/roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 index c5a01535f..531adfd98 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 @@ -87,7 +87,7 @@ manhole: # Bridge config bridge: - # Localpart template of MXIDs for LinkedIn users. + # Localpart template of MXIDs for LinkedIn users. # {userid} is replaced with the user ID of the LinkedIn user username_template: "linkedin_{userid}" # Settings for creating a space for every user. @@ -263,4 +263,3 @@ logging: root: level: {{ matrix_beeper_linkedin_logging_level|to_json }} handlers: [console] - From 81a4ef54aaf6288b0c56c8107557d6edc303f51b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 21 Oct 2024 20:43:25 +0900 Subject: [PATCH 150/404] Update docs/configuring-dns: fix an incorrect anchor link Signed-off-by: Suguru Hirahara --- docs/configuring-dns.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index f818dc672..d65d5031a 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -84,7 +84,7 @@ The `wsproxy.example.com` subdomain may be necessary, because this playbook coul The `buscarron.example.com` subdomain may be necessary, because this playbook could install the [buscarron](https://github.com/etkecc/buscarron) bot. The installation of buscarron is disabled by default, it is not a core required component. To learn how to install it, see our [configuring buscarron guide](configuring-playbook-bot-buscarron.md). If you do not wish to set up buscarron, feel free to skip the `buscarron.example.com` DNS record. -The `rageshake.example.com` subdomain may be necessary, because this playbook could install the [rageshake](https://github.com/matrix-org/rageshake) bug report server. The installation of Rageshake is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Rageshake guide](docs/configuring-playbook-rageshake.md). If you do not wish to set up Rageshake, feel free to skip the `rageshake.example.com` DNS record. +The `rageshake.example.com` subdomain may be necessary, because this playbook could install the [rageshake](https://github.com/matrix-org/rageshake) bug report server. The installation of Rageshake is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Rageshake guide](configuring-playbook-rageshake.md). If you do not wish to set up Rageshake, feel free to skip the `rageshake.example.com` DNS record. ## `_matrix-identity._tcp` SRV record setup From ebd44636541149bd809e3adf0156112fa7378ca8 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 23:43:10 +0900 Subject: [PATCH 151/404] =?UTF-8?q?Fix=20internal=20room=20ID:=20room.id?= =?UTF-8?q?=20=E2=86=92=20example.com?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-slack.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index cf1814a8f..80864cbf7 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -90,19 +90,19 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se with file bridging: ``` - link --channel_id CHANNELID --room !the-matrix:room.id --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx --slack_user_token xoxp-xxxxxxxx-xxxxxxxxx-xxxxxxxx-xxxxxxxx + link --channel_id CHANNELID --room !the-matrix:example.com --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx --slack_user_token xoxp-xxxxxxxx-xxxxxxxxx-xxxxxxxx-xxxxxxxx ``` without file bridging: ``` - link --channel_id CHANNELID --room !the-matrix:room.id --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx + link --channel_id CHANNELID --room !the-matrix:example.com --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx ``` These arguments can be shortened to single-letter forms: ``` - link -I CHANNELID -R !the-matrix:room.id -t xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx + link -I CHANNELID -R !the-matrix:example.com -t xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx ``` Other configuration options are available via the `matrix_appservice_slack_configuration_extension_yaml` variable. @@ -112,7 +112,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se Channels can be unlinked again like this: ``` - unlink --room !the-matrix:room.id + unlink --room !the-matrix:example.com ``` Unlinking doesn't only disconnect the bridge, but also makes the slackbot leave the bridged Matrix room. So in case you want to re-link later, don't forget to re-invite the slackbot into this room again. From ec1b18cf6ea2dd215a086eaadb3ff009db7bf616 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 18 Oct 2024 23:45:03 +0900 Subject: [PATCH 152/404] =?UTF-8?q?Fix=20internal=20room=20ID:=20id=20?= =?UTF-8?q?=E2=86=92=20example.com?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-go-neb.md | 6 +++--- roles/custom/matrix-bot-go-neb/defaults/main.yml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index e3316a54b..cd1974295 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -151,13 +151,13 @@ matrix_bot_go_neb_services: RealmID: "github_realm" ClientUserID: "@YOUR_USER_ID:{{ matrix_domain }}" # needs to be an authenticated user so Go-NEB can create webhooks. Check the UserID field in the github_realm in matrix_bot_go_neb_sessions. Rooms: - "!someroom:id": + "!someroom:example.com": Repos: "element-hq/synapse": Events: ["push", "issues"] "matrix-org/dendron": Events: ["pull_request"] - "!anotherroom:id": + "!anotherroom:example.com": Repos: "element-hq/synapse": Events: ["push", "issues"] @@ -170,7 +170,7 @@ matrix_bot_go_neb_services: Config: Hooks: "hook1": - RoomID: "!someroom:id" + RoomID: "!someroom:example.com" MessageType: "m.text" # default is m.text - ID: "alertmanager_service" diff --git a/roles/custom/matrix-bot-go-neb/defaults/main.yml b/roles/custom/matrix-bot-go-neb/defaults/main.yml index 866e756ad..a0bd8c699 100644 --- a/roles/custom/matrix-bot-go-neb/defaults/main.yml +++ b/roles/custom/matrix-bot-go-neb/defaults/main.yml @@ -288,13 +288,13 @@ matrix_bot_go_neb_services: [] # RealmID: "github_realm" # ClientUserID: "@YOUR_USER_ID:{{ matrix_domain }}" # needs to be an authenticated user so Go-NEB can create webhooks. Check the UserID field in the github_realm in matrix_bot_go_neb_sessions. # Rooms: -# "!someroom:id": +# "!someroom:example.com": # Repos: # "element-hq/synapse": # Events: ["push", "issues"] # "matrix-org/dendron": # Events: ["pull_request"] -# "!anotherroom:id": +# "!anotherroom:example.com": # Repos: # "element-hq/synapse": # Events: ["push", "issues"] @@ -307,7 +307,7 @@ matrix_bot_go_neb_services: [] # Config: # Hooks: # "hook1": -# RoomID: "!someroom:id" +# RoomID: "!someroom:example.com" # MessageType: "m.text" # default is m.text # # - ID: "alertmanager_service" From 65967dd52e5413a04b57e2fb2b41a5f5d1c27328 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 00:22:05 +0900 Subject: [PATCH 153/404] Replace :SERVER with :example.com Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-discord.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index 49834bd42..191c1b073 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -81,5 +81,5 @@ There's the Discord bridge's guide for [setting privileges on bridge managed roo ```sh docker exec -it matrix-appservice-discord \ -/bin/sh -c 'cp /cfg/registration.yaml /tmp/discord-registration.yaml && cd /tmp && node /build/tools/adminme.js -c /cfg/config.yaml -m "!ROOM_ID:SERVER" -u "@USER:SERVER" -p 100' +/bin/sh -c 'cp /cfg/registration.yaml /tmp/discord-registration.yaml && cd /tmp && node /build/tools/adminme.js -c /cfg/config.yaml -m "!ROOM_ID:example.com" -u "@USER:example.com" -p 100' ``` From d152bbcd0c44e41577d1ef11c24f1efccb12becd Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 00:26:54 +0900 Subject: [PATCH 154/404] Replace :matrix.org with :example.com Signed-off-by: Suguru Hirahara --- roles/custom/matrix-bridge-appservice-slack/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml b/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml index 131137996..90e0ae2c9 100644 --- a/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml @@ -141,7 +141,7 @@ matrix_appservice_slack_configuration_extension_yaml: | # Optional #slack_master_token: "abc-123-def" # Optional - #matrix_admin_room: "!aBcDeF:matrix.org" + #matrix_admin_room: "!aBcDeF:example.com" #homeserver: # url: http://localhost:{{ matrix_synapse_container_client_api_port }} # server_name: my.server From 1e8030810f894c6a49ff548ecc9fcd0e6a94e4c1 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 00:19:02 +0900 Subject: [PATCH 155/404] Update internal room ID: !someRoom Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-alertmanager-receiver.md | 6 +++--- docs/configuring-playbook-bot-buscarron.md | 2 +- docs/configuring-playbook-bot-draupnir.md | 4 ++-- docs/configuring-playbook-bot-go-neb.md | 8 ++++---- docs/configuring-playbook-bot-honoroit.md | 2 +- docs/configuring-playbook-bot-mjolnir.md | 2 +- docs/configuring-playbook-bridge-appservice-discord.md | 2 +- docs/configuring-playbook-bridge-appservice-slack.md | 10 +++++----- .../matrix-alertmanager-receiver/defaults/main.yml | 4 ++-- roles/custom/matrix-bot-go-neb/defaults/main.yml | 8 ++++---- .../matrix-bridge-appservice-irc/defaults/main.yml | 4 ++-- .../matrix-bridge-appservice-slack/defaults/main.yml | 2 +- .../templates/config.yaml.j2 | 2 +- roles/custom/matrix-synapse/defaults/main.yml | 2 +- .../templates/synapse/homeserver.yaml.j2 | 2 +- 15 files changed, 30 insertions(+), 30 deletions(-) diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index 0e10a5016..46f1626bb 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -25,12 +25,12 @@ matrix_alertmanager_receiver_config_matrix_access_token: '' # Optionally, configure some mappings (URL-friendly room name -> actual Matrix room ID). # # If you don't configure mappings, you can still deliver alerts using URLs like this: -# https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!some-room-id:example.com +# https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!someRoom:example.com # # If a mapping like the one below is configured, you can deliver alerts using friendlier URLs like this: # https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/some-room-name matrix_alertmanager_receiver_config_matrix_room_mapping: - some-room-name: "!some-room-id:{{ matrix_domain }}" + some-room-name: "!someRoom:{{ matrix_domain }}" ``` See `roles/custom/matrix-alertmanager-receiver/defaults/main.yml` for additional configuration variables. @@ -102,6 +102,6 @@ route: - receiver: matrix ``` -.. where `URL_HERE` looks like `https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/some-room-name` or `https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!some-room-id:example.com`. +.. where `URL_HERE` looks like `https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/some-room-name` or `https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!someRoom:example.com`. This bot does **not** accept room invitations automatically (like many other bots do). To deliver messages to rooms, **the bot must be joined to all rooms manually** - see Step 5 of the [Account and room preparation](#account-and-room-preparation) section. diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index 20cd40c9f..9f006a303 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -20,7 +20,7 @@ matrix_bot_buscarron_password: PASSWORD_FOR_THE_BOT # Adjust accepted forms matrix_bot_buscarron_forms: - name: contact # (mandatory) Your form name, will be used as endpoint, eg: buscarron.example.com/contact - room: "!yourRoomID:{{ matrix_domain }}" # (mandatory) Room ID where form submission will be posted + room: "!someRoom:{{ matrix_domain }}" # (mandatory) Room ID where form submission will be posted redirect: https://example.com # (mandatory) To what page user will be redirected after the form submission ratelimit: 1r/m # (optional) rate limit of the form, format: r/, eg: 1r/s or 54r/m hasemail: 1 # (optional) form has "email" field that should be validated diff --git a/docs/configuring-playbook-bot-draupnir.md b/docs/configuring-playbook-bot-draupnir.md index f2a5df02e..70bb96dd9 100644 --- a/docs/configuring-playbook-bot-draupnir.md +++ b/docs/configuring-playbook-bot-draupnir.md @@ -47,7 +47,7 @@ Using your own account, create a new invite only room that you will use to manag If you make the management room encrypted (E2EE), then you MUST enable and use Pantalaimon (see below). -Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!QvgVuKq0ha8glOLGMG:example.com`. +Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!someRoom:example.com`. Finally invite the `@bot.draupnir:example.com` account you created earlier into the room. @@ -135,7 +135,7 @@ Draupnir can be told to self-join public rooms, but it's better to follow this f 2. [Give the bot permissions to do its job](#giving-draupnir-permissions-to-do-its-job) -3. Tell it to protect the room (using the [rooms command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#using-the-draupnir-rooms-command)) by sending the following command to the Management Room: `!draupnir rooms add !ROOM_ID:example.com` +3. Tell it to protect the room (using the [rooms command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#using-the-draupnir-rooms-command)) by sending the following command to the Management Room: `!draupnir rooms add !someRoom:example.com` To have Draupnir provide useful room protection, you need do to a bit more work (at least the first time around). You may wish to [Subscribe to a public policy list](#subscribing-to-a-public-policy-list), [Create your own own policy and rules](#creating-your-own-policy-lists-and-rules) and [Enabling built-in protections](#enabling-built-in-protections). diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index cd1974295..8c0ecc946 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -125,7 +125,7 @@ matrix_bot_go_neb_services: Config: feeds: "http://lorem-rss.herokuapp.com/feed?unit=second&interval=60": - rooms: ["!qmElAGdFYCHoCJuaNt:{{ matrix_domain }}"] + rooms: ["!someRoom:{{ matrix_domain }}"] must_include: author: - author1 @@ -151,7 +151,7 @@ matrix_bot_go_neb_services: RealmID: "github_realm" ClientUserID: "@YOUR_USER_ID:{{ matrix_domain }}" # needs to be an authenticated user so Go-NEB can create webhooks. Check the UserID field in the github_realm in matrix_bot_go_neb_sessions. Rooms: - "!someroom:example.com": + "!someRoom:example.com": Repos: "element-hq/synapse": Events: ["push", "issues"] @@ -170,7 +170,7 @@ matrix_bot_go_neb_services: Config: Hooks: "hook1": - RoomID: "!someroom:example.com" + RoomID: "!someRoom:example.com" MessageType: "m.text" # default is m.text - ID: "alertmanager_service" @@ -184,7 +184,7 @@ matrix_bot_go_neb_services: webhook_url: "http://localhost/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2U" # Each room will get the notification with the alert rendered with the given template rooms: - "!someroomid:example.com": + "!someRoom:example.com": text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}" html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} [FIRING - CRITICAL] {{ else if eq $severity \"warning\"}} [FIRING - WARNING] {{ else }} [FIRING - {{ $severity }}] {{ end }} {{ else }} [RESOLVED] {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} source
{{end -}}{% endraw %}" msg_type: "m.text" # Must be either `m.text` or `m.notice` diff --git a/docs/configuring-playbook-bot-honoroit.md b/docs/configuring-playbook-bot-honoroit.md index 29680cb04..f99c446a8 100644 --- a/docs/configuring-playbook-bot-honoroit.md +++ b/docs/configuring-playbook-bot-honoroit.md @@ -21,7 +21,7 @@ matrix_bot_honoroit_enabled: true matrix_bot_honoroit_password: PASSWORD_FOR_THE_BOT # Adjust this to your room ID -matrix_bot_honoroit_roomid: "!yourRoomID:{{ matrix_domain }}" +matrix_bot_honoroit_roomid: "!someRoom:{{ matrix_domain }}" ``` ### Adjusting the Honoroit URL diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 4f314f672..c72780a40 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -41,7 +41,7 @@ Using your own account, create a new invite only room that you will use to manag If you make the management room encrypted (E2EE), then you MUST enable and use Pantalaimon (see below). -Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!QvgVuKq0ha8glOLGMG:example.com`. +Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!someRoom:example.com`. Finally invite the `@bot.mjolnir:example.com` account you created earlier into the room. diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index 191c1b073..de63d1bee 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -81,5 +81,5 @@ There's the Discord bridge's guide for [setting privileges on bridge managed roo ```sh docker exec -it matrix-appservice-discord \ -/bin/sh -c 'cp /cfg/registration.yaml /tmp/discord-registration.yaml && cd /tmp && node /build/tools/adminme.js -c /cfg/config.yaml -m "!ROOM_ID:example.com" -u "@USER:example.com" -p 100' +/bin/sh -c 'cp /cfg/registration.yaml /tmp/discord-registration.yaml && cd /tmp && node /build/tools/adminme.js -c /cfg/config.yaml -m "!someRoom:example.com" -u "@USER:example.com" -p 100' ``` diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index 80864cbf7..f0200ed89 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -79,7 +79,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se 11. If Team Sync is not enabled, for each channel you would like to bridge, perform the following steps: - * Create a Matrix room in the usual manner for your client. Take a note of its Matrix room ID - it will look something like !aBcDeF:example.com. + * Create a Matrix room in the usual manner for your client. Take a note of its Matrix room ID - it will look something like !someRoom:example.com. * Invite the bot user to both the Slack and Matrix channels you would like to bridge using `/invite @matrixbot` for Slack and `/invite @slackbot:example.com` for Matrix. @@ -90,19 +90,19 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se with file bridging: ``` - link --channel_id CHANNELID --room !the-matrix:example.com --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx --slack_user_token xoxp-xxxxxxxx-xxxxxxxxx-xxxxxxxx-xxxxxxxx + link --channel_id CHANNELID --room !someRoom:example.com --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx --slack_user_token xoxp-xxxxxxxx-xxxxxxxxx-xxxxxxxx-xxxxxxxx ``` without file bridging: ``` - link --channel_id CHANNELID --room !the-matrix:example.com --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx + link --channel_id CHANNELID --room !someRoom:example.com --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx ``` These arguments can be shortened to single-letter forms: ``` - link -I CHANNELID -R !the-matrix:example.com -t xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx + link -I CHANNELID -R !someRoom:example.com -t xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx ``` Other configuration options are available via the `matrix_appservice_slack_configuration_extension_yaml` variable. @@ -112,7 +112,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se Channels can be unlinked again like this: ``` - unlink --room !the-matrix:example.com + unlink --room !someRoom:example.com ``` Unlinking doesn't only disconnect the bridge, but also makes the slackbot leave the bridged Matrix room. So in case you want to re-link later, don't forget to re-invite the slackbot into this room again. diff --git a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml index adc43220a..c91bb59bf 100644 --- a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml +++ b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml @@ -127,8 +127,8 @@ matrix_alertmanager_receiver_config_matrix_access_token: '' # # Example: # matrix_alertmanager_receiver_config_matrix_room: -# simple-name: "!qohfwef7qwerf:example.com" -# another-name: "!bf3zfio3wbanw:example.com" +# simple-name: "!someRoom:example.com" +# another-name: "!anotherRoom:example.com" matrix_alertmanager_receiver_config_matrix_room_mapping: {} # Controls the `templating.external-url-mapping` configuration setting. diff --git a/roles/custom/matrix-bot-go-neb/defaults/main.yml b/roles/custom/matrix-bot-go-neb/defaults/main.yml index a0bd8c699..275b47218 100644 --- a/roles/custom/matrix-bot-go-neb/defaults/main.yml +++ b/roles/custom/matrix-bot-go-neb/defaults/main.yml @@ -262,7 +262,7 @@ matrix_bot_go_neb_services: [] # Config: # feeds: # "http://lorem-rss.herokuapp.com/feed?unit=second&interval=60": -# rooms: ["!qmElAGdFYCHoCJuaNt:localhost"] +# rooms: ["!someRoom:localhost"] # must_include: # author: # - author1 @@ -288,7 +288,7 @@ matrix_bot_go_neb_services: [] # RealmID: "github_realm" # ClientUserID: "@YOUR_USER_ID:{{ matrix_domain }}" # needs to be an authenticated user so Go-NEB can create webhooks. Check the UserID field in the github_realm in matrix_bot_go_neb_sessions. # Rooms: -# "!someroom:example.com": +# "!someRoom:example.com": # Repos: # "element-hq/synapse": # Events: ["push", "issues"] @@ -307,7 +307,7 @@ matrix_bot_go_neb_services: [] # Config: # Hooks: # "hook1": -# RoomID: "!someroom:example.com" +# RoomID: "!someRoom:example.com" # MessageType: "m.text" # default is m.text # # - ID: "alertmanager_service" @@ -321,7 +321,7 @@ matrix_bot_go_neb_services: [] # webhook_url: "http://localhost/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2U" # # Each room will get the notification with the alert rendered with the given template # rooms: -# "!someroomid:example.com": +# "!someRoom:example.com": # text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}" # html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\"}} {{ if eq .Status \"firing\"}} {{ if eq $severity \"critical\"}} [FIRING - CRITICAL] {{ else if eq $severity \"warning\"}} [FIRING - WARNING] {{ else }} [FIRING - {{ $severity }}] {{ end }} {{ else }} [RESOLVED] {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} source
{{end -}}{% endraw %}" # msg_type: "m.text" # Must be either `m.text` or `m.notice` diff --git a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml index 04b2e7d5e..a6090d46a 100644 --- a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml @@ -256,7 +256,7 @@ matrix_appservice_irc_ircService_servers: [] # noqa var-naming # # Apply specific rules to Matrix rooms. Only matrix-to-IRC takes effect. # rooms: -# - room: "!fuasirouddJoxtwfge:localhost" +# - room: "!someRoom:localhost" # matrixToIrc: # initial: false # incremental: false @@ -273,7 +273,7 @@ matrix_appservice_irc_ircService_servers: [] # noqa var-naming # # The Matrix room must already exist. Your Matrix client should expose # # the room ID in a "settings" page for the room. # "#thepub": -# roomIds: ["!kieouiJuedJoxtVdaG:localhost"] +# roomIds: ["!someRoom:localhost"] # # Channel key/password to use. Optional. If provided, Matrix users do # # not need to know the channel key in order to join the channel. # # key: "secret" diff --git a/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml b/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml index 90e0ae2c9..5e88d8be0 100644 --- a/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml @@ -141,7 +141,7 @@ matrix_appservice_slack_configuration_extension_yaml: | # Optional #slack_master_token: "abc-123-def" # Optional - #matrix_admin_room: "!aBcDeF:example.com" + #matrix_admin_room: "!someRoom:example.com" #homeserver: # url: http://localhost:{{ matrix_synapse_container_client_api_port }} # server_name: my.server diff --git a/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 index d37ca6efa..6fc62f14f 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 @@ -205,7 +205,7 @@ bridge: # The management room for the bot. This is where all status notifications are posted and # in this room, you can use `!wa ` instead of `!wa relaybot `. Omitting # the command prefix completely like in user management rooms is not possible. - management: '!foo:example.com' + management: '!someRoom:example.com' # List of users to invite to all created rooms that include the relaybot. invites: [] # The formats to use when sending messages to Skype via the relaybot. diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 4f61886a4..198f9d80c 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -1245,7 +1245,7 @@ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_usernames: false # this list cannot be room aliases or permalinks. This server is expected # to already be joined to the room - Mjolnir will not automatically join # these rooms. -# ["!roomid:example.org"] +# ["!someRoom:example.org"] matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists: [] # A dictionary with various fields controlling max length. # See https://github.com/matrix-org/mjolnir/blob/main/docs/synapse_module.md for details. diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index a18e6173a..b7bc375a8 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -575,7 +575,7 @@ templates: # By default, no room is excluded. # #exclude_rooms_from_sync: -# - !foo:example.com +# - !someRoom:example.com # Message retention policy at the server level. From aaa63350536efd1c943729174c1ebf7f33562bac Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 01:23:37 +0900 Subject: [PATCH 156/404] Replace !someRoom with !qporfwt !qporfwt is used as an example of a room ID on https://spec.matrix.org/v1.12/#room-structure Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-alertmanager-receiver.md | 6 +++--- docs/configuring-playbook-bot-buscarron.md | 2 +- docs/configuring-playbook-bot-draupnir.md | 4 ++-- docs/configuring-playbook-bot-go-neb.md | 8 ++++---- docs/configuring-playbook-bot-honoroit.md | 2 +- docs/configuring-playbook-bot-mjolnir.md | 2 +- docs/configuring-playbook-bridge-appservice-discord.md | 2 +- docs/configuring-playbook-bridge-appservice-slack.md | 10 +++++----- docs/configuring-playbook-email2matrix.md | 2 +- .../matrix-alertmanager-receiver/defaults/main.yml | 2 +- roles/custom/matrix-bot-go-neb/defaults/main.yml | 8 ++++---- .../matrix-bridge-appservice-irc/defaults/main.yml | 4 ++-- .../matrix-bridge-appservice-slack/defaults/main.yml | 2 +- .../templates/config.yaml.j2 | 2 +- roles/custom/matrix-email2matrix/defaults/main.yml | 2 +- roles/custom/matrix-synapse/defaults/main.yml | 2 +- .../templates/synapse/homeserver.yaml.j2 | 2 +- 17 files changed, 31 insertions(+), 31 deletions(-) diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index 46f1626bb..f05fcaa80 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -25,12 +25,12 @@ matrix_alertmanager_receiver_config_matrix_access_token: '' # Optionally, configure some mappings (URL-friendly room name -> actual Matrix room ID). # # If you don't configure mappings, you can still deliver alerts using URLs like this: -# https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!someRoom:example.com +# https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!qporfwt:example.com # # If a mapping like the one below is configured, you can deliver alerts using friendlier URLs like this: # https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/some-room-name matrix_alertmanager_receiver_config_matrix_room_mapping: - some-room-name: "!someRoom:{{ matrix_domain }}" + some-room-name: "!qporfwt:{{ matrix_domain }}" ``` See `roles/custom/matrix-alertmanager-receiver/defaults/main.yml` for additional configuration variables. @@ -102,6 +102,6 @@ route: - receiver: matrix ``` -.. where `URL_HERE` looks like `https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/some-room-name` or `https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!someRoom:example.com`. +.. where `URL_HERE` looks like `https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/some-room-name` or `https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!qporfwt:example.com`. This bot does **not** accept room invitations automatically (like many other bots do). To deliver messages to rooms, **the bot must be joined to all rooms manually** - see Step 5 of the [Account and room preparation](#account-and-room-preparation) section. diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index 9f006a303..f38d25298 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -20,7 +20,7 @@ matrix_bot_buscarron_password: PASSWORD_FOR_THE_BOT # Adjust accepted forms matrix_bot_buscarron_forms: - name: contact # (mandatory) Your form name, will be used as endpoint, eg: buscarron.example.com/contact - room: "!someRoom:{{ matrix_domain }}" # (mandatory) Room ID where form submission will be posted + room: "!qporfwt:{{ matrix_domain }}" # (mandatory) Room ID where form submission will be posted redirect: https://example.com # (mandatory) To what page user will be redirected after the form submission ratelimit: 1r/m # (optional) rate limit of the form, format: r/, eg: 1r/s or 54r/m hasemail: 1 # (optional) form has "email" field that should be validated diff --git a/docs/configuring-playbook-bot-draupnir.md b/docs/configuring-playbook-bot-draupnir.md index 70bb96dd9..029d79ce4 100644 --- a/docs/configuring-playbook-bot-draupnir.md +++ b/docs/configuring-playbook-bot-draupnir.md @@ -47,7 +47,7 @@ Using your own account, create a new invite only room that you will use to manag If you make the management room encrypted (E2EE), then you MUST enable and use Pantalaimon (see below). -Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!someRoom:example.com`. +Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!qporfwt:example.com`. Finally invite the `@bot.draupnir:example.com` account you created earlier into the room. @@ -135,7 +135,7 @@ Draupnir can be told to self-join public rooms, but it's better to follow this f 2. [Give the bot permissions to do its job](#giving-draupnir-permissions-to-do-its-job) -3. Tell it to protect the room (using the [rooms command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#using-the-draupnir-rooms-command)) by sending the following command to the Management Room: `!draupnir rooms add !someRoom:example.com` +3. Tell it to protect the room (using the [rooms command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#using-the-draupnir-rooms-command)) by sending the following command to the Management Room: `!draupnir rooms add !qporfwt:example.com` To have Draupnir provide useful room protection, you need do to a bit more work (at least the first time around). You may wish to [Subscribe to a public policy list](#subscribing-to-a-public-policy-list), [Create your own own policy and rules](#creating-your-own-policy-lists-and-rules) and [Enabling built-in protections](#enabling-built-in-protections). diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 8c0ecc946..61b8f15af 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -125,7 +125,7 @@ matrix_bot_go_neb_services: Config: feeds: "http://lorem-rss.herokuapp.com/feed?unit=second&interval=60": - rooms: ["!someRoom:{{ matrix_domain }}"] + rooms: ["!qporfwt:{{ matrix_domain }}"] must_include: author: - author1 @@ -151,7 +151,7 @@ matrix_bot_go_neb_services: RealmID: "github_realm" ClientUserID: "@YOUR_USER_ID:{{ matrix_domain }}" # needs to be an authenticated user so Go-NEB can create webhooks. Check the UserID field in the github_realm in matrix_bot_go_neb_sessions. Rooms: - "!someRoom:example.com": + "!qporfwt:example.com": Repos: "element-hq/synapse": Events: ["push", "issues"] @@ -170,7 +170,7 @@ matrix_bot_go_neb_services: Config: Hooks: "hook1": - RoomID: "!someRoom:example.com" + RoomID: "!qporfwt:example.com" MessageType: "m.text" # default is m.text - ID: "alertmanager_service" @@ -184,7 +184,7 @@ matrix_bot_go_neb_services: webhook_url: "http://localhost/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2U" # Each room will get the notification with the alert rendered with the given template rooms: - "!someRoom:example.com": + "!qporfwt:example.com": text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}" html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} [FIRING - CRITICAL] {{ else if eq $severity \"warning\"}} [FIRING - WARNING] {{ else }} [FIRING - {{ $severity }}] {{ end }} {{ else }} [RESOLVED] {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} source
{{end -}}{% endraw %}" msg_type: "m.text" # Must be either `m.text` or `m.notice` diff --git a/docs/configuring-playbook-bot-honoroit.md b/docs/configuring-playbook-bot-honoroit.md index f99c446a8..982c7ca0a 100644 --- a/docs/configuring-playbook-bot-honoroit.md +++ b/docs/configuring-playbook-bot-honoroit.md @@ -21,7 +21,7 @@ matrix_bot_honoroit_enabled: true matrix_bot_honoroit_password: PASSWORD_FOR_THE_BOT # Adjust this to your room ID -matrix_bot_honoroit_roomid: "!someRoom:{{ matrix_domain }}" +matrix_bot_honoroit_roomid: "!qporfwt:{{ matrix_domain }}" ``` ### Adjusting the Honoroit URL diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index c72780a40..be2e6060e 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -41,7 +41,7 @@ Using your own account, create a new invite only room that you will use to manag If you make the management room encrypted (E2EE), then you MUST enable and use Pantalaimon (see below). -Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!someRoom:example.com`. +Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!qporfwt:example.com`. Finally invite the `@bot.mjolnir:example.com` account you created earlier into the room. diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index de63d1bee..0eaad761c 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -81,5 +81,5 @@ There's the Discord bridge's guide for [setting privileges on bridge managed roo ```sh docker exec -it matrix-appservice-discord \ -/bin/sh -c 'cp /cfg/registration.yaml /tmp/discord-registration.yaml && cd /tmp && node /build/tools/adminme.js -c /cfg/config.yaml -m "!someRoom:example.com" -u "@USER:example.com" -p 100' +/bin/sh -c 'cp /cfg/registration.yaml /tmp/discord-registration.yaml && cd /tmp && node /build/tools/adminme.js -c /cfg/config.yaml -m "!qporfwt:example.com" -u "@USER:example.com" -p 100' ``` diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index f0200ed89..dfd8c1d2f 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -79,7 +79,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se 11. If Team Sync is not enabled, for each channel you would like to bridge, perform the following steps: - * Create a Matrix room in the usual manner for your client. Take a note of its Matrix room ID - it will look something like !someRoom:example.com. + * Create a Matrix room in the usual manner for your client. Take a note of its Matrix room ID - it will look something like !qporfwt:example.com. * Invite the bot user to both the Slack and Matrix channels you would like to bridge using `/invite @matrixbot` for Slack and `/invite @slackbot:example.com` for Matrix. @@ -90,19 +90,19 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se with file bridging: ``` - link --channel_id CHANNELID --room !someRoom:example.com --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx --slack_user_token xoxp-xxxxxxxx-xxxxxxxxx-xxxxxxxx-xxxxxxxx + link --channel_id CHANNELID --room !qporfwt:example.com --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx --slack_user_token xoxp-xxxxxxxx-xxxxxxxxx-xxxxxxxx-xxxxxxxx ``` without file bridging: ``` - link --channel_id CHANNELID --room !someRoom:example.com --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx + link --channel_id CHANNELID --room !qporfwt:example.com --slack_bot_token xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx ``` These arguments can be shortened to single-letter forms: ``` - link -I CHANNELID -R !someRoom:example.com -t xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx + link -I CHANNELID -R !qporfwt:example.com -t xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxx ``` Other configuration options are available via the `matrix_appservice_slack_configuration_extension_yaml` variable. @@ -112,7 +112,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se Channels can be unlinked again like this: ``` - unlink --room !someRoom:example.com + unlink --room !qporfwt:example.com ``` Unlinking doesn't only disconnect the bridge, but also makes the slackbot leave the bridged Matrix room. So in case you want to re-link later, don't forget to re-invite the slackbot into this room again. diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index ec9b78b6a..525347f9e 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -50,7 +50,7 @@ matrix_email2matrix_enabled: true matrix_email2matrix_matrix_mappings: - MailboxName: "mailbox1" - MatrixRoomId: "!someRoom:{{ matrix_domain }}" + MatrixRoomId: "!qporfwt:{{ matrix_domain }}" MatrixHomeserverUrl: "{{ matrix_homeserver_url }}" MatrixUserId: "@email2matrix:{{ matrix_domain }}" MatrixAccessToken: "MATRIX_ACCESS_TOKEN_HERE" diff --git a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml index c91bb59bf..6657994c4 100644 --- a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml +++ b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml @@ -127,7 +127,7 @@ matrix_alertmanager_receiver_config_matrix_access_token: '' # # Example: # matrix_alertmanager_receiver_config_matrix_room: -# simple-name: "!someRoom:example.com" +# simple-name: "!qporfwt:example.com" # another-name: "!anotherRoom:example.com" matrix_alertmanager_receiver_config_matrix_room_mapping: {} diff --git a/roles/custom/matrix-bot-go-neb/defaults/main.yml b/roles/custom/matrix-bot-go-neb/defaults/main.yml index 275b47218..73957ea6f 100644 --- a/roles/custom/matrix-bot-go-neb/defaults/main.yml +++ b/roles/custom/matrix-bot-go-neb/defaults/main.yml @@ -262,7 +262,7 @@ matrix_bot_go_neb_services: [] # Config: # feeds: # "http://lorem-rss.herokuapp.com/feed?unit=second&interval=60": -# rooms: ["!someRoom:localhost"] +# rooms: ["!qporfwt:localhost"] # must_include: # author: # - author1 @@ -288,7 +288,7 @@ matrix_bot_go_neb_services: [] # RealmID: "github_realm" # ClientUserID: "@YOUR_USER_ID:{{ matrix_domain }}" # needs to be an authenticated user so Go-NEB can create webhooks. Check the UserID field in the github_realm in matrix_bot_go_neb_sessions. # Rooms: -# "!someRoom:example.com": +# "!qporfwt:example.com": # Repos: # "element-hq/synapse": # Events: ["push", "issues"] @@ -307,7 +307,7 @@ matrix_bot_go_neb_services: [] # Config: # Hooks: # "hook1": -# RoomID: "!someRoom:example.com" +# RoomID: "!qporfwt:example.com" # MessageType: "m.text" # default is m.text # # - ID: "alertmanager_service" @@ -321,7 +321,7 @@ matrix_bot_go_neb_services: [] # webhook_url: "http://localhost/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2U" # # Each room will get the notification with the alert rendered with the given template # rooms: -# "!someRoom:example.com": +# "!qporfwt:example.com": # text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}" # html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\"}} {{ if eq .Status \"firing\"}} {{ if eq $severity \"critical\"}} [FIRING - CRITICAL] {{ else if eq $severity \"warning\"}} [FIRING - WARNING] {{ else }} [FIRING - {{ $severity }}] {{ end }} {{ else }} [RESOLVED] {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} source
{{end -}}{% endraw %}" # msg_type: "m.text" # Must be either `m.text` or `m.notice` diff --git a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml index a6090d46a..0e6ffbc09 100644 --- a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml @@ -256,7 +256,7 @@ matrix_appservice_irc_ircService_servers: [] # noqa var-naming # # Apply specific rules to Matrix rooms. Only matrix-to-IRC takes effect. # rooms: -# - room: "!someRoom:localhost" +# - room: "!qporfwt:localhost" # matrixToIrc: # initial: false # incremental: false @@ -273,7 +273,7 @@ matrix_appservice_irc_ircService_servers: [] # noqa var-naming # # The Matrix room must already exist. Your Matrix client should expose # # the room ID in a "settings" page for the room. # "#thepub": -# roomIds: ["!someRoom:localhost"] +# roomIds: ["!qporfwt:localhost"] # # Channel key/password to use. Optional. If provided, Matrix users do # # not need to know the channel key in order to join the channel. # # key: "secret" diff --git a/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml b/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml index 5e88d8be0..5b8594e51 100644 --- a/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml @@ -141,7 +141,7 @@ matrix_appservice_slack_configuration_extension_yaml: | # Optional #slack_master_token: "abc-123-def" # Optional - #matrix_admin_room: "!someRoom:example.com" + #matrix_admin_room: "!qporfwt:example.com" #homeserver: # url: http://localhost:{{ matrix_synapse_container_client_api_port }} # server_name: my.server diff --git a/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 index 6fc62f14f..6e5ac7f52 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 @@ -205,7 +205,7 @@ bridge: # The management room for the bot. This is where all status notifications are posted and # in this room, you can use `!wa ` instead of `!wa relaybot `. Omitting # the command prefix completely like in user management rooms is not possible. - management: '!someRoom:example.com' + management: '!qporfwt:example.com' # List of users to invite to all created rooms that include the relaybot. invites: [] # The formats to use when sending messages to Skype via the relaybot. diff --git a/roles/custom/matrix-email2matrix/defaults/main.yml b/roles/custom/matrix-email2matrix/defaults/main.yml index 2c3f09629..ff7f8a142 100644 --- a/roles/custom/matrix-email2matrix/defaults/main.yml +++ b/roles/custom/matrix-email2matrix/defaults/main.yml @@ -46,7 +46,7 @@ matrix_email2matrix_smtp_hostname: "{{ matrix_server_fqn_matrix }}" # Example: # matrix_email2matrix_matrix_mappings: # - MailboxName: "mailbox1" -# MatrixRoomId: "!someRoom:{{ matrix_domain }}" +# MatrixRoomId: "!qporfwt:{{ matrix_domain }}" # MatrixHomeserverUrl: "{{ matrix_homeserver_url }}" # MatrixUserId: "@email2matrix:{{ matrix_domain }}" # MatrixAccessToken: "MATRIX_ACCESS_TOKEN_HERE" diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 198f9d80c..865ce71e6 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -1245,7 +1245,7 @@ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_usernames: false # this list cannot be room aliases or permalinks. This server is expected # to already be joined to the room - Mjolnir will not automatically join # these rooms. -# ["!someRoom:example.org"] +# ["!qporfwt:example.org"] matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists: [] # A dictionary with various fields controlling max length. # See https://github.com/matrix-org/mjolnir/blob/main/docs/synapse_module.md for details. diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index b7bc375a8..89681142d 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -575,7 +575,7 @@ templates: # By default, no room is excluded. # #exclude_rooms_from_sync: -# - !someRoom:example.com +# - !qporfwt:example.com # Message retention policy at the server level. From 0593edbb1a17a2840c03f3cfdf152f01630c3db4 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 21 Oct 2024 21:41:25 +0900 Subject: [PATCH 157/404] Replace !example:example.org and !example:example.com with !qporfwt:example.com Signed-off-by: Suguru Hirahara --- roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 | 2 +- roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 | 2 +- roles/custom/matrix-synapse/defaults/main.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 b/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 index cbde408ca..febf394e8 100644 --- a/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 +++ b/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 @@ -38,7 +38,7 @@ autojoinOnlyIfManager: true # If `autojoinOnlyIfManager` is false, only the members in this space can invite # the bot to new rooms. -#acceptInvitesFromSpace: "!example:example.org" +#acceptInvitesFromSpace: "!qporfwt:example.com" # Whether Draupnir should report ignored invites to the management room (if autojoinOnlyIfManager is true). recordIgnoredInvites: false diff --git a/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 b/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 index 2c6f6da13..0d847694f 100644 --- a/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 +++ b/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 @@ -38,7 +38,7 @@ autojoinOnlyIfManager: true # If `autojoinOnlyIfManager` is false, only the members in this space can invite # the bot to new rooms. -#acceptInvitesFromSpace: "!example:example.org" +#acceptInvitesFromSpace: "!qporfwt:example.com" # Whether Mjolnir should report ignored invites to the management room (if autojoinOnlyIfManager is true). recordIgnoredInvites: false diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 865ce71e6..88ee9cf0a 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -1245,7 +1245,7 @@ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_usernames: false # this list cannot be room aliases or permalinks. This server is expected # to already be joined to the room - Mjolnir will not automatically join # these rooms. -# ["!qporfwt:example.org"] +# ["!qporfwt:example.com"] matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists: [] # A dictionary with various fields controlling max length. # See https://github.com/matrix-org/mjolnir/blob/main/docs/synapse_module.md for details. From 5fc2e2f1f9c76310336870a4eb572de1a4407c8a Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 00:47:35 +0900 Subject: [PATCH 158/404] Replace !anotherroom with !anotherRoom Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-go-neb.md | 2 +- roles/custom/matrix-bot-go-neb/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 61b8f15af..88eb2a80b 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -157,7 +157,7 @@ matrix_bot_go_neb_services: Events: ["push", "issues"] "matrix-org/dendron": Events: ["pull_request"] - "!anotherroom:example.com": + "!anotherRoom:example.com": Repos: "element-hq/synapse": Events: ["push", "issues"] diff --git a/roles/custom/matrix-bot-go-neb/defaults/main.yml b/roles/custom/matrix-bot-go-neb/defaults/main.yml index 73957ea6f..3a176bdfc 100644 --- a/roles/custom/matrix-bot-go-neb/defaults/main.yml +++ b/roles/custom/matrix-bot-go-neb/defaults/main.yml @@ -294,7 +294,7 @@ matrix_bot_go_neb_services: [] # Events: ["push", "issues"] # "matrix-org/dendron": # Events: ["pull_request"] -# "!anotherroom:example.com": +# "!anotherRoom:example.com": # Repos: # "element-hq/synapse": # Events: ["push", "issues"] From da07b302fa5dc2d8064f64cc36c15cc44443e560 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 01:20:08 +0900 Subject: [PATCH 159/404] Replace !anotherRoom with !aaabaa !aaabaa is used as an example of a room ID on https://spec.matrix.org/v1.12/#room-aliases Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-go-neb.md | 2 +- docs/configuring-playbook-email2matrix.md | 2 +- roles/custom/matrix-alertmanager-receiver/defaults/main.yml | 2 +- roles/custom/matrix-bot-go-neb/defaults/main.yml | 2 +- roles/custom/matrix-email2matrix/defaults/main.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 88eb2a80b..767998450 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -157,7 +157,7 @@ matrix_bot_go_neb_services: Events: ["push", "issues"] "matrix-org/dendron": Events: ["pull_request"] - "!anotherRoom:example.com": + "!aaabaa:example.com": Repos: "element-hq/synapse": Events: ["push", "issues"] diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 525347f9e..fa56b8c82 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -59,7 +59,7 @@ matrix_email2matrix_matrix_mappings: SkipMarkdown: false - MailboxName: "mailbox2" - MatrixRoomId: "!anotherRoom:{{ matrix_domain }}" + MatrixRoomId: "!aaabaa:{{ matrix_domain }}" MatrixHomeserverUrl: "{{ matrix_homeserver_url }}" MatrixUserId: "@email2matrix:{{ matrix_domain }}" MatrixAccessToken: "MATRIX_ACCESS_TOKEN_HERE" diff --git a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml index 6657994c4..6006aa9f8 100644 --- a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml +++ b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml @@ -128,7 +128,7 @@ matrix_alertmanager_receiver_config_matrix_access_token: '' # Example: # matrix_alertmanager_receiver_config_matrix_room: # simple-name: "!qporfwt:example.com" -# another-name: "!anotherRoom:example.com" +# another-name: "!aaabaa:example.com" matrix_alertmanager_receiver_config_matrix_room_mapping: {} # Controls the `templating.external-url-mapping` configuration setting. diff --git a/roles/custom/matrix-bot-go-neb/defaults/main.yml b/roles/custom/matrix-bot-go-neb/defaults/main.yml index 3a176bdfc..2473f86f2 100644 --- a/roles/custom/matrix-bot-go-neb/defaults/main.yml +++ b/roles/custom/matrix-bot-go-neb/defaults/main.yml @@ -294,7 +294,7 @@ matrix_bot_go_neb_services: [] # Events: ["push", "issues"] # "matrix-org/dendron": # Events: ["pull_request"] -# "!anotherRoom:example.com": +# "!aaabaa:example.com": # Repos: # "element-hq/synapse": # Events: ["push", "issues"] diff --git a/roles/custom/matrix-email2matrix/defaults/main.yml b/roles/custom/matrix-email2matrix/defaults/main.yml index ff7f8a142..3f5d89d7b 100644 --- a/roles/custom/matrix-email2matrix/defaults/main.yml +++ b/roles/custom/matrix-email2matrix/defaults/main.yml @@ -55,7 +55,7 @@ matrix_email2matrix_smtp_hostname: "{{ matrix_server_fqn_matrix }}" # SkipMarkdown: false # # - MailboxName: "mailbox2" -# MatrixRoomId: "!anotherRoom:{{ matrix_domain }}" +# MatrixRoomId: "!aaabaa:{{ matrix_domain }}" # MatrixHomeserverUrl: "{{ matrix_homeserver_url }}" # MatrixUserId: "@email2matrix:{{ matrix_domain }}" # MatrixAccessToken: "MATRIX_ACCESS_TOKEN_HERE" From 159daa7466010852e8039bfafe927e4b47bd3517 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 21 Oct 2024 21:58:53 +0900 Subject: [PATCH 160/404] Use a room alias on Matrix Specification "#matrix:example.org" is used as an example of a room alias on https://spec.matrix.org/v1.12/#room-aliases Signed-off-by: Suguru Hirahara --- roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 | 2 +- roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 b/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 index febf394e8..acb2c508b 100644 --- a/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 +++ b/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 @@ -109,7 +109,7 @@ automaticallyRedactForReasons: # # Note: These must be matrix.to URLs #protectedRooms: -# - "https://matrix.to/#/#yourroom:example.org" +# - "https://matrix.to/#/#matrix:example.org" # Whether or not to add all joined rooms to the "protected rooms" list # (excluding the management room and watched policy list rooms, see below). diff --git a/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 b/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 index 0d847694f..35aac3af4 100644 --- a/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 +++ b/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 @@ -103,7 +103,7 @@ automaticallyRedactForReasons: # # Note: These must be matrix.to URLs #protectedRooms: -# - "https://matrix.to/#/#yourroom:example.org" +# - "https://matrix.to/#/#matrix:example.org" # Whether or not to add all joined rooms to the "protected rooms" list # (excluding the management room and watched policy list rooms, see below). From cfed6461494474c5dac0c4bd600a6010d1243016 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 16 Oct 2024 00:20:51 +0900 Subject: [PATCH 161/404] Update docs/registering-users.md: use common expressions for playbook configuration and installation Signed-off-by: Suguru Hirahara --- docs/registering-users.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/registering-users.md b/docs/registering-users.md index 67f7b33f4..f722b3fff 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -99,13 +99,13 @@ If you'd rather **keep your server private** (public registration closed, as is ## Enabling public user registration -To **open up user registration publicly** (usually **not recommended**), consider using the following configuration: +To **open up user registration publicly** (usually **not recommended**), add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_synapse_enable_registration: true ``` -and running the [installation](installing.md) procedure once again. +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` If you're opening up registrations publicly like this, you might also wish to [configure CAPTCHA protection](configuring-captcha.md). From ffa5484cc3c183b17f3102f0ac6ffdfd82cf44bd Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 21 Oct 2024 23:58:05 +0300 Subject: [PATCH 162/404] synapse-admin v0.10.3-etke22 --- .../matrix-synapse-admin/defaults/main.yml | 18 +++++++++++++++++- .../templates/config.json.j2 | 1 + 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index f3fa74025..21615a4f6 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git" # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin -matrix_synapse_admin_version: v0.10.3-etke21 +matrix_synapse_admin_version: v0.10.3-etke22 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" @@ -175,7 +175,23 @@ matrix_synapse_admin_configuration: "{{ matrix_synapse_admin_configuration_defau # restricts the homeserver(s), so that the user can no longer define a homeserver manually during login. matrix_synapse_admin_config_restrictBaseUrl: "{{ [matrix_homeserver_url] }}" # noqa var-naming +# Controls the menu configuration setting, which, if defined, adds new menu items to the Synapse Admin UI. +# The format is a list of objects, where each object has the following keys: +# - `label` (string): The label of the menu item. +# - `icon` (string): The icon of the menu item, one of the https://github.com/etkecc/synapse-admin/blob/main/src/components/icons.ts +# - `url` (string): The URL of the menu item. +# Example: +# [ +# { +# "label": "Contact support", +# "icon": "SupportAgent", +# "url": "https://github.com/spantaleev/matrix-docker-ansible-deploy/issues" +# } +# ] +matrix_synapse_admin_config_menu: [] + # Controls the supportURL configuration setting, which, if defined, replaces the default link to the Synapse Admin GitHub repository. +# DEPRECATED: use matrix_synapse_admin_config_menu instead (migrated automatically). matrix_synapse_admin_config_supportURL: '' # noqa var-naming # Controls the asManagedUsers configuration setting (managed by playbook), which, if defined, diff --git a/roles/custom/matrix-synapse-admin/templates/config.json.j2 b/roles/custom/matrix-synapse-admin/templates/config.json.j2 index a6fbd824f..672a979c5 100644 --- a/roles/custom/matrix-synapse-admin/templates/config.json.j2 +++ b/roles/custom/matrix-synapse-admin/templates/config.json.j2 @@ -2,4 +2,5 @@ "restrictBaseUrl": {{ matrix_synapse_admin_config_restrictBaseUrl | to_json }}, "asManagedUsers": {{ matrix_synapse_admin_config_asManagedUsers | to_json }}, "supportURL": {{ matrix_synapse_admin_config_supportURL | to_json }}, + "menu": {{ matrix_synapse_admin_config_menu | to_json }}, } From 7a5a75ed03f535ee9039f3abfc231ae92b9dfba5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 22 Oct 2024 10:14:08 +0300 Subject: [PATCH 163/404] Add a MAS note about the lack of encrypted appservices support Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3658 Well, it's not a fix for "encrypted" Hookshot failing to work together with MAS, but.. It's not really an issue we can do anything about. --- docs/configuring-playbook-matrix-authentication-service.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index 521ee5db9..d6ddf5144 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -53,6 +53,8 @@ This section details what you can expect when switching to the Matrix Authentica - ❌ **Some services** (e.g. [Postmoogle](./configuring-playbook-bot-postmoogle.md), but possibly others - the list is yet to be determined) appear to **experience issues when authenticating via MAS**. We're still investigating what breaks and why. +- ❌ **Encrypted appservices** do not work yet (related to [MSC4190](https://github.com/matrix-org/matrix-spec-proposals/pull/4190) and [PR 17705 for Synapse](https://github.com/element-hq/synapse/pull/17705)), so all bridges/bots that rely on encryption will fail to start (see [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3658) for Hookshot). You can use these bridges/bots only if you **keep end-to-bridge encryption disabled** (which is the default setting). + - ⚠ **You will need to have email sending configured** (see [Adjusting email-sending settings](./configuring-playbook-email.md)), because **Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user** going through the new SSO-based login flow. It's also possible to [work around email deliverability issues](#working-around-email-deliverability-issues) if your email configuration is not working. - ⚠ **Migrating an existing homeserver to MAS is possible**, but requires **some playbook-assisted manual work** as described in the [Migrating an existing homeserver to Matrix Authentication Service](#migrating-an-existing-homeserver-to-matrix-authentication-service) section below. **Migration is reversible with no or minor issues if done quickly enough**, but as users start logging in (creating new login sessions) via the new MAS setup, disabling MAS and reverting back to the Synapse user database will cause these new sessions to break. From 14bd58769c7173b32e447390d5c12010e27cb0d1 Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Tue, 22 Oct 2024 12:23:16 +0300 Subject: [PATCH 164/404] synapse-admin v0.10.3-etke23: user profile in the top menu --- roles/custom/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index 21615a4f6..d4bbfdb0f 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git" # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin -matrix_synapse_admin_version: v0.10.3-etke22 +matrix_synapse_admin_version: v0.10.3-etke23 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From 917a63198487669b1e0c730f9021343b84936bd5 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 22 Oct 2024 03:21:55 +0900 Subject: [PATCH 165/404] Remove the "installation is disabled by default" from documentation files Signed-off-by: Suguru Hirahara --- docs/configuring-dns.md | 6 +++--- docs/configuring-playbook-user-verification-service.md | 3 +-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index d65d5031a..8779956ea 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -60,11 +60,11 @@ As the table above illustrates, you need to create 2 subdomains (`matrix.example The `element.example.com` subdomain may be necessary, because this playbook installs the [Element](https://github.com/element-hq/element-web) web client for you. If you'd rather instruct the playbook not to install Element (`matrix_client_element_enabled: false` when [Configuring the playbook](configuring-playbook.md) later), feel free to skip the `element.example.com` DNS record. -The `dimension.example.com` subdomain may be necessary, because this playbook could install the [Dimension integrations manager](http://dimension.t2bot.io/) for you. Dimension installation is disabled by default, because it's only possible to install it after the other Matrix services are working (see [Setting up Dimension](configuring-playbook-dimension.md) later). If you do not wish to set up Dimension, feel free to skip the `dimension.example.com` DNS record. +The `dimension.example.com` subdomain may be necessary, because this playbook could install the [Dimension integrations manager](http://dimension.t2bot.io/) for you. The installation of Dimension is disabled by default, because it's only possible to install it after the other Matrix services are working (see [Setting up Dimension](configuring-playbook-dimension.md) later). If you do not wish to set up Dimension, feel free to skip the `dimension.example.com` DNS record. -The `jitsi.example.com` subdomain may be necessary, because this playbook could install the [Jitsi video-conferencing platform](https://jitsi.org/) for you. Jitsi installation is disabled by default, because it may be heavy and is not a core required component. To learn how to install it, see our [Jitsi](configuring-playbook-jitsi.md) guide. If you do not wish to set up Jitsi, feel free to skip the `jitsi.example.com` DNS record. +The `jitsi.example.com` subdomain may be necessary, because this playbook could install the [Jitsi video-conferencing platform](https://jitsi.org/) for you. The installation of Jitsi is disabled by default, because it may be heavy and is not a core required component. To learn how to install it, see our [Jitsi](configuring-playbook-jitsi.md) guide. If you do not wish to set up Jitsi, feel free to skip the `jitsi.example.com` DNS record. -The `stats.example.com` subdomain may be necessary, because this playbook could install [Grafana](https://grafana.com/) and setup performance metrics for you. Grafana installation is disabled by default, it is not a core required component. To learn how to install it, see our [metrics and graphs guide](configuring-playbook-prometheus-grafana.md). If you do not wish to set up Grafana, feel free to skip the `stats.example.com` DNS record. It is possible to install Prometheus without installing Grafana, this would also not require the `stats.example.com` subdomain. +The `stats.example.com` subdomain may be necessary, because this playbook could install [Grafana](https://grafana.com/) and setup performance metrics for you. The installation of Grafana is disabled by default, it is not a core required component. To learn how to install it, see our [metrics and graphs guide](configuring-playbook-prometheus-grafana.md). If you do not wish to set up Grafana, feel free to skip the `stats.example.com` DNS record. It is possible to install Prometheus without installing Grafana, this would also not require the `stats.example.com` subdomain. The `goneb.example.com` subdomain may be necessary, because this playbook could install the [Go-NEB](https://github.com/matrix-org/go-neb) bot. The installation of Go-NEB is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Go-NEB guide](configuring-playbook-bot-go-neb.md). If you do not wish to set up Go-NEB, feel free to skip the `goneb.example.com` DNS record. diff --git a/docs/configuring-playbook-user-verification-service.md b/docs/configuring-playbook-user-verification-service.md index 4b6502c71..aaaa28b3c 100644 --- a/docs/configuring-playbook-user-verification-service.md +++ b/docs/configuring-playbook-user-verification-service.md @@ -30,8 +30,7 @@ In order to use UVS, an admin token for the configured homeserver must be suppli ## Enable -[Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) installation is disabled by default. -To enable it, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable Matrix User Verification Service, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_user_verification_service_enabled: true From aa7a3b477af19f0d33284e4aca381afc8844dc1e Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 22 Oct 2024 20:29:49 +0900 Subject: [PATCH 166/404] Update docs/configuring-playbook-bot-postmoogle.md Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-postmoogle.md | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 537db9b07..c6cad624a 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -11,8 +11,6 @@ See the project's [documentation](https://github.com/etkecc/postmoogle) to learn ## Prerequisites -### Networking - Open the following ports on your server to be able to receive incoming emails: - `25/tcp`: SMTP @@ -23,7 +21,7 @@ If you don't open these ports, you will still be able to send emails, but not re These port numbers are configurable via the `matrix_bot_postmoogle_smtp_host_bind_port` and `matrix_bot_postmoogle_submission_host_bind_port` variables, but other email servers will try to deliver on these default (standard) ports, so changing them is of little use. -### Adjusting the playbook configuration +## Adjusting the playbook configuration Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: @@ -46,11 +44,9 @@ matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT # matrix_admin: '@yourAdminAccount:{{ matrix_domain }}' ``` -### DNS - -You will also need to add several DNS records so that Postmoogle can send emails. -See [Configuring DNS](configuring-dns.md). +## Adjusting DNS records +You will also need to add several DNS records so that Postmoogle can send emails. See [Configuring DNS](configuring-dns.md) for details about DNS changes. ## Installing From a124461ba6fa2f99d13d03b2a2a528759e0b2009 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 22 Oct 2024 21:54:25 +0900 Subject: [PATCH 167/404] Update docs/configuring-playbook-bridge-mautrix-discord.md and docs/configuring-playbook-bridge-mautrix-facebook.md - Fix listing: docs/configuring-playbook-bridge-mautrix-discord.md - Add parentheses: docs/configuring-playbook-bridge-mautrix-facebook.md Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-mautrix-discord.md | 4 ++-- docs/configuring-playbook-bridge-mautrix-facebook.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index d7da7878b..11a3560b0 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -94,6 +94,6 @@ To acquire the token, open Discord in a private browser window. Then open the de 5. Now that you're logged in, you can send a `help` command to the bot again, to see additional commands you have access to 6. Some Direct Messages from Discord should start syncing automatically 7. If you'd like to bridge guilds: -- send `guilds status` to see the list of guilds -- for each guild that you'd like bridged, send `guilds bridge GUILD_ID --entire` + - send `guilds status` to see the list of guilds + - for each guild that you'd like bridged, send `guilds bridge GUILD_ID --entire` 8. You may wish to uninstall the Discord app from your phone now. It's not needed for the bridge to function. diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index 50d23a0fd..3ce6010de 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -107,4 +107,4 @@ Then proceed to log in to [Facebook/Messenger](https://www.facebook.com/). Once logged in, proceed to [set up bridging](#usage). -If that doesn't work, enable 2FA [Facebook help page on enabling 2FA](https://www.facebook.com/help/148233965247823) and try to login again with a new password, and entering the 2FA code when prompted, it may take more then one try, in between attempts, check facebook.com to see if they are requiring another password change +If that doesn't work, enable 2FA (see: [Facebook help page on enabling 2FA](https://www.facebook.com/help/148233965247823)) and try to login again with a new password, and entering the 2FA code when prompted, it may take more then one try, in between attempts, check facebook.com to see if they are requiring another password change From 94fbad41021830ed6e5c8a98c993ad2a3c50f004 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 22 Oct 2024 13:15:05 +0000 Subject: [PATCH 168/404] Update vectorim/element-web Docker tag to v1.11.82 --- roles/custom/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index 20bd98737..f3f23ff44 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -11,7 +11,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" # renovate: datasource=docker depName=vectorim/element-web -matrix_client_element_version: v1.11.81 +matrix_client_element_version: v1.11.82 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" From 2f24299597d616aa39061a5e78d291e8b90ea452 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 02:32:11 +0900 Subject: [PATCH 169/404] Update docs/configuring-playbook-bridge-appservice-slack.md: fix indentation Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-slack.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index dfd8c1d2f..ecc0ab04e 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -33,7 +33,7 @@ loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Se matrix_appservice_slack_team_sync_enabled: true ``` - See https://matrix-appservice-slack.readthedocs.io/en/latest/team_sync/ + See https://matrix-appservice-slack.readthedocs.io/en/latest/team_sync/ 5. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. From 3d9e51fa75fab113be74cb7bd8745af006f05b96 Mon Sep 17 00:00:00 2001 From: adam-kress Date: Tue, 22 Oct 2024 09:50:09 -0400 Subject: [PATCH 170/404] Upgrade Jitsi (v9753-0 -> v9779-0) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index a8890829e..8a4d68466 100644 --- a/requirements.yml +++ b/requirements.yml @@ -25,7 +25,7 @@ version: v11.2.2-0 name: grafana - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git - version: v9753-0 + version: v9779-0 name: jitsi - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-keydb.git version: v6.3.4-3 From 6995f3990e4e8da7adc9fa9c8ffdacacc5ac411b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 19 Oct 2024 02:32:11 +0900 Subject: [PATCH 171/404] Edit line breaks in sentences and paragraphs Signed-off-by: Suguru Hirahara --- docs/ansible.md | 23 ++++------ docs/configuring-captcha.md | 1 + docs/configuring-dns.md | 16 +++---- ...ng-playbook-appservice-draupnir-for-all.md | 3 +- docs/configuring-playbook-backup-borg.md | 8 ++-- ...onfiguring-playbook-base-domain-serving.md | 10 ++--- docs/configuring-playbook-bot-draupnir.md | 12 +++--- ...ng-playbook-bot-matrix-registration-bot.md | 10 ++--- docs/configuring-playbook-bot-maubot.md | 9 ++-- docs/configuring-playbook-bot-postmoogle.md | 3 +- ...ing-playbook-bridge-appservice-webhooks.md | 3 +- ...iguring-playbook-bridge-go-skype-bridge.md | 7 +-- ...-playbook-bridge-mautrix-meta-messenger.md | 1 + ...guring-playbook-bridge-mautrix-telegram.md | 3 +- ...guring-playbook-bridge-mautrix-whatsapp.md | 5 ++- docs/configuring-playbook-dimension.md | 15 +++---- docs/configuring-playbook-dynamic-dns.md | 8 ++-- docs/configuring-playbook-email.md | 3 +- docs/configuring-playbook-federation.md | 3 +- docs/configuring-playbook-jitsi.md | 43 ++++++------------- docs/configuring-playbook-ma1sd.md | 10 ++--- docs/configuring-playbook-matrix-corporal.md | 7 ++- ...playbook-matrix-ldap-registration-proxy.md | 6 +-- ...onfiguring-playbook-matrix-registration.md | 3 +- docs/configuring-playbook-mautrix-bridges.md | 4 +- docs/configuring-playbook-own-webserver.md | 3 +- ...configuring-playbook-prometheus-grafana.md | 3 +- ...onfiguring-playbook-prometheus-nginxlog.md | 8 +--- docs/configuring-playbook-s3-goofys.md | 3 +- ...configuring-playbook-sliding-sync-proxy.md | 3 +- docs/configuring-playbook-sygnal.md | 3 +- ...ing-playbook-synapse-auto-accept-invite.md | 3 +- ...guring-playbook-synapse-auto-compressor.md | 4 +- ...ng-playbook-synapse-s3-storage-provider.md | 3 +- ...guring-playbook-synapse-simple-antispam.md | 3 +- docs/configuring-playbook-synapse.md | 3 +- docs/configuring-playbook-telemetry.md | 11 ++--- docs/configuring-playbook-turn.md | 3 +- ...ring-playbook-user-verification-service.md | 27 ++++-------- docs/configuring-well-known.md | 11 ++--- docs/faq.md | 6 +-- docs/getting-the-playbook.md | 9 ++-- docs/howto-server-delegation.md | 15 +++---- docs/importing-postgres.md | 10 ++--- docs/importing-synapse-media-store.md | 1 + docs/importing-synapse-sqlite.md | 3 +- docs/installing.md | 3 +- docs/maintenance-postgres.md | 18 +++----- docs/maintenance-synapse.md | 3 +- docs/registering-users.md | 3 +- 50 files changed, 135 insertions(+), 243 deletions(-) diff --git a/docs/ansible.md b/docs/ansible.md index c7ffdaceb..7783c55be 100644 --- a/docs/ansible.md +++ b/docs/ansible.md @@ -3,8 +3,7 @@ This playbook is meant to be run using [Ansible](https://www.ansible.com/). -Ansible typically runs on your local computer and carries out tasks on a remote server. -If your local computer cannot run Ansible, you can also run Ansible on some server somewhere (including the server you wish to install to). +Ansible typically runs on your local computer and carries out tasks on a remote server. If your local computer cannot run Ansible, you can also run Ansible on some server somewhere (including the server you wish to install to). ## Supported Ansible versions @@ -13,8 +12,7 @@ To manually check which version of Ansible you're on, run: `ansible --version`. For the **best experience**, we recommend getting the **latest version of Ansible available**. -We're not sure what's the minimum version of Ansible that can run this playbook successfully. -The lowest version that we've confirmed (on 2022-11-26) to be working fine is: `ansible-core` (`2.11.7`) combined with `ansible` (`4.10.0`). +We're not sure what's the minimum version of Ansible that can run this playbook successfully. The lowest version that we've confirmed (on 2022-11-26) to be working fine is: `ansible-core` (`2.11.7`) combined with `ansible` (`4.10.0`). If your distro ships with an Ansible version older than this, you may run into issues. Consider [Upgrading Ansible](#upgrading-ansible) or [using Ansible via Docker](#using-ansible-via-docker). @@ -30,8 +28,7 @@ Depending on your distribution, you may be able to upgrade Ansible in a few diff If using the `pip` method, do note that the `ansible-playbook` binary may not be on the `$PATH` (https://linuxconfig.org/linux-path-environment-variable), but in some more special location like `/usr/local/bin/ansible-playbook`. You may need to invoke it using the full path. -**Note**: Both of the above methods are a bad way to run system software such as Ansible. -If you find yourself needing to resort to such hacks, please consider reporting a bug to your distribution and/or switching to a sane distribution, which provides up-to-date software. +**Note**: Both of the above methods are a bad way to run system software such as Ansible. If you find yourself needing to resort to such hacks, please consider reporting a bug to your distribution and/or switching to a sane distribution, which provides up-to-date software. ## Using Ansible via Docker @@ -45,8 +42,7 @@ You can either [run Ansible in a container on the Matrix server itself](#running ### Running Ansible in a container on the Matrix server itself -To run Ansible in a (Docker) container on the Matrix server itself, you need to have a working Docker installation. -Docker is normally installed by the playbook, so this may be a bit of a chicken and egg problem. To solve it: +To run Ansible in a (Docker) container on the Matrix server itself, you need to have a working Docker installation. Docker is normally installed by the playbook, so this may be a bit of a chicken and egg problem. To solve it: - you **either** need to install Docker manually first. Follow [the upstream instructions](https://docs.docker.com/engine/install/) for your distribution and consider setting `matrix_playbook_docker_installation_enabled: false` in your `vars.yml` file, to prevent the playbook from installing Docker - **or** you need to run the playbook in another way (e.g. [Running Ansible in a container on another computer (not the Matrix server)](#running-ansible-in-a-container-on-another-computer-not-the-matrix-server)) at least the first time around @@ -54,6 +50,7 @@ Docker is normally installed by the playbook, so this may be a bit of a chicken Once you have a working Docker installation on the server, **clone the playbook** somewhere on the server and configure it as per usual (`inventory/hosts`, `inventory/host_vars/..`, etc.), as described in [configuring the playbook](configuring-playbook.md). You would then need to add `ansible_connection=community.docker.nsenter` to the host line in `inventory/hosts`. This tells Ansible to connect to the "remote" machine by switching Linux namespaces with [nsenter](https://man7.org/linux/man-pages/man1/nsenter.1.html), instead of using SSH. + Alternatively, you can leave your `inventory/hosts` as is and specify the connection type in **each** `ansible-playbook` call you do later, like this: `ansible-playbook --connection=community.docker.nsenter ...` Run this from the playbook's directory: @@ -68,8 +65,7 @@ docker run -it --rm \ docker.io/devture/ansible:2.17.0-r0-1 ``` -Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container. -The `/work` directory contains the playbook's code. +Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container. The `/work` directory contains the playbook's code. First, consider running `git config --global --add safe.directory /work` to [resolve directory ownership issues](#resolve-directory-ownership-issues). @@ -89,11 +85,9 @@ docker run -it --rm \ docker.io/devture/ansible:2.17.0-r0-1 ``` -The above command tries to mount an SSH key (`$HOME/.ssh/id_rsa`) into the container (at `/root/.ssh/id_rsa`). -If your SSH key is at a different path (not in `$HOME/.ssh/id_rsa`), adjust that part. +The above command tries to mount an SSH key (`$HOME/.ssh/id_rsa`) into the container (at `/root/.ssh/id_rsa`). If your SSH key is at a different path (not in `$HOME/.ssh/id_rsa`), adjust that part. -Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container. -The `/work` directory contains the playbook's code. +Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container. The `/work` directory contains the playbook's code. First, consider running `git config --global --add safe.directory /work` to [resolve directory ownership issues](#resolve-directory-ownership-issues). @@ -103,6 +97,7 @@ Finally, you execute `ansible-playbook ...` commands as per normal now. #### If you don't use SSH keys for authentication If you don't use SSH keys for authentication, simply remove that whole line (`-v $HOME/.ssh/id_rsa:/root/.ssh/id_rsa:ro`). + To authenticate at your server using a password, you need to add a package. So, when you are in the shell of the ansible docker container (the previously used `docker run -it ...` command), run: ```bash apk add sshpass diff --git a/docs/configuring-captcha.md b/docs/configuring-captcha.md index 8d46891d0..ad411ddde 100644 --- a/docs/configuring-captcha.md +++ b/docs/configuring-captcha.md @@ -2,6 +2,7 @@ # Overview Captcha can be enabled for this home server. This file explains how to do that. + The captcha mechanism used is Google's [ReCaptcha](https://www.google.com/recaptcha/). This requires API keys from Google. If your homeserver is Dendrite then [hCapcha](https://www.hcaptcha.com) can be used instead. ## ReCaptcha diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 8779956ea..87a793ce1 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -2,18 +2,16 @@ To set up Matrix on your domain, you'd need to do some DNS configuration. -To use an identifier like `@:example.com`, you don't actually need -to install anything on the actual `example.com` server. +To use an identifier like `@:example.com`, you don't actually need to install anything on the actual `example.com` server. + +You do, however, need to instruct the Matrix network that Matrix services for `example.com` are delegated over to `matrix.example.com`. -You do, however need to instruct the Matrix network that Matrix services for `example.com` are delegated -over to `matrix.example.com`. As we discuss in [Server Delegation](howto-server-delegation.md), there are 2 different ways to set up such delegation: - either by serving a `https://example.com/.well-known/matrix/server` file (from the base domain!) - or by using a `_matrix._tcp` DNS SRV record (don't confuse this with the `_matrix-identity._tcp` SRV record described below) -This playbook mostly discusses the well-known file method, because it's easier to manage with regard to certificates. -If you decide to go with the alternative method ([Server Delegation via a DNS SRV record (advanced)](howto-server-delegation.md#server-delegation-via-a-dns-srv-record-advanced)), please be aware that the general flow that this playbook guides you through may not match what you need to do. +This playbook mostly discusses the well-known file method, because it's easier to manage with regard to certificates. If you decide to go with the alternative method ([Server Delegation via a DNS SRV record (advanced)](howto-server-delegation.md#server-delegation-via-a-dns-srv-record-advanced)), please be aware that the general flow that this playbook guides you through may not match what you need to do. ## DNS settings for services enabled by default @@ -57,8 +55,7 @@ When setting up a SRV record, if you are asked for a service and protocol instea As the table above illustrates, you need to create 2 subdomains (`matrix.example.com` and `element.example.com`) and point both of them to your new server's IP address (DNS `A` record or `CNAME` record is fine). -The `element.example.com` subdomain may be necessary, because this playbook installs the [Element](https://github.com/element-hq/element-web) web client for you. -If you'd rather instruct the playbook not to install Element (`matrix_client_element_enabled: false` when [Configuring the playbook](configuring-playbook.md) later), feel free to skip the `element.example.com` DNS record. +The `element.example.com` subdomain may be necessary, because this playbook installs the [Element](https://github.com/element-hq/element-web) web client for you. If you'd rather instruct the playbook not to install Element (`matrix_client_element_enabled: false` when [Configuring the playbook](configuring-playbook.md) later), feel free to skip the `element.example.com` DNS record. The `dimension.example.com` subdomain may be necessary, because this playbook could install the [Dimension integrations manager](http://dimension.t2bot.io/) for you. The installation of Dimension is disabled by default, because it's only possible to install it after the other Matrix services are working (see [Setting up Dimension](configuring-playbook-dimension.md) later). If you do not wish to set up Dimension, feel free to skip the `dimension.example.com` DNS record. @@ -100,5 +97,4 @@ When you're done with the DNS configuration and ready to proceed, continue with ## `_dmarc`, `postmoogle._domainkey` TXT and `matrix` MX records setup -To make the [postmoogle](configuring-playbook-bot-postmoogle.md) email bridge enable its email sending features, you need to configure -SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records +To make the [postmoogle](configuring-playbook-bot-postmoogle.md) email bridge enable its email sending features, you need to configure SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records diff --git a/docs/configuring-playbook-appservice-draupnir-for-all.md b/docs/configuring-playbook-appservice-draupnir-for-all.md index 760c3e751..a8c703381 100644 --- a/docs/configuring-playbook-appservice-draupnir-for-all.md +++ b/docs/configuring-playbook-appservice-draupnir-for-all.md @@ -24,8 +24,7 @@ Draupnir for all does not support external tooling like [MRU](https://mru.rory.g The playbook does not create a management room for your Main Draupnir. This task you have to do on your own. -The management room has to be given an alias and be public when you are setting up the bot for the first time as the bot does not differentiate between invites -and invites to the management room. +The management room has to be given an alias and be public when you are setting up the bot for the first time as the bot does not differentiate between invites and invites to the management room. This management room is used to control who has access to your D4A deployment. The room stores this data inside of the control room state so your bot must have sufficient powerlevel to send custom state events. This is default 50 or moderator as Element calls this powerlevel. diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index cf5f66482..7d68bd1ce 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -1,8 +1,8 @@ # Setting up borg backup (optional) The playbook can install and configure [borgbackup](https://www.borgbackup.org/) with [borgmatic](https://torsion.org/borgmatic/) for you. -BorgBackup is a deduplicating backup program with optional compression and encryption. -That means your daily incremental backups can be stored in a fraction of the space and is safe whether you store it at home or on a cloud service. + +BorgBackup is a deduplicating backup program with optional compression and encryption. That means your daily incremental backups can be stored in a fraction of the space and is safe whether you store it at home or on a cloud service. You will need a remote server where borg will store the backups. There are hosted, borg compatible solutions available, such as [BorgBase](https://www.borgbase.com). @@ -76,6 +76,4 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Manually start a backup -For testing your setup it can be helpful to not wait until 4am. If you want to run the backup immediately, log onto the server -and run `systemctl start matrix-backup-borg`. This will not return until the backup is done, so possibly a long time. -Consider using [tmux](https://en.wikipedia.org/wiki/Tmux) if your SSH connection is unstable. +For testing your setup it can be helpful to not wait until 4am. If you want to run the backup immediately, log onto the server and run `systemctl start matrix-backup-borg`. This will not return until the backup is done, so possibly a long time. Consider using [tmux](https://en.wikipedia.org/wiki/Tmux) if your SSH connection is unstable. diff --git a/docs/configuring-playbook-base-domain-serving.md b/docs/configuring-playbook-base-domain-serving.md index f999d50fc..175eae883 100644 --- a/docs/configuring-playbook-base-domain-serving.md +++ b/docs/configuring-playbook-base-domain-serving.md @@ -1,8 +1,6 @@ # Serving the base domain -This playbook sets up services on your Matrix server (`matrix.example.com`). -To have this server officially be responsible for Matrix services for the base domain (`example.com`), you need to set up [Server Delegation](howto-server-delegation.md). -This is normally done by [configuring well-known](configuring-well-known.md) files on the base domain. +This playbook sets up services on your Matrix server (`matrix.example.com`). To have this server officially be responsible for Matrix services for the base domain (`example.com`), you need to set up [Server Delegation](howto-server-delegation.md). This is normally done by [configuring well-known](configuring-well-known.md) files on the base domain. People who don't have a separate server to dedicate to the base domain have trouble arranging this. @@ -31,8 +29,7 @@ Doing this, the playbook will: ## Serving a static website at the base domain -By default, when "serving the base domain" is enabled, the playbook hosts a simple `index.html` webpage at `/matrix/static-files/public/index.html`. -The content of this page is taken from the `matrix_static_files_file_index_html_template` variable. +By default, when "serving the base domain" is enabled, the playbook hosts a simple `index.html` webpage at `/matrix/static-files/public/index.html`. The content of this page is taken from the `matrix_static_files_file_index_html_template` variable. If you'd like to host your own static website (more than a single `index.html` page) at the base domain, you can disable the creation of this default `index.html` page like this: @@ -50,8 +47,7 @@ matrix_static_files_container_labels_base_domain_root_path_redirection_enabled: With this configuration, Ansible will no longer mess around with the `/matrix/static-files/public/index.html` file. -You are then free to upload any static website files to `/matrix/static-files/public` and they will get served at the base domain. -You can do so manually or by using the [ansible-role-aux](https://github.com/mother-of-all-self-hosting/ansible-role-aux) Ansible role, which is part of this playbook already. +You are then free to upload any static website files to `/matrix/static-files/public` and they will get served at the base domain. You can do so manually or by using the [ansible-role-aux](https://github.com/mother-of-all-self-hosting/ansible-role-aux) Ansible role, which is part of this playbook already. ## Serving a more complicated website at the base domain diff --git a/docs/configuring-playbook-bot-draupnir.md b/docs/configuring-playbook-bot-draupnir.md index 029d79ce4..5bd9c3df8 100644 --- a/docs/configuring-playbook-bot-draupnir.md +++ b/docs/configuring-playbook-bot-draupnir.md @@ -110,6 +110,7 @@ matrix_bot_draupnir_management_room: "ROOM_ID_FROM_STEP_4_GOES_HERE" ### 5c. Migrating from Mjolnir (Only required if migrating.) Replace your `matrix_bot_mjolnir` config with `matrix_bot_draupnir` config. Also disable Mjolnir if you're doing migration. + That is all you need to do due to that Draupnir can complete migration on its own. ## 6. Installing @@ -137,8 +138,7 @@ Draupnir can be told to self-join public rooms, but it's better to follow this f 3. Tell it to protect the room (using the [rooms command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#using-the-draupnir-rooms-command)) by sending the following command to the Management Room: `!draupnir rooms add !qporfwt:example.com` -To have Draupnir provide useful room protection, you need do to a bit more work (at least the first time around). -You may wish to [Subscribe to a public policy list](#subscribing-to-a-public-policy-list), [Create your own own policy and rules](#creating-your-own-policy-lists-and-rules) and [Enabling built-in protections](#enabling-built-in-protections). +To have Draupnir provide useful room protection, you need do to a bit more work (at least the first time around). You may wish to [Subscribe to a public policy list](#subscribing-to-a-public-policy-list), [Create your own own policy and rules](#creating-your-own-policy-lists-and-rules) and [Enabling built-in protections](#enabling-built-in-protections). ### Giving Draupnir permissions to do its job @@ -213,14 +213,14 @@ matrix_bot_draupnir_configuration_extension_yaml: | Draupnir supports two methods to receive reports in the management room. -The first method intercepts the report API endpoint of the client-server API, which requires integration with the reverse proxy in front of the homeserver. -If you are using traefik, this playbook can set this up for you: +The first method intercepts the report API endpoint of the client-server API, which requires integration with the reverse proxy in front of the homeserver. If you are using traefik, this playbook can set this up for you: + ```yaml matrix_bot_draupnir_abuse_reporting_enabled: true ``` -The other method polls an synapse admin API endpoint and is hence only available when using synapse and when the Draupnir user is an admin user (see step 1). -To enable it, set `pollReports: true` in Draupnir's config: +The other method polls an synapse admin API endpoint and is hence only available when using synapse and when the Draupnir user is an admin user (see step 1). To enable it, set `pollReports: true` in Draupnir's config: + ```yaml matrix_bot_draupnir_configuration_extension_yaml: | pollReports: true diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index 17c12e8e2..6583a92e0 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -2,11 +2,9 @@ The playbook can install and configure [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) for you. -The bot allows you to easily **create and manage registration tokens** aka. invitation codes. -It can be used for an invitation-based server, where you invite someone by sending them a registration token (tokens look like this: `rbalQ0zkaDSRQCOp`). They can register as per normal but have to provide a valid registration token in the final step of the registration process. +The bot allows you to easily **create and manage registration tokens** aka. invitation codes. It can be used for an invitation-based server, where you invite someone by sending them a registration token (tokens look like this: `rbalQ0zkaDSRQCOp`). They can register as per normal but have to provide a valid registration token in the final step of the registration process. -See the project's [documentation](https://github.com/moan0s/matrix-registration-bot#supported-commands) to learn what it -does and why it might be useful to you. +See the project's [documentation](https://github.com/moan0s/matrix-registration-bot#supported-commands) to learn what it does and why it might be useful to you. ## Configuration @@ -43,8 +41,8 @@ To use the bot, start a chat with `@bot.matrix-registration-bot:example.com` (wh In this room send `help` and the bot will reply with all options. You can also refer to the upstream [Usage documentation](https://github.com/moan0s/matrix-registration-bot#supported-commands). -If you have any questions, or if you need help setting it up, read the [troublshooting guide](https://github.com/moan0s/matrix-registration-bot/blob/main/docs/troubleshooting.md) -or join [#matrix-registration-bot:hyteck.de](https://matrix.to/#/#matrix-registration-bot:hyteck.de). + +If you have any questions, or if you need help setting it up, read the [troublshooting guide](https://github.com/moan0s/matrix-registration-bot/blob/main/docs/troubleshooting.md) or join [#matrix-registration-bot:hyteck.de](https://matrix.to/#/#matrix-registration-bot:hyteck.de). To clean the cache (session & encryption data) after you changed the bot's username, changed the login method from access_token to password etc... you can use: diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index 8a59ac919..31714e38a 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -2,11 +2,9 @@ The playbook can install and configure [maubot](https://github.com/maubot/maubot) for you. -After setting up maubot, you can use the web management interface to make it do things. -The default location of the management interface is `matrix.example.com/_matrix/maubot/` +After setting up maubot, you can use the web management interface to make it do things. The default location of the management interface is `matrix.example.com/_matrix/maubot/` -See the project's [documentation](https://docs.mau.fi/maubot/usage/basic.html) to learn what it -does and why it might be useful to you. +See the project's [documentation](https://docs.mau.fi/maubot/usage/basic.html) to learn what it does and why it might be useful to you. ## Adjusting the playbook configuration @@ -64,8 +62,7 @@ By default, you can visit `matrix.example.com/_matrix/maubot/` to manage your av You should start in the following order 1. **Create one or more clients**: A client is a Matrix account which the bot will use to message. By default, the playbook creates a `bot.maubot` account (as per the configuration above). You only need to [obtain an access token](#obtaining-an-access-token) for it 2. **Upload some Plugins**: Plugins can be obtained from [here](https://github.com/maubot/maubot#plugins) or any other source. -3. **Create an instance**: An instance is the actual bot. You have to specify a client which the bot instance will use -and the plugin (how the bot will behave) +3. **Create an instance**: An instance is the actual bot. You have to specify a client which the bot instance will use and the plugin (how the bot will behave) ## Obtaining an access token diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index c6cad624a..9de3ac035 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -4,8 +4,7 @@ The playbook can install and configure [Postmoogle](https://github.com/etkecc/postmoogle) for you. -It's a bot/bridge you can use to forward emails to Matrix rooms. -Postmoogle runs an SMTP email server and allows you to assign mailbox addresses to Matrix rooms. +Postmoogle is a bot/bridge you can use to forward emails to Matrix rooms. It runs an SMTP email server and allows you to assign mailbox addresses to Matrix rooms. See the project's [documentation](https://github.com/etkecc/postmoogle) to learn what it does and why it might be useful to you. diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md index 01debd2f3..52a483b38 100644 --- a/docs/configuring-playbook-bridge-appservice-webhooks.md +++ b/docs/configuring-playbook-bridge-appservice-webhooks.md @@ -17,8 +17,7 @@ matrix_appservice_webhooks_enabled: true matrix_appservice_webhooks_api_secret: '' ``` -2. In case you want to change the verbosity of logging via `journalctl -fu matrix-appservice-webhooks.service` -you can adjust this in `inventory/host_vars/matrix.example.com/vars.yml` as well. +2. In case you want to change the verbosity of logging via `journalctl -fu matrix-appservice-webhooks.service` you can adjust this in `inventory/host_vars/matrix.example.com/vars.yml` as well. **Note**: default value is: `info` and availabe log levels are : `info`, `verbose` diff --git a/docs/configuring-playbook-bridge-go-skype-bridge.md b/docs/configuring-playbook-bridge-go-skype-bridge.md index 10a244aa0..ed39d9996 100644 --- a/docs/configuring-playbook-bridge-go-skype-bridge.md +++ b/docs/configuring-playbook-bridge-go-skype-bridge.md @@ -1,7 +1,6 @@ # Setting up Go Skype Bridge (optional) -The playbook can install and configure -[go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) for you. +The playbook can install and configure [go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) for you. See the project page to learn what it does and why it might be useful to you. @@ -19,8 +18,6 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Usage -Once the bot is enabled, you need to start a chat with `Skype bridge bot` -with the handle `@skypebridgebot:example.com` (where `example.com` is your base -domain, not the `matrix.` domain). +Once the bot is enabled, you need to start a chat with `Skype bridge bot` with the handle `@skypebridgebot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Send `help` to the bot to see the commands available. diff --git a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md index 81aebfade..927475d90 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md @@ -30,6 +30,7 @@ Before proceeding to [re-running the playbook](./installing.md), you may wish to ### Bridge mode As mentioned above, the [mautrix-meta](https://github.com/mautrix/meta) bridge supports multiple modes of operation. + The bridge can pull your Messenger messages via 3 different methods: - (`facebook`) Facebook via `facebook.com` diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index 3fc98eda6..48ed559a1 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -65,8 +65,7 @@ matrix_mautrix_telegram_configuration_extension_yaml: | '@user:example.com': admin ``` -More details about permissions in this example: -https://github.com/mautrix/telegram/blob/master/mautrix_telegram/example-config.yaml#L410 +More details about permissions in this example: https://github.com/mautrix/telegram/blob/master/mautrix_telegram/example-config.yaml#L410 If you like to exclude all groups from syncing and use the Telgeram-Bridge only for direct chats, you can add the following additional playbook configuration: ```yaml diff --git a/docs/configuring-playbook-bridge-mautrix-whatsapp.md b/docs/configuring-playbook-bridge-mautrix-whatsapp.md index d65075c83..c04940ebf 100644 --- a/docs/configuring-playbook-bridge-mautrix-whatsapp.md +++ b/docs/configuring-playbook-bridge-mautrix-whatsapp.md @@ -15,17 +15,18 @@ matrix_mautrix_whatsapp_enabled: true Whatsapp multidevice beta is required, now it is enough if Whatsapp is connected to the Internet every 2 weeks. The relay bot functionality is off by default. If you would like to enable the relay bot, add the following to your `vars.yml` file: + ```yaml matrix_mautrix_whatsapp_bridge_relay_enabled: true ``` By default, only admins are allowed to set themselves as relay users. To allow anyone on your homeserver to set themselves as relay users add this to your `vars.yml` file: + ```yaml matrix_mautrix_whatsapp_bridge_relay_admin_only: false ``` -If you want to activate the relay bot in a room, use `!wa set-relay`. -Use `!wa unset-relay` to deactivate. +If you want to activate the relay bot in a room, send `!wa set-relay`. To deactivate, send `!wa unset-relay`. ## Installing diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index aca5fdb83..fb1f104c5 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -1,7 +1,6 @@ # Setting up Dimension (optional) -**[Dimension](https://dimension.t2bot.io) can only be installed after Matrix services are installed and running.** -If you're just installing Matrix services for the first time, please continue with the [Configuration](configuring-playbook.md) / [Installation](installing.md) flow and come back here later. +**[Dimension](https://dimension.t2bot.io) can only be installed after Matrix services are installed and running.** If you're just installing Matrix services for the first time, please continue with the [Configuration](configuring-playbook.md) / [Installation](installing.md) flow and come back here later. **Note**: Dimension is **[officially unmaintained](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2806#issuecomment-1673559299)**. We recommend not bothering with installing it. @@ -17,8 +16,7 @@ matrix_dimension_enabled: true ### Define admin users -These users can modify the integrations this Dimension supports. -Add this to your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): +These users can modify the integrations this Dimension supports. Add this to your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): ```yaml matrix_dimension_admins: @@ -30,11 +28,9 @@ The admin interface is accessible within Element by accessing it in any room and ### Access token -We recommend that you create a dedicated Matrix user for Dimension (`dimension` is a good username). -Follow our [Registering users](registering-users.md) guide to learn how to register **a regular (non-admin) user**. +We recommend that you create a dedicated Matrix user for Dimension (`dimension` is a good username). Follow our [Registering users](registering-users.md) guide to learn how to register **a regular (non-admin) user**. -You are required to specify an access token (belonging to this new user) for Dimension to work. -To get an access token for the Dimension user, you can follow the documentation on [how to do obtain an access token](obtaining-access-tokens.md). +You are required to specify an access token (belonging to this new user) for Dimension to work. To get an access token for the Dimension user, you can follow the documentation on [how to do obtain an access token](obtaining-access-tokens.md). **Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.** @@ -91,7 +87,6 @@ In the interim until the above limitation is resolved, an admin user needs to co ## Additional features -To use a more custom configuration, you can define a `matrix_dimension_configuration_extension_yaml` string variable and put your configuration in it. -To learn more about how to do this, refer to the information about `matrix_dimension_configuration_extension_yaml` in the [default variables file](../roles/custom/matrix-dimension/defaults/main.yml) of the Dimension component. +To use a more custom configuration, you can define a `matrix_dimension_configuration_extension_yaml` string variable and put your configuration in it. To learn more about how to do this, refer to the information about `matrix_dimension_configuration_extension_yaml` in the [default variables file](../roles/custom/matrix-dimension/defaults/main.yml) of the Dimension component. You can find all configuration options on [GitHub page of Dimension project](https://github.com/turt2live/matrix-dimension/blob/master/config/default.yaml). diff --git a/docs/configuring-playbook-dynamic-dns.md b/docs/configuring-playbook-dynamic-dns.md index 6d468a3c5..4bae5ea83 100644 --- a/docs/configuring-playbook-dynamic-dns.md +++ b/docs/configuring-playbook-dynamic-dns.md @@ -2,10 +2,10 @@ ## Setup -Most cloud providers / ISPs will charge you extra for a static IP address. If you're -not hosting a highly reliable homeserver you can workaround this via dynamic DNS. To -set this up, you'll need to get the username/password from your DNS provider. For -google domains, this process is described [here](https://support.google.com/domains/answer/6147083). +Most cloud providers / ISPs will charge you extra for a static IP address. If you're not hosting a highly reliable homeserver you can workaround this via dynamic DNS. + +To set this up, you'll need to get the username/password from your DNS provider. For google domains, this process is described [here](https://support.google.com/domains/answer/6147083). + After you've gotten the proper credentials you can add the following config to your `inventory/host_vars/matrix.example.com/vars.yml`: ```yaml diff --git a/docs/configuring-playbook-email.md b/docs/configuring-playbook-email.md index 087e08e79..e8e80415a 100644 --- a/docs/configuring-playbook-email.md +++ b/docs/configuring-playbook-email.md @@ -2,8 +2,7 @@ By default, this playbook sets up an [Exim](https://www.exim.org/) email server through which all Matrix services send emails. -The email server would attempt to deliver emails directly to their final destination. -This may or may not work, depending on your domain configuration (SPF settings, etc.) +The email server would attempt to deliver emails directly to their final destination. This may or may not work, depending on your domain configuration (SPF settings, etc.) By default, emails are sent from `matrix@matrix.example.com`, as specified by the `exim_relay_sender_address` playbook variable. diff --git a/docs/configuring-playbook-federation.md b/docs/configuring-playbook-federation.md index e4bcee00f..926d694f1 100644 --- a/docs/configuring-playbook-federation.md +++ b/docs/configuring-playbook-federation.md @@ -1,7 +1,6 @@ # Controlling Matrix federation (optional) -By default, your server federates with the whole Matrix network. -That is, people on your server can communicate with people on any other Matrix server. +By default, your server federates with the whole Matrix network. That is, people on your server can communicate with people on any other Matrix server. ## Federating only with select servers diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index e81d748a4..346e2c332 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -49,16 +49,14 @@ By default the Jitsi Meet instance does not require any kind of login and is ope If you're fine with such an open Jitsi instance, please skip to [Apply changes](#apply-changes). If you would like to control who is allowed to open meetings on your new Jitsi instance, then please follow the following steps to enable Jitsi's authentication and optionally guests mode. + Currently, there are three supported authentication modes: 'internal' (default), 'matrix' and 'ldap'. -**Note**: Authentication is not tested via the playbook's self-checks. -We therefore recommend that you manually verify if authentication is required by jitsi. -For this, try to manually create a conference on jitsi.example.com in your browser. +**Note**: Authentication is not tested via the playbook's self-checks. We therefore recommend that you manually verify if authentication is required by jitsi. For this, try to manually create a conference on jitsi.example.com in your browser. ### Authenticate using Jitsi accounts (Auth-Type 'internal') -The default authentication mechanism is 'internal' auth, which requires jitsi-accounts to be setup and is the recommended setup, as it also works in federated rooms. -With authentication enabled, all meeting rooms have to be opened by a registered user, after which guests are free to join. -If a registered host is not yet present, guests are put on hold in individual waiting rooms. + +The default authentication mechanism is 'internal' auth, which requires jitsi-accounts to be setup and is the recommended setup, as it also works in federated rooms. With authentication enabled, all meeting rooms have to be opened by a registered user, after which guests are free to join. If a registered host is not yet present, guests are put on hold in individual waiting rooms. Add these lines to your `inventory/host_vars/matrix.example.com/vars.yml` configuration: @@ -80,8 +78,7 @@ jitsi_prosody_auth_internal_accounts: **Attention: Probably breaks Jitsi in federated rooms and does not allow sharing conference links with guests.** -Using this authentication type require a [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service). -By default, this playbook creates and configures a user-verification-service to run locally, see [configuring-user-verification-service](configuring-playbook-user-verification-service.md). +Using this authentication type require a [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service). By default, this playbook creates and configures a user-verification-service to run locally, see [configuring-user-verification-service](configuring-playbook-user-verification-service.md). To enable set this configuration at host level: @@ -150,14 +147,11 @@ jitsi_web_config_resolution_width_ideal_and_max: 480 jitsi_web_config_resolution_height_ideal_and_max: 240 ``` -You may want to **suspend unused video layers** until they are requested again, to save up resources on both server and clients. -Read more on this feature [here](https://jitsi.org/blog/new-off-stage-layer-suppression-feature/) +You may want to **suspend unused video layers** until they are requested again, to save up resources on both server and clients. Read more on this feature [here](https://jitsi.org/blog/new-off-stage-layer-suppression-feature/) You may wish to **disable audio levels** to avoid excessive refresh of the client-side page and decrease the CPU consumption involved. -You may want to **limit the number of video feeds forwarded to each client**, to save up resources on both server and clients. As clients’ bandwidth and CPU may not bear the load, use this setting to avoid lag and crashes. -This feature is found by default in other webconference applications such as Office 365 Teams (limit is set to 4). -Read how it works [here](https://github.com/jitsi/jitsi-videobridge/blob/master/doc/last-n.md) and performance evaluation on this [study](https://jitsi.org/wp-content/uploads/2016/12/nossdav2015lastn.pdf). +You may want to **limit the number of video feeds forwarded to each client**, to save up resources on both server and clients. As clients’ bandwidth and CPU may not bear the load, use this setting to avoid lag and crashes. This feature is found by default in other webconference applications such as Office 365 Teams (limit is set to 4). Read how it works [here](https://github.com/jitsi/jitsi-videobridge/blob/master/doc/last-n.md) and performance evaluation on this [study](https://jitsi.org/wp-content/uploads/2016/12/nossdav2015lastn.pdf). You may want to **limit the maximum video resolution**, to save up resources on both server and clients. @@ -175,8 +169,7 @@ jitsi_prosody_max_participants: 4 # example value By default, a single JVB ([Jitsi VideoBridge](https://github.com/jitsi/jitsi-videobridge)) is deployed on the same host as the Matrix server. To allow more video-conferences to happen at the same time, you may need to provision additional JVB services on other hosts. -There is an ansible playbook that can be run with the following tag: -`ansible-playbook -i inventory/hosts --limit jitsi_jvb_servers jitsi_jvb.yml --tags=common,setup-additional-jitsi-jvb,start` +There is an ansible playbook that can be run with the following tag: `ansible-playbook -i inventory/hosts --limit jitsi_jvb_servers jitsi_jvb.yml --tags=common,setup-additional-jitsi-jvb,start` For this role to work you will need an additional section in the ansible hosts file with the details of the JVB hosts, for example: ``` @@ -184,9 +177,7 @@ For this role to work you will need an additional section in the ansible hosts f ansible_host= ``` -Each JVB will require a server ID to be set so that it can be uniquely identified and this allows Jitsi to keep track of which conferences are on which JVB. -The server ID is set with the variable `jitsi_jvb_server_id` which ends up as the JVB_WS_SERVER_ID environment variables in the JVB docker container. -This variable can be set via the host file, a parameter to the ansible command or in the `vars.yaml` for the host which will have the additional JVB. For example: +Each JVB will require a server ID to be set so that it can be uniquely identified and this allows Jitsi to keep track of which conferences are on which JVB. The server ID is set with the variable `jitsi_jvb_server_id` which ends up as the JVB_WS_SERVER_ID environment variables in the JVB docker container. This variable can be set via the host file, a parameter to the ansible command or in the `vars.yaml` for the host which will have the additional JVB. For example: ``` yaml jitsi_jvb_server_id: 'jvb-2' @@ -206,8 +197,7 @@ The additional JVB will also need to expose the colibri web socket port and this jitsi_jvb_container_colibri_ws_host_bind_port: 9090 ``` -The JVB will also need to know where the prosody xmpp server is located, similar to the server ID this can be set in the vars for the JVB by using the variable -`jitsi_xmpp_server`. The Jitsi prosody container is deployed on the Matrix server by default so the value can be set to the Matrix domain. For example: +The JVB will also need to know where the prosody xmpp server is located, similar to the server ID this can be set in the vars for the JVB by using the variable `jitsi_xmpp_server`. The Jitsi prosody container is deployed on the Matrix server by default so the value can be set to the Matrix domain. For example: ```yaml jitsi_xmpp_server: "{{ matrix_domain }}" @@ -219,9 +209,7 @@ However, it can also be set the ip address of the Matrix server. This can be use jitsi_xmpp_server: "192.168.0.1" ``` -For the JVB to be able to contact the XMPP server, the latter must expose the XMPP port (5222). By default, the Matrix server does not expose the -port; only the XMPP container exposes it internally inside the host, which means that the first JVB (which runs on the Matrix server) can reach it but -the additional JVB cannot. The port is exposed by setting `jitsi_prosody_container_jvb_host_bind_port` like this: +For the JVB to be able to contact the XMPP server, the latter must expose the XMPP port (5222). By default, the Matrix server does not expose the port; only the XMPP container exposes it internally inside the host, which means that the first JVB (which runs on the Matrix server) can reach it but the additional JVB cannot. The port is exposed by setting `jitsi_prosody_container_jvb_host_bind_port` like this: ```yaml jitsi_prosody_container_jvb_host_bind_port: 5222 @@ -229,8 +217,7 @@ jitsi_prosody_container_jvb_host_bind_port: 5222 (The default is empty; if it's set then docker forwards the port.) -Applied together this will allow you to provision extra JVB instances which will register themselves with the prosody service and be available for jicofo -to route conferences too. +Applied together this will allow you to provision extra JVB instances which will register themselves with the prosody service and be available for jicofo to route conferences too. To make Traefik reverse-proxy to these additional JVBs (living on other hosts), **you would need to add the following Traefik configuration extension**: @@ -270,8 +257,7 @@ traefik_provider_configuration_extension_yaml: | ## (Optional) Enable Gravatar -In the default Jisti Meet configuration, gravatar.com is enabled as an avatar service. This results in third party request leaking data to gravatar. -Since element already sends the url of configured Matrix avatars to Jitsi, we disabled gravatar. +In the default Jisti Meet configuration, gravatar.com is enabled as an avatar service. This results in third party request leaking data to gravatar. Since element already sends the url of configured Matrix avatars to Jitsi, we disabled gravatar. To enable Gravatar set: @@ -279,8 +265,7 @@ To enable Gravatar set: jitsi_disable_gravatar: false ``` -**Beware**: This leaks information to a third party, namely the Gravatar-Service (unless configured otherwise: gravatar.com). -Besides metadata, this includes the Matrix user_id and possibly the room identifier (via `referrer` header). +**Beware**: This leaks information to a third party, namely the Gravatar-Service (unless configured otherwise: gravatar.com). Besides metadata, this includes the Matrix user_id and possibly the room identifier (via `referrer` header). ## Installing diff --git a/docs/configuring-playbook-ma1sd.md b/docs/configuring-playbook-ma1sd.md index fd65679e1..1f8a6f28f 100644 --- a/docs/configuring-playbook-ma1sd.md +++ b/docs/configuring-playbook-ma1sd.md @@ -32,8 +32,7 @@ matrix_ma1sd_matrixorg_forwarding_enabled: true ### Customizing email templates -If you'd like to change the default email templates used by ma1sd, take a look at the `matrix_ma1sd_threepid_medium_email_custom_` variables -(in the `roles/custom/matrix-ma1sd/defaults/main.yml` file. +If you'd like to change the default email templates used by ma1sd, take a look at the `matrix_ma1sd_threepid_medium_email_custom_` variables (in the `roles/custom/matrix-ma1sd/defaults/main.yml` file. ## Installing @@ -84,12 +83,9 @@ What this playbook configures for your is some bare minimum Identity Server func A few variables can be toggled in this playbook to alter the ma1sd configuration that gets generated. -Still, ma1sd can do much more. -You can refer to the [ma1sd website](https://github.com/ma1uta/ma1sd) for more details and configuration options. +Still, ma1sd can do much more. You can refer to the [ma1sd website](https://github.com/ma1uta/ma1sd) for more details and configuration options. -To use a more custom configuration, you can define a `matrix_ma1sd_configuration_extension_yaml` string variable -and put your configuration in it. -To learn more about how to do this, refer to the information about `matrix_ma1sd_configuration_extension_yaml` in the [default variables file](../roles/custom/matrix-ma1sd/defaults/main.yml) of the ma1sd component. +To use a more custom configuration, you can define a `matrix_ma1sd_configuration_extension_yaml` string variable and put your configuration in it. To learn more about how to do this, refer to the information about `matrix_ma1sd_configuration_extension_yaml` in the [default variables file](../roles/custom/matrix-ma1sd/defaults/main.yml) of the ma1sd component. ## Example: SMS verification diff --git a/docs/configuring-playbook-matrix-corporal.md b/docs/configuring-playbook-matrix-corporal.md index 220c6d8ef..bb72dbb72 100644 --- a/docs/configuring-playbook-matrix-corporal.md +++ b/docs/configuring-playbook-matrix-corporal.md @@ -8,8 +8,7 @@ The playbook can install and configure [matrix-corporal](https://github.com/devture/matrix-corporal) for you. -In short, it's a sort of automation and firewalling service, which is helpful if you're instaling Matrix services in a controlled corporate environment. -See that project's documentation to learn what it does and why it might be useful to you. +In short, it's a sort of automation and firewalling service, which is helpful if you're instaling Matrix services in a controlled corporate environment. See that project's documentation to learn what it does and why it might be useful to you. If you decide that you'd like to let this playbook install it for you, you'd need to also: - (required) [set up the Shared Secret Auth password provider module](configuring-playbook-shared-secret-auth.md) @@ -71,8 +70,8 @@ matrix_synapse_rc_login: burst_count: 3 ``` -Matrix Corporal operates with a specific Matrix user on your server. -By default, it's `matrix-corporal` (controllable by the `matrix_corporal_reconciliation_user_id_local_part` setting, see above). +Matrix Corporal operates with a specific Matrix user on your server. By default, it's `matrix-corporal` (controllable by the `matrix_corporal_reconciliation_user_id_local_part` setting, see above). + No matter what Matrix user ID you configure to run it with, make sure that: - the Matrix Corporal user is created by [registering it](registering-users.md) **with administrator privileges**. Use a password you remember, as you'll need to log in from time to time to create or join rooms diff --git a/docs/configuring-playbook-matrix-ldap-registration-proxy.md b/docs/configuring-playbook-matrix-ldap-registration-proxy.md index 3e1b047be..828dee04a 100644 --- a/docs/configuring-playbook-matrix-ldap-registration-proxy.md +++ b/docs/configuring-playbook-matrix-ldap-registration-proxy.md @@ -4,8 +4,7 @@ The playbook can install and configure [matrix-ldap-registration-proxy](https:// This proxy handles Matrix registration requests and forwards them to LDAP. -**Note**: This does support the full Matrix specification for registrations. It only provide a very coarse -implementation of a basic password registration. +**Note**: This does support the full Matrix specification for registrations. It only provide a very coarse implementation of a basic password registration. ## Quickstart @@ -20,8 +19,7 @@ matrix_ldap_registration_proxy_ldap_user: matrix_ldap_registration_proxy_ldap_password: ``` -If you already use the [synapse external password provider via LDAP](configuring-playbook-ldap-auth.md) (that is, you have `matrix_synapse_ext_password_provider_ldap_enabled: true` and other options in your configuration) -you can use the following values as configuration: +If you already use the [synapse external password provider via LDAP](configuring-playbook-ldap-auth.md) (that is, you have `matrix_synapse_ext_password_provider_ldap_enabled: true` and other options in your configuration) you can use the following values as configuration: ```yaml # Use the LDAP values specified for the synapse role to setup LDAP proxy diff --git a/docs/configuring-playbook-matrix-registration.md b/docs/configuring-playbook-matrix-registration.md index 2b89a3eca..edc529eda 100644 --- a/docs/configuring-playbook-matrix-registration.md +++ b/docs/configuring-playbook-matrix-registration.md @@ -78,8 +78,7 @@ ansible-playbook -i inventory/hosts setup.yml \ --extra-vars="one_time=yes ex_date=2021-12-31" ``` -The above command creates and returns a **one-time use** token, which **expires** on the 31st of December 2021. -Adjust the `one_time` and `ex_date` variables as you see fit. +The above command creates and returns a **one-time use** token, which **expires** on the 31st of December 2021. Adjust the `one_time` and `ex_date` variables as you see fit. Share the unique registration link (generated by the command above) with users to let them register on your Matrix server. diff --git a/docs/configuring-playbook-mautrix-bridges.md b/docs/configuring-playbook-mautrix-bridges.md index 04fda5b01..ef8d21c8a 100644 --- a/docs/configuring-playbook-mautrix-bridges.md +++ b/docs/configuring-playbook-mautrix-bridges.md @@ -1,7 +1,6 @@ # Setting up a Generic Mautrix Bridge (optional) -The playbook can install and configure various [mautrix](https://github.com/mautrix) bridges (twitter, facebook, instagram, signal, hangouts, googlechat, etc.), as well as many other (non-mautrix) bridges. -This is a common guide for configuring mautrix bridges. +The playbook can install and configure various [mautrix](https://github.com/mautrix) bridges (twitter, facebook, instagram, signal, hangouts, googlechat, etc.), as well as many other (non-mautrix) bridges. This is a common guide for configuring mautrix bridges. You can see each bridge's features at in the `ROADMAP.md` file in its corresponding [mautrix](https://github.com/mautrix) repository. @@ -132,4 +131,5 @@ If you run into trouble, check the [Troubleshooting](#troubleshooting) section b ## Troubleshooting For troubleshooting information with a specific bridge, please see the playbook documentation about it (some other document in in `docs/`) and the upstream ([mautrix](https://github.com/mautrix)) bridge documentation for that specific bridge. + Reporting bridge bugs should happen upstream, in the corresponding mautrix repository, not to us. diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 092128287..5fa55eaed 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -189,8 +189,7 @@ Such a configuration would expose all services on a local port `81` and Matrix F Your reverse-proxy configuration needs to send traffic to these ports. The [`examples/reverse-proxies` directory](../examples/reverse-proxies/) contains sample configuration for various webservers (Apache2, Caddy, HAproxy, nginx, Nginx Proxy Manager). -It's important that these webservers proxy-pass requests to the correct place and also set the `Host` HTTP header appropriately. -If you don't pass the `Host` header correctly, you would get a 404 not found error from Traefik. +It's important that these webservers proxy-pass requests to the correct place and also set the `Host` HTTP header appropriately. If you don't pass the `Host` header correctly, you would get a 404 not found error from Traefik. To put it another way, `curl http://127.0.0.1:81` would give you a 404, but `curl -H 'Host: matrix.example.com' http://127.0.0.1:81` should work. diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index 3b0423e2a..92197cbff 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -112,8 +112,7 @@ Name | Description If you are using workers (`matrix_synapse_workers_enabled: true`) and have enabled `matrix_synapse_metrics_proxying_enabled` as described above, the playbook will also automatically expose all Synapse worker threads' metrics to `https://matrix.example.com/metrics/synapse/worker/ID`, where `ID` corresponds to the worker `id` as exemplified in `matrix_synapse_workers_enabled_list`. -The playbook also generates an exemplary config file (`/matrix/synapse/external_prometheus.yml.template`) with all the correct paths which you can copy to your Prometheus server and adapt to your needs. Make sure to edit the specified `password_file` path and contents and path to your `synapse-v2.rules`. -It will look a bit like this: +The playbook also generates an exemplary config file (`/matrix/synapse/external_prometheus.yml.template`) with all the correct paths which you can copy to your Prometheus server and adapt to your needs. Make sure to edit the specified `password_file` path and contents and path to your `synapse-v2.rules`. It will look a bit like this: ```yaml scrape_configs: - job_name: 'synapse' diff --git a/docs/configuring-playbook-prometheus-nginxlog.md b/docs/configuring-playbook-prometheus-nginxlog.md index d7b4ca3bb..e6ed3043a 100644 --- a/docs/configuring-playbook-prometheus-nginxlog.md +++ b/docs/configuring-playbook-prometheus-nginxlog.md @@ -26,10 +26,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` ## Docker Image Compatibility -At the moment of writing only images for `amd64` and `arm64` architectures are available - -The playbook currently does not support [self-building](./self-building.md) a container image on other architectures. -You can however use a custom-build image by setting: +At the moment of writing only images for `amd64` and `arm64` architectures are available. The playbook currently does not support [self-building](./self-building.md) a container image on other architectures. You can however use a custom-build image by setting: ```yaml matrix_prometheus_nginxlog_exporter_docker_image_arch_check_enabled: false @@ -38,8 +35,7 @@ matrix_prometheus_nginxlog_exporter_docker_image: path/to/docker/image:tag ## Security and privacy -Metrics and resulting graphs can contain a lot of information. NginX logs contain information like IP address, URLs, UserAgents and more. This information can reveal usage patterns and could be considered Personally Identifiable Information (PII). Think about this before enabling (anonymous) access. -Please make sure you change the default Grafana password. +Metrics and resulting graphs can contain a lot of information. NginX logs contain information like IP address, URLs, UserAgents and more. This information can reveal usage patterns and could be considered Personally Identifiable Information (PII). Think about this before enabling (anonymous) access. Please make sure you change the default Grafana password. ## Save metrics on an external Prometheus server diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md index 6eeafbfd4..ba1001f0e 100644 --- a/docs/configuring-playbook-s3-goofys.md +++ b/docs/configuring-playbook-s3-goofys.md @@ -1,7 +1,6 @@ # Storing Matrix media files on Amazon S3 with Goofys (optional) -If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service), -you can let this playbook configure [Goofys](https://github.com/kahing/goofys) for you. +If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service), you can let this playbook configure [Goofys](https://github.com/kahing/goofys) for you. Another (and better performing) way to use S3 storage with Synapse is [synapse-s3-storage-provider](configuring-playbook-synapse-s3-storage-provider.md). diff --git a/docs/configuring-playbook-sliding-sync-proxy.md b/docs/configuring-playbook-sliding-sync-proxy.md index b35fe25ba..2303fd4e2 100644 --- a/docs/configuring-playbook-sliding-sync-proxy.md +++ b/docs/configuring-playbook-sliding-sync-proxy.md @@ -60,8 +60,7 @@ matrix_sliding_sync_database_name: 'matrix_sliding_sync' ## Usage -You **don't need to do anything special** to make use of the Sliding Sync Proxy. -Simply open your client which supports Sliding Sync (like Element X) and log in. +You **don't need to do anything special** to make use of the Sliding Sync Proxy. Simply open your client which supports Sliding Sync (like Element X) and log in. When the Sliding Sync proxy is [installed](#installing), your `/.well-known/matrix/client` file is also updated. A new `org.matrix.msc3575.proxy` section and `url` property are added there and made to point to your Sliding Sync proxy's base URL (e.g. `https://matrix.example.com/sliding-sync`). diff --git a/docs/configuring-playbook-sygnal.md b/docs/configuring-playbook-sygnal.md index 642ed5488..df6d57292 100644 --- a/docs/configuring-playbook-sygnal.md +++ b/docs/configuring-playbook-sygnal.md @@ -44,8 +44,7 @@ For a more complete example of available fields and values they can take, see `r Configuring [GCM/FCM](https://firebase.google.com/docs/cloud-messaging/) is easier, as it only requires that you provide some config values. -To configure [APNS](https://developer.apple.com/notifications/) (Apple Push Notification Service), you'd need to provide one or more certificate files. -To do that, the above example configuration: +To configure [APNS](https://developer.apple.com/notifications/) (Apple Push Notification Service), you'd need to provide one or more certificate files. To do that, the above example configuration: - makes use of the [`aux` role](https://github.com/mother-of-all-self-hosting/ansible-role-aux) (and its `aux_file_definitions` variable) to make the playbook install files into `/matrix/sygnal/data` (the `matrix_sygnal_data_path` variable). See [`defaults/main.yml` file](https://github.com/mother-of-all-self-hosting/ansible-role-aux/blob/main/defaults/main.yml) of the `aux` role for usage examples. It also makes sure the files are owned by `matrix:matrix`, so that Sygnal can read them. Of course, you can also install these files manually yourself, if you'd rather not use `aux`. diff --git a/docs/configuring-playbook-synapse-auto-accept-invite.md b/docs/configuring-playbook-synapse-auto-accept-invite.md index 4aca475a2..d315f6410 100644 --- a/docs/configuring-playbook-synapse-auto-accept-invite.md +++ b/docs/configuring-playbook-synapse-auto-accept-invite.md @@ -2,8 +2,7 @@ The playbook can install and configure [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite) for you. -See that project's [documentation](https://github.com/matrix-org/synapse-auto-accept-invite) to learn what it does and why it might be useful to you. -In short, it automatically accepts room invites. You can specify that only 1:1 room invites are auto-accepted. Defaults to false if not specified. +See that project's [documentation](https://github.com/matrix-org/synapse-auto-accept-invite) to learn what it does and why it might be useful to you. In short, it automatically accepts room invites. You can specify that only 1:1 room invites are auto-accepted. Defaults to false if not specified. **Note**: Synapse [v1.109.0](https://github.com/element-hq/synapse/releases/tag/v1.109.0), the same feature [has been merged](https://github.com/element-hq/synapse/pull/17147) into Synapse (see the [Native alternative](#native-alternative) section below). You'd better use the native feature, instead of the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite) 3rd party module. diff --git a/docs/configuring-playbook-synapse-auto-compressor.md b/docs/configuring-playbook-synapse-auto-compressor.md index da279d9e3..bf2c0e1c4 100644 --- a/docs/configuring-playbook-synapse-auto-compressor.md +++ b/docs/configuring-playbook-synapse-auto-compressor.md @@ -31,6 +31,4 @@ After installation, `synapse_auto_compressor` will run automatically every day a ## Manually start the tool -For testing your setup it can be helpful to not wait until 00:00. If you want to run the tool immediately, log onto the server -and run `systemctl start matrix-synapse-auto-compressor`. Running this command will not return control to your terminal until the compression run is done, which may take a long time. -Consider using [tmux](https://en.wikipedia.org/wiki/Tmux) if your SSH connection is unstable. +For testing your setup it can be helpful to not wait until 00:00. If you want to run the tool immediately, log onto the server and run `systemctl start matrix-synapse-auto-compressor`. Running this command will not return control to your terminal until the compression run is done, which may take a long time. Consider using [tmux](https://en.wikipedia.org/wiki/Tmux) if your SSH connection is unstable. diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index 718588b18..dc7d56648 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -1,7 +1,6 @@ # Storing Synapse media files on Amazon S3 with synapse-s3-storage-provider (optional) -If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service), -you can use the [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) media provider module for Synapse. +If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service), you can use the [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) media provider module for Synapse. An alternative (which has worse performance) is to use [Goofys to mount the S3 store to the local filesystem](configuring-playbook-s3-goofys.md). diff --git a/docs/configuring-playbook-synapse-simple-antispam.md b/docs/configuring-playbook-synapse-simple-antispam.md index 70b0f64cb..96072b248 100644 --- a/docs/configuring-playbook-synapse-simple-antispam.md +++ b/docs/configuring-playbook-synapse-simple-antispam.md @@ -2,8 +2,7 @@ The playbook can install and configure [synapse-simple-antispam](https://github.com/t2bot/synapse-simple-antispam) for you. -See that project's documentation to learn what it does and why it might be useful to you. -In short, it lets you fight invite-spam by automatically blocking invitiations from a list of servers specified by you (blacklisting). +See that project's documentation to learn what it does and why it might be useful to you. In short, it lets you fight invite-spam by automatically blocking invitiations from a list of servers specified by you (blacklisting). ## Adjusting the playbook configuration diff --git a/docs/configuring-playbook-synapse.md b/docs/configuring-playbook-synapse.md index b70468c66..1a214eaec 100644 --- a/docs/configuring-playbook-synapse.md +++ b/docs/configuring-playbook-synapse.md @@ -154,8 +154,7 @@ matrix_synapse_container_image_customizations_templates_git_repository_ssh_priva -----END OPENSSH PRIVATE KEY----- ``` -As mentioned in Synapse's Templates documentation, Synapse will fall back to its own templates if a template is not found in that directory. -Due to this, it's recommended to only store and maintain template files in your repository if you need to make custom changes. Other files (which you don't need to change), should not be duplicated, so that you don't need to worry about getting out-of-sync with the original Synapse templates. +As mentioned in Synapse's Templates documentation, Synapse will fall back to its own templates if a template is not found in that directory. Due to this, it's recommended to only store and maintain template files in your repository if you need to make custom changes. Other files (which you don't need to change), should not be duplicated, so that you don't need to worry about getting out-of-sync with the original Synapse templates. ## Monitoring Synapse Metrics with Prometheus and Grafana diff --git a/docs/configuring-playbook-telemetry.md b/docs/configuring-playbook-telemetry.md index a4a9117fd..37ad76b0b 100644 --- a/docs/configuring-playbook-telemetry.md +++ b/docs/configuring-playbook-telemetry.md @@ -2,9 +2,7 @@ By default, this playbook configures your Matrix homeserver to not send any telemetry data anywhere. -The [matrix.org](https://matrix.org) team would really appreciate it if you could help the project out by reporting -usage statistics from your homeserver. Enabling usage statistics helps track the -growth of the Matrix community, and helps to make Matrix a success. +The [matrix.org](https://matrix.org) team would really appreciate it if you could help the project out by reporting usage statistics from your homeserver. Enabling usage statistics helps track the growth of the Matrix community, and helps to make Matrix a success. ## Enabling Telemetry @@ -20,9 +18,6 @@ matrix_dendrite_report_stats: true # for dendrite ## Usage statistics being submitted -When enabled, your homeserver will regularly upload a few dozen statistics about your server. -This data includes your homeserver's domain, the total number of users, the number of active -users, the total number of rooms, and the number of messages sent per day on your homeserver. +When enabled, your homeserver will regularly upload a few dozen statistics about your server. This data includes your homeserver's domain, the total number of users, the number of active users, the total number of rooms, and the number of messages sent per day on your homeserver. -See [Synapse's documentation](https://github.com/element-hq/synapse/blob/develop/docs/usage/administration/monitoring/reporting_homeserver_usage_statistics.md#available-statistics) or [Dendrite's documentation](https://github.com/matrix-org/dendrite/blob/main/docs/FAQ.md#what-is-being-reported-when-enabling-phone-home-statistics) -for the full list of statistics that are reported. +See [Synapse's documentation](https://github.com/element-hq/synapse/blob/develop/docs/usage/administration/monitoring/reporting_homeserver_usage_statistics.md#available-statistics) or [Dendrite's documentation](https://github.com/matrix-org/dendrite/blob/main/docs/FAQ.md#what-is-being-reported-when-enabling-phone-home-statistics) for the full list of statistics that are reported. diff --git a/docs/configuring-playbook-turn.md b/docs/configuring-playbook-turn.md index b347c1309..0a85fd129 100644 --- a/docs/configuring-playbook-turn.md +++ b/docs/configuring-playbook-turn.md @@ -65,8 +65,7 @@ matrix_synapse_turn_uris: - turn:HOSTNAME_OR_IP?transport=tcp ``` -If you have or want to enable [Jitsi](configuring-playbook-jitsi.md), you might want to enable the TURN server there too. -If you do not do it, Jitsi will fall back to an upstream service. +If you have or want to enable [Jitsi](configuring-playbook-jitsi.md), you might want to enable the TURN server there too. If you do not do it, Jitsi will fall back to an upstream service. ```yaml jitsi_web_stun_servers: diff --git a/docs/configuring-playbook-user-verification-service.md b/docs/configuring-playbook-user-verification-service.md index aaaa28b3c..e0566c86b 100644 --- a/docs/configuring-playbook-user-verification-service.md +++ b/docs/configuring-playbook-user-verification-service.md @@ -1,7 +1,6 @@ # Setting up Matrix User Verification Service (optional) -**[Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) (hereafter: UVS) can only be installed after Matrix services are installed and running.** -If you're just installing Matrix services for the first time, please continue with the [Configuration](configuring-playbook.md) / [Installation](installing.md) flow and come back here later. +**[Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) (hereafter: UVS) can only be installed after Matrix services are installed and running.** If you're just installing Matrix services for the first time, please continue with the [Configuration](configuring-playbook.md) / [Installation](installing.md) flow and come back here later. Currently, the main purpose of this role is to allow Jitsi to authenticate Matrix users and check if they are authorized to join a conference. Please refer to the documentation of the [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) to understand how it works. @@ -16,13 +15,9 @@ UVS can be used to verify two claims: * (A) Whether a given OpenID token is valid for a given server and * (B) whether a user is member of a given room and the corresponding PowerLevel -Verifying an OpenID token ID done by finding the corresponding Homeserver via '.well-known/matrix/server' for the given domain. -The configured `matrix_user_verification_service_uvs_homeserver_url` does **not** factor into this. -By default, this playbook only checks against `matrix_server_fqn_matrix`. -Therefore, the request will be made against the public openid API for `matrix_server_fqn_matrix`. +Verifying an OpenID token ID done by finding the corresponding Homeserver via '.well-known/matrix/server' for the given domain. The configured `matrix_user_verification_service_uvs_homeserver_url` does **not** factor into this. By default, this playbook only checks against `matrix_server_fqn_matrix`. Therefore, the request will be made against the public openid API for `matrix_server_fqn_matrix`. -Verifying RoomMembership and PowerLevel is done against `matrix_user_verification_service_uvs_homeserver_url` which is by default done via the docker network. -UVS will verify the validity of the token beforehand though. +Verifying RoomMembership and PowerLevel is done against `matrix_user_verification_service_uvs_homeserver_url` which is by default done via the docker network. UVS will verify the validity of the token beforehand though. ## Prerequisites @@ -40,21 +35,17 @@ matrix_user_verification_service_enabled: true The only required configuration variable is `matrix_user_verification_service_uvs_access_token` (see below). -For a list of all configuration options see the role defaults [`roles/matrix-user-verification-service/defaults/main.yml`](../roles/custom/matrix-user-verification-service/defaults/main.yml). -But be aware of all the plugging happening in `group_vars/matrix_servers`. +For a list of all configuration options see the role defaults [`roles/matrix-user-verification-service/defaults/main.yml`](../roles/custom/matrix-user-verification-service/defaults/main.yml). But be aware of all the plugging happening in `group_vars/matrix_servers`. -In the default configuration, the UVS Server is only reachable via the docker network, which is fine if e.g. Jitsi is also running in a container on the host. -However, it is possible to expose UVS via setting `matrix_user_verification_service_container_http_host_bind_port`. +In the default configuration, the UVS Server is only reachable via the docker network, which is fine if e.g. Jitsi is also running in a container on the host. However, it is possible to expose UVS via setting `matrix_user_verification_service_container_http_host_bind_port`. ### Access token The Synapse Access Token is used to verify RoomMembership and PowerLevel against `matrix_user_verification_service_uvs_homeserver_url`. -We recommend that you create a dedicated Matrix user for uvs (`uvs` is a good username). -Follow our [Registering users](registering-users.md) guide to register a user with administration privileges. +We recommend that you create a dedicated Matrix user for uvs (`uvs` is a good username). Follow our [Registering users](registering-users.md) guide to register a user with administration privileges. -You are required to specify an access token (belonging to this new user) for UVS to work. -To get an access token for the UVS user, you can follow the documentation on [how to do obtain an access token](obtaining-access-tokens.md). +You are required to specify an access token (belonging to this new user) for UVS to work. To get an access token for the UVS user, you can follow the documentation on [how to do obtain an access token](obtaining-access-tokens.md). **Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.** @@ -67,6 +58,7 @@ matrix_user_verification_service_uvs_access_token: "YOUR ACCESS TOKEN HERE" It is possible to set an API Auth Token to restrict access to the UVS. If this is enabled, anyone making a request to UVS must provide it via the header "Authorization: Bearer TOKEN" By default, the token will be derived from `matrix_homeserver_generic_secret_key` in `group_vars/matrix_servers`. + To set your own Token, simply put the following in your host_vars. ```yaml @@ -94,8 +86,7 @@ matrix_user_verification_service_uvs_pin_openid_verify_server_name: false in your host_vars. -This will instruct UVS to verify the OpenID token against any domain given in a request. -Homeserver discovery is done via '.well-known/matrix/server' of the given domain. +This will instruct UVS to verify the OpenID token against any domain given in a request. Homeserver discovery is done via '.well-known/matrix/server' of the given domain. ## Installing diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index ffe13092c..e453814d9 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -17,8 +17,7 @@ As [per the Server-Server specification](https://matrix.org/docs/spec/server_ser Server delegation can be configured using DNS SRV records or by setting up a `/.well-known/matrix/server` file on the base domain (`example.com`). -Both methods have their place and will continue to do so. You only need to use just one of these delegation methods. -For simplicity reasons, our setup advocates for the `/.well-known/matrix/server` method and guides you into using that. +Both methods have their place and will continue to do so. You only need to use just one of these delegation methods. For simplicity reasons, our setup advocates for the `/.well-known/matrix/server` method and guides you into using that. To learn how to set up `/.well-known/matrix/server`, read the Installing section below. @@ -43,6 +42,7 @@ To learn how to set it up, read the Installing section below. The two playbook variables that you could look for, if you're interested in being an early adopter, are: `matrix_static_files_file_matrix_support_property_m_contacts` and `matrix_static_files_file_matrix_support_property_m_support_page`. Example snippet for `vars.yml`: + ``` # Enable generation of `/.well-known/matrix/support`. matrix_static_files_file_matrix_support_enabled: true @@ -69,9 +69,7 @@ To learn how to set up `/.well-known/matrix/support` for the base domain, read t To implement the two service discovery mechanisms, your base domain's server (e.g. `example.com`) needs to run an HTTPS-capable webserver. -If you don't have a server for your base domain at all, you can use the Matrix server for this. -See [Serving the base domain](configuring-playbook-base-domain-serving.md) to learn how the playbook can help you set it up. -If you decide to go this route, you don't need to read ahead in this document. When **Serving the base domain**, the playbook takes care to serve the appropriate well-known files automatically. +If you don't have a server for your base domain at all, you can use the Matrix server for this. See [Serving the base domain](configuring-playbook-base-domain-serving.md) to learn how the playbook can help you set it up. If you decide to go this route, you don't need to read ahead in this document. When **Serving the base domain**, the playbook takes care to serve the appropriate well-known files automatically. If you're managing the base domain by yourself somehow, you'll need to set up serving of some `/.well-known/matrix/*` files from it via HTTPS. @@ -90,8 +88,7 @@ All you need to do is: - set up the server at your base domain (e.g. `example.com`) so that it adds an extra HTTP header when serving the `/.well-known/matrix/client` file. [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS), the `Access-Control-Allow-Origin` header should be set with a value of `*`. If you don't do this step, web-based Matrix clients (like Element) may fail to work. Setting up headers for the `/.well-known/matrix/server` file is not necessary, as this file is only consumed by non-browsers, which don't care about CORS. -This is relatively easy to do and possibly your only choice if you can only host static files from the base domain's server. -It is, however, **a little fragile**, as future updates performed by this playbook may regenerate the well-known files and you may need to notice that and copy them over again. +This is relatively easy to do and possibly your only choice if you can only host static files from the base domain's server. It is, however, **a little fragile**, as future updates performed by this playbook may regenerate the well-known files and you may need to notice that and copy them over again. ### (Option 2): **Serving the base domain** from the Matrix server via the playbook diff --git a/docs/faq.md b/docs/faq.md index 24b2f9c35..05f1d3932 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -346,11 +346,9 @@ Refer to both of these for inspiration. Still, as mentioned in [Configuring the ### I'd like to adjust some configuration which doesn't have a corresponding variable. How do I do it? -The playbook doesn't aim to expose all configuration settings for all services using variables. -Doing so would amount to hundreds of variables that we have to create and maintain. +The playbook doesn't aim to expose all configuration settings for all services using variables. Doing so would amount to hundreds of variables that we have to create and maintain. -Instead, we only try to make some important basics configurable using dedicated variables you can see in each role. -See [What configuration variables are available?](#what-configuration-variables-are-available). +Instead, we only try to make some important basics configurable using dedicated variables you can see in each role. See [What configuration variables are available?](#what-configuration-variables-are-available). Besides that, each role (component) aims to provide a `matrix_SOME_COMPONENT_configuration_extension_yaml` (or `matrix_SOME_COMPONENT_configuration_extension_json`) variable, which can be used to override the configuration. diff --git a/docs/getting-the-playbook.md b/docs/getting-the-playbook.md index 2541da0da..ea172a499 100644 --- a/docs/getting-the-playbook.md +++ b/docs/getting-the-playbook.md @@ -21,19 +21,16 @@ Once you've installed git on your computer, you can go to any directory of your git clone https://github.com/spantaleev/matrix-docker-ansible-deploy.git ``` -This will create a new `matrix-docker-ansible-deploy` directory. -You're supposed to execute all other installation commands inside that directory. +This will create a new `matrix-docker-ansible-deploy` directory. You're supposed to execute all other installation commands inside that directory. ## Downloading the playbook as a ZIP archive -Alternatively, you can download the playbook as a ZIP archive. -This is not recommended, as it's not easy to keep up to date with future updates. We suggest you [use git](#using-git-to-get-the-playbook) instead. +Alternatively, you can download the playbook as a ZIP archive. This is not recommended, as it's not easy to keep up to date with future updates. We suggest you [use git](#using-git-to-get-the-playbook) instead. The latest version is always at the following URL: https://github.com/spantaleev/matrix-docker-ansible-deploy/archive/master.zip -You can extract this archive anywhere. You'll get a directory called `matrix-docker-ansible-deploy-master`. -You're supposed to execute all other installation commands inside that directory. +You can extract this archive anywhere. You'll get a directory called `matrix-docker-ansible-deploy-master`. You're supposed to execute all other installation commands inside that directory. --------------------------------------------- diff --git a/docs/howto-server-delegation.md b/docs/howto-server-delegation.md index 9abc2ee14..7b61553d1 100644 --- a/docs/howto-server-delegation.md +++ b/docs/howto-server-delegation.md @@ -2,8 +2,7 @@ To have a server on a subdomain (e.g. `matrix.example.com`) handle Matrix federation traffic for the base domain (`example.com`), we need to instruct the Matrix network of such a delegation. -By default, this playbook guides you into setting up [Server Delegation via a well-known file](#server-delegation-via-a-well-known-file). -However, that method may have some downsides that are not to your liking. Hence this guide about alternative ways to set up Server Delegation. +By default, this playbook guides you into setting up [Server Delegation via a well-known file](#server-delegation-via-a-well-known-file). However, that method may have some downsides that are not to your liking. Hence this guide about alternative ways to set up Server Delegation. It is a complicated matter, so unless you are affected by the [Downsides of well-known-based Server Delegation](#downsides-of-well-known-based-server-delegation), we suggest you stay on the simple/default path. @@ -12,8 +11,7 @@ It is a complicated matter, so unless you are affected by the [Downsides of well Serving a `/.well-known/matrix/server` file from the base domain is the most straightforward way to set up server delegation, but it suffers from some problems that we list in [Downsides of well-known-based Server Delegation](#downsides-of-well-known-based-server-delegation). -As we already mention in [Configuring DNS](configuring-dns.md) and [Configuring Service Discovery via .well-known](configuring-well-known.md), -this playbook already properly guides you into setting up such delegation by means of a `/.well-known/matrix/server` file served from the base domain (`example.com`). +As we already mention in [Configuring DNS](configuring-dns.md) and [Configuring Service Discovery via .well-known](configuring-well-known.md), this playbook already properly guides you into setting up such delegation by means of a `/.well-known/matrix/server` file served from the base domain (`example.com`). If this is okay with you, feel free to not read ahead. @@ -57,8 +55,7 @@ How you can obtain a valid certificate for `example.com` on the `matrix.example. If `example.com` and `matrix.example.com` are hosted on the same machine, you can let the playbook obtain the certificate for you, by following our [Obtaining SSL certificates for additional domains](configuring-playbook-ssl-certificates.md#obtaining-ssl-certificates-for-additional-domains) guide. -If `example.com` and `matrix.example.com` are not hosted on the same machine, you can copy over the certificate files manually. -Don't forget that they may get renewed once in a while, so you may also have to transfer them periodically. How often you do that is up to you, as long as the certificate files don't expire. +If `example.com` and `matrix.example.com` are not hosted on the same machine, you can copy over the certificate files manually. Don't forget that they may get renewed once in a while, so you may also have to transfer them periodically. How often you do that is up to you, as long as the certificate files don't expire. ### Serving the Federation API with your certificates @@ -81,8 +78,7 @@ Based on your setup, you have different ways to go about it: ### Serving the Federation API with your certificates and another webserver -**If you are using some other webserver**, you can set up reverse-proxying for the `tcp/8448` port by yourself. -Make sure to use the proper certificates for `example.com` (not for `matrix.example.com`) when serving the `tcp/8448` port. +**If you are using some other webserver**, you can set up reverse-proxying for the `tcp/8448` port by yourself. Make sure to use the proper certificates for `example.com` (not for `matrix.example.com`) when serving the `tcp/8448` port. As recommended in our [Fronting the integrated reverse-proxy webserver with another reverse-proxy](./configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) documentation section, we recommend you to expose the Matrix Federation entrypoint from traffic at a local port (e.g. `127.0.0.1:8449`), so your reverese-proxy should send traffic there. @@ -105,5 +101,4 @@ matrix_synapse_tls_certificate_path: /some/path/inside/the/container/certificate matrix_synapse_tls_private_key_path: /some/path/inside/the/container/private.key ``` -Make sure to reload Synapse once in a while (`systemctl reload matrix-synapse`), so that newer certificates can kick in. -Reloading doesn't cause any downtime. +Make sure to reload Synapse once in a while (`systemctl reload matrix-synapse`), so that newer certificates can kick in. Reloading doesn't cause any downtime. diff --git a/docs/importing-postgres.md b/docs/importing-postgres.md index 8b537cd34..762900c64 100644 --- a/docs/importing-postgres.md +++ b/docs/importing-postgres.md @@ -6,14 +6,11 @@ Run this if you'd like to import your database from a previous installation. ## Prerequisites -For this to work, **the database name in Postgres must match** what this playbook uses. -This playbook uses a Postgres database name of `synapse` by default (controlled by the `matrix_synapse_database_database` variable). -If your database name differs, be sure to change `matrix_synapse_database_database` to your desired name and to re-run the playbook before proceeding. +For this to work, **the database name in Postgres must match** what this playbook uses. This playbook uses a Postgres database name of `synapse` by default (controlled by the `matrix_synapse_database_database` variable). If your database name differs, be sure to change `matrix_synapse_database_database` to your desired name and to re-run the playbook before proceeding. -The playbook supports importing Postgres dump files in **text** (e.g. `pg_dump > dump.sql`) or **gzipped** formats (e.g. `pg_dump | gzip -c > dump.sql.gz`). +The playbook supports importing Postgres dump files in **text** (e.g. `pg_dump > dump.sql`) or **gzipped** formats (e.g. `pg_dump | gzip -c > dump.sql.gz`). Importing multiple databases (as dumped by `pg_dumpall`) is also supported. -Importing multiple databases (as dumped by `pg_dumpall`) is also supported. -But the migration might be a good moment, to "reset" a not properly working bridge. Be aware, that it might affect all users (new link to bridge, new rooms, ...) +The migration might be a good moment, to "reset" a not properly working bridge. Be aware, that it might affect all users (new link to bridge, new rooms, ...) Before doing the actual import, **you need to upload your Postgres dump file to the server** (any path is okay). @@ -94,6 +91,7 @@ If not, you probably get this error. `synapse` is the correct table owner, but t ``` Once the database is clear and the ownership of the tables has been fixed in the SQL file, the import task should succeed. + Check, if `--dbname` is set to `synapse` (not `matrix`) and replace paths (or even better, copy this line from your terminal) ``` diff --git a/docs/importing-synapse-media-store.md b/docs/importing-synapse-media-store.md index 0ba7bacbc..97d89c4e9 100644 --- a/docs/importing-synapse-media-store.md +++ b/docs/importing-synapse-media-store.md @@ -8,6 +8,7 @@ Run this if you'd like to import your `media_store` files from a previous instal Before doing the actual data restore, **you need to upload your media store directory to the server** (any path is okay). If you are [Storing Matrix media files on Amazon S3](configuring-playbook-s3.md) (optional), restoring with this tool is not possible right now. + As an alternative, you can perform a manual restore using the [AWS CLI tool](https://aws.amazon.com/cli/) (e.g. `aws s3 sync /path/to/server/media_store/. s3://name-of-bucket/`) **Note for Mac users**: Due to case-sensitivity issues on certain Mac filesystems (HFS or HFS+), filename corruption may occur if you copy a `media_store` directory to your Mac. If you're transferring a `media_store` directory between 2 servers, make sure you do it directly (from server to server with a tool such as [rsync](https://rsync.samba.org/)), and not by downloading the files to your Mac. diff --git a/docs/importing-synapse-sqlite.md b/docs/importing-synapse-sqlite.md index b5aa9f218..b850cfa64 100644 --- a/docs/importing-synapse-sqlite.md +++ b/docs/importing-synapse-sqlite.md @@ -1,7 +1,6 @@ # Importing an existing SQLite database from another Synapse installation (optional) -Run this if you'd like to import your database from a previous default installation of Synapse. -(don't forget to import your `media_store` files as well - see [the importing-synapse-media-store guide](importing-synapse-media-store.md)). +Run this if you'd like to import your database from a previous default installation of Synapse (don't forget to import your `media_store` files as well - see [the importing-synapse-media-store guide](importing-synapse-media-store.md)). While this playbook only supports running Synapse in combination with PostgreSQL, a Synapse instance installed manually usually defaults to using an SQLite database. diff --git a/docs/installing.md b/docs/installing.md index b282b9734..48103c2be 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -56,8 +56,7 @@ Proceed to [Maintaining your setup in the future](#2-maintaining-your-setup-in-t ### Installing a server into which you'll import old data -If you will be importing data into your newly created Matrix server, install it, but **do not** start its services just yet. -Starting its services or messing with its database now will affect your data import later on. +If you will be importing data into your newly created Matrix server, install it, but **do not** start its services just yet. Starting its services or messing with its database now will affect your data import later on. To do the installation **without** starting services, run only the `install-all` tag: diff --git a/docs/maintenance-postgres.md b/docs/maintenance-postgres.md index 7469e7111..deac1faa7 100644 --- a/docs/maintenance-postgres.md +++ b/docs/maintenance-postgres.md @@ -28,8 +28,7 @@ To change to another database (for example `synapse`), run `\connect synapse` (o You can then proceed to write queries. Example: `SELECT COUNT(*) FROM users;` -**Be careful**. Modifying the database directly (especially as services are running) is dangerous and may lead to irreversible database corruption. -When in doubt, consider [making a backup](#backing-up-postgresql). +**Be careful**. Modifying the database directly (especially as services are running) is dangerous and may lead to irreversible database corruption. When in doubt, consider [making a backup](#backing-up-postgresql). ## Vacuuming PostgreSQL @@ -76,8 +75,7 @@ Restoring a backup made this way can be done by [importing it](importing-postgre Unless you are using an [external Postgres server](configuring-playbook-external-postgres.md), this playbook initially installs Postgres for you. -Once installed, the playbook attempts to preserve the Postgres version it starts with. -This is because newer Postgres versions cannot start with data generated by older Postgres versions. +Once installed, the playbook attempts to preserve the Postgres version it starts with. This is because newer Postgres versions cannot start with data generated by older Postgres versions. Upgrades must be performed manually. @@ -87,17 +85,14 @@ This playbook can upgrade your existing Postgres setup with the following comman just run-tags upgrade-postgres ``` -**The old Postgres data directory is backed up** automatically, by renaming it to `/matrix/postgres/data-auto-upgrade-backup`. -To rename to a different path, pass some extra flags to the command above, like this: `--extra-vars="postgres_auto_upgrade_backup_data_path=/another/disk/matrix-postgres-before-upgrade"` +**The old Postgres data directory is backed up** automatically, by renaming it to `/matrix/postgres/data-auto-upgrade-backup`. To rename to a different path, pass some extra flags to the command above, like this: `--extra-vars="postgres_auto_upgrade_backup_data_path=/another/disk/matrix-postgres-before-upgrade"` The auto-upgrade-backup directory stays around forever, until you **manually decide to delete it**. -As part of the upgrade, the database is dumped to `/tmp`, an upgraded and empty Postgres server is started, and then the dump is restored into the new server. -To use a different directory for the dump, pass some extra flags to the command above, like this: `--extra-vars="postgres_dump_dir=/directory/to/dump/here"` +As part of the upgrade, the database is dumped to `/tmp`, an upgraded and empty Postgres server is started, and then the dump is restored into the new server. To use a different directory for the dump, pass some extra flags to the command above, like this: `--extra-vars="postgres_dump_dir=/directory/to/dump/here"` To save disk space in `/tmp`, the dump file is gzipped on the fly at the expense of CPU usage. -If you have plenty of space in `/tmp` and would rather avoid gzipping, you can explicitly pass a dump filename which doesn't end in `.gz`. -Example: `--extra-vars="postgres_dump_name=matrix-postgres-dump.sql"` +If you have plenty of space in `/tmp` and would rather avoid gzipping, you can explicitly pass a dump filename which doesn't end in `.gz`. Example: `--extra-vars="postgres_dump_name=matrix-postgres-dump.sql"` **All databases, roles, etc. on the Postgres server are migrated**. @@ -106,8 +101,7 @@ Example: `--extra-vars="postgres_dump_name=matrix-postgres-dump.sql"` PostgreSQL can be [tuned](https://wiki.postgresql.org/wiki/Tuning_Your_PostgreSQL_Server) to make it run faster. This is done by passing extra arguments to the Postgres process. -The [Postgres Ansible role](https://github.com/mother-of-all-self-hosting/ansible-role-postgres) **already does some tuning by default**, which matches the [tuning logic](https://github.com/le0pard/pgtune/blob/master/src/features/configuration/configurationSlice.js) done by websites like https://pgtune.leopard.in.ua/. -You can manually influence some of the tuning variables . These parameters (variables) are injected via the `postgres_postgres_process_extra_arguments_auto` variable. +The [Postgres Ansible role](https://github.com/mother-of-all-self-hosting/ansible-role-postgres) **already does some tuning by default**, which matches the [tuning logic](https://github.com/le0pard/pgtune/blob/master/src/features/configuration/configurationSlice.js) done by websites like https://pgtune.leopard.in.ua/. You can manually influence some of the tuning variables. These parameters (variables) are injected via the `postgres_postgres_process_extra_arguments_auto` variable. Most users should be fine with the automatically-done tuning. However, you may wish to: diff --git a/docs/maintenance-synapse.md b/docs/maintenance-synapse.md index 2ac3c98b2..eca39f886 100644 --- a/docs/maintenance-synapse.md +++ b/docs/maintenance-synapse.md @@ -39,8 +39,7 @@ To ask the playbook to run rust-synapse-compress-state, execute: ansible-playbook -i inventory/hosts setup.yml --tags=rust-synapse-compress-state ``` -By default, all rooms with more than `100000` state group rows will be compressed. -If you need to adjust this, pass: `--extra-vars='matrix_synapse_rust_synapse_compress_state_min_state_groups_required=SOME_NUMBER_HERE'` to the command above. +By default, all rooms with more than `100000` state group rows will be compressed. If you need to adjust this, pass: `--extra-vars='matrix_synapse_rust_synapse_compress_state_min_state_groups_required=SOME_NUMBER_HERE'` to the command above. After state compression, you may wish to run a [`FULL` Postgres `VACUUM`](./maintenance-postgres.md#vacuuming-postgresql). diff --git a/docs/registering-users.md b/docs/registering-users.md index f722b3fff..acb86a908 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -70,8 +70,7 @@ If you're using the [Matrix Authentication Service](./configuring-playbook-matri # Example: `/matrix/matrix-authentication-service/bin/register-user john secret-password 1` ``` -This `register-user` script actually invokes the `mas-cli manage register-user` command under the hood. -If you'd like more control over the registration process, consider invoking the `mas-cli` command directly: +This `register-user` script actually invokes the `mas-cli manage register-user` command under the hood. If you'd like more control over the registration process, consider invoking the `mas-cli` command directly: ```sh /matrix/matrix-authentication-service/bin/mas-cli manage register-user --help From b35a4293d14c73e2c7fe80c3b972a4cdab78b578 Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Wed, 23 Oct 2024 00:07:40 +0300 Subject: [PATCH 172/404] synapse-admin v0.10.3-etke24: enable visual customization --- roles/custom/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index d4bbfdb0f..b90dfbf5f 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git" # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin -matrix_synapse_admin_version: v0.10.3-etke23 +matrix_synapse_admin_version: v0.10.3-etke24 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From 0751bdcd39bba3bcd3487d9943efa6a79392edd8 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 23 Oct 2024 06:39:59 +0000 Subject: [PATCH 173/404] Update docker.io/metio/matrix-alertmanager-receiver Docker tag to v2024.10.23 --- roles/custom/matrix-alertmanager-receiver/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml index 6006aa9f8..a78dfaf4b 100644 --- a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml +++ b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml @@ -6,7 +6,7 @@ matrix_alertmanager_receiver_enabled: true # renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver -matrix_alertmanager_receiver_version: 2024.10.16 +matrix_alertmanager_receiver_version: 2024.10.23 matrix_alertmanager_receiver_scheme: https From b30823745ce4878968e7ca8ee9a4c8dffe9c4e02 Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Wed, 23 Oct 2024 13:50:00 +0300 Subject: [PATCH 174/404] synapse-admin v0.10.3-etke25: fix room state events display --- roles/custom/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index b90dfbf5f..347e83e39 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git" # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin -matrix_synapse_admin_version: v0.10.3-etke24 +matrix_synapse_admin_version: v0.10.3-etke25 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From a2790d11d5496ef4c25303aabf63214290e6621f Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 23 Oct 2024 02:51:34 +0900 Subject: [PATCH 175/404] =?UTF-8?q?Fix=20capitalization:=20Dimension=20Int?= =?UTF-8?q?egration=20Manager=20=E2=86=92=20Dimension=20integration=20mana?= =?UTF-8?q?ger?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Based on https://github.com/turt2live/matrix-dimension > An open source integration manager for matrix clients, like Element. "Dimension" is one of the integration managers, and it is not something like Dimension Integration Manager, which could be abbreviated as DIM. Also: - Replace "integrations manager" with "integration manager" - Fix typos - Remove a line break Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 7 +++---- README.md | 2 +- docs/configuring-dns.md | 2 +- docs/configuring-playbook-bridge-appservice-webhooks.md | 2 +- docs/configuring-playbook-dimension.md | 2 +- docs/configuring-playbook-etherpad.md | 4 ++-- docs/configuring-playbook-jitsi.md | 2 +- docs/configuring-playbook.md | 2 +- docs/container-images.md | 2 +- docs/faq.md | 2 +- 10 files changed, 13 insertions(+), 14 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 21b59f9d6..c994cd861 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3197,10 +3197,9 @@ There's a new `matrix_nginx_proxy_data_path` variable, which has a different use # 2019-03-10 -## Dimension Integration Manager support +## Dimension integration manager support -Thanks to [NullIsNot0](https://github.com/NullIsNot0), the playbook can now (optionally) install the [Dimension](https://dimension.t2bot.io/) Integration Manager. -To learn more, see the [Setting up Dimension](docs/configuring-playbook-dimension.md) documentation page. +Thanks to [NullIsNot0](https://github.com/NullIsNot0), the playbook can now (optionally) install the [Dimension](https://dimension.t2bot.io/) integration manager. To learn more, see the [Setting up Dimension](docs/configuring-playbook-dimension.md) documentation page. # 2019-03-07 @@ -3527,7 +3526,7 @@ matrix_riot_web_integrations_widgets_urls: "https://scalar.vector.im/api" matrix_riot_web_integrations_jitsi_widget_url: "https://scalar.vector.im/api/widgets/jitsi.html" ``` -This now allows you use a custom integrations manager like [Dimesion](https://dimension.t2bot.io). For example, if you wish to use the Dimension instance hosted at dimension.t2bot.io, you can set the following in your vars.yml file: +This now allows you use a custom integration manager like [Dimension](https://dimension.t2bot.io). For example, if you wish to use the Dimension instance hosted at dimension.t2bot.io, you can set the following in your vars.yml file: ``` matrix_riot_web_integrations_ui_url: "https://dimension.t2bot.io/riot" diff --git a/README.md b/README.md index 65537bf42..58fc410d6 100644 --- a/README.md +++ b/README.md @@ -64,7 +64,7 @@ Services that run on the server to make the various parts of your installation w | [Let's Encrypt](https://letsencrypt.org/) | ✓ | Free SSL certificate, which secures the connection to all components | [Link](docs/configuring-playbook-ssl-certificates.md) | | [ma1sd](https://github.com/ma1uta/ma1sd) | x | Matrix Identity Server | [Link](docs/configuring-playbook-ma1sd.md) | [Exim](https://www.exim.org/) | ✓ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | [Link](docs/configuring-playbook-email.md) | -| [Dimension](https://github.com/turt2live/matrix-dimension) | x | An open source integrations manager for Matrix clients | [Link](docs/configuring-playbook-dimension.md) | +| [Dimension](https://github.com/turt2live/matrix-dimension) | x | An open source integration manager for Matrix clients | [Link](docs/configuring-playbook-dimension.md) | | [Sygnal](https://github.com/matrix-org/sygnal) | x | Push gateway | [Link](docs/configuring-playbook-sygnal.md) | | [ntfy](https://ntfy.sh) | x | Push notifications server | [Link](docs/configuring-playbook-ntfy.md) | diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 87a793ce1..e027b7f1b 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -57,7 +57,7 @@ As the table above illustrates, you need to create 2 subdomains (`matrix.example The `element.example.com` subdomain may be necessary, because this playbook installs the [Element](https://github.com/element-hq/element-web) web client for you. If you'd rather instruct the playbook not to install Element (`matrix_client_element_enabled: false` when [Configuring the playbook](configuring-playbook.md) later), feel free to skip the `element.example.com` DNS record. -The `dimension.example.com` subdomain may be necessary, because this playbook could install the [Dimension integrations manager](http://dimension.t2bot.io/) for you. The installation of Dimension is disabled by default, because it's only possible to install it after the other Matrix services are working (see [Setting up Dimension](configuring-playbook-dimension.md) later). If you do not wish to set up Dimension, feel free to skip the `dimension.example.com` DNS record. +The `dimension.example.com` subdomain may be necessary, because this playbook could install the [Dimension integration manager](http://dimension.t2bot.io/) for you. The installation of Dimension is disabled by default, because it's only possible to install it after the other Matrix services are working (see [Setting up Dimension integration manager](configuring-playbook-dimension.md) later). If you do not wish to set up Dimension, feel free to skip the `dimension.example.com` DNS record. The `jitsi.example.com` subdomain may be necessary, because this playbook could install the [Jitsi video-conferencing platform](https://jitsi.org/) for you. The installation of Jitsi is disabled by default, because it may be heavy and is not a core required component. To learn how to install it, see our [Jitsi](configuring-playbook-jitsi.md) guide. If you do not wish to set up Jitsi, feel free to skip the `jitsi.example.com` DNS record. diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md index 52a483b38..07fe99d8c 100644 --- a/docs/configuring-playbook-bridge-appservice-webhooks.md +++ b/docs/configuring-playbook-bridge-appservice-webhooks.md @@ -34,7 +34,7 @@ matrix_synapse_configuration_extension_yaml: | 4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. -5. If you're using the [Dimension Integration Manager](configuring-playbook-dimension.md), you can configure the Webhooks bridge by opening the Dimension integration manager -> Settings -> Bridges and selecting edit action for "Webhook Bridge". Press "Add self-hosted Bridge" button and populate "Provisioning URL" & "Shared Secret" values from `/matrix/appservice-webhooks/config/config.yaml` file's homeserver URL value and provisioning secret value, respectively. +5. If you're using the [Dimension integration manager](configuring-playbook-dimension.md), you can configure the Webhooks bridge by opening the Dimension integration manager -> Settings -> Bridges and selecting edit action for "Webhook Bridge". Press "Add self-hosted Bridge" button and populate "Provisioning URL" & "Shared Secret" values from `/matrix/appservice-webhooks/config/config.yaml` file's homeserver URL value and provisioning secret value, respectively. 6. Invite the bridge bot user to your room: diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index fb1f104c5..5d5a2b6a3 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -75,7 +75,7 @@ After configuring the playbook and potentially [adjusting your DNS records](#adj ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ``` -After Dimension has been installed you may need to log out and log back in for it to pick up the new integrations manager. Then you can access integrations in Element by opening a room, clicking the Room info button (`i`) button in the top right corner of the screen, and then clicking Add widgets, bridges & bots. +After Dimension has been installed you may need to log out and log back in for it to pick up the new integration manager. Then you can access integrations in Element by opening a room, clicking the Room info button (`i`) button in the top right corner of the screen, and then clicking Add widgets, bridges & bots. ## Jitsi domain diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 8a734a739..ea758afec 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -1,6 +1,6 @@ # Setting up Etherpad (optional) -[Etherpad](https://etherpad.org) is an open source collaborative text editor that can be embedded in a Matrix chat room using the [Dimension integrations manager](https://dimension.t2bot.io) or used as standalone web app. +[Etherpad](https://etherpad.org) is an open source collaborative text editor that can be embedded in a Matrix chat room using the [Dimension integration manager](https://dimension.t2bot.io) or used as standalone web app. When enabled together with the Jitsi audio/video conferencing system (see [our docs on Jitsi](configuring-playbook-jitsi.md)), it will be made available as an option during the conferences. @@ -60,7 +60,7 @@ If you want to manage and remove old unused pads from Etherpad, you will first n Then from the plugin manager page (`https://etherpad.example.com/admin/plugins`, install the `adminpads2` plugin. Once installed, you should have a "Manage pads" section in the Admin web-UI. -### How to use Etherpad widgets without an Integration Manager (like Dimension) +### How to use Etherpad widgets without an integration manager (like Dimension) This is how it works in Element, it might work quite similar with other clients: diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 346e2c332..3f71a0f1c 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -281,7 +281,7 @@ You can use the self-hosted Jitsi server in multiple ways: - **by adding a widget to a room via Element** (the one configured by the playbook at `https://element.example.com`). Just start a voice or a video call in a room containing more than 2 members and that would create a Jitsi widget which utilizes your self-hosted Jitsi server. -- **by adding a widget to a room via the Dimension Integration Manager**. You'll have to point the widget to your own Jitsi server manually. See our [Dimension](./configuring-playbook-dimension.md) documentation page for more details. Naturally, Dimension would need to be installed first (the playbook doesn't install it by default). +- **by adding a widget to a room via the Dimension integration manager**. You'll have to point the widget to your own Jitsi server manually. See our [Dimension integration manager](./configuring-playbook-dimension.md) documentation page for more details. Naturally, Dimension would need to be installed first (the playbook doesn't install it by default). - **directly (without any Matrix integration)**. Just go to `https://jitsi.example.com` diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 6a4874177..17007da1f 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -33,7 +33,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Additional useful services -- [Setting up the Dimension Integration Manager](configuring-playbook-dimension.md) (optional; [unmaintained](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2806#issuecomment-1673559299); after [installing](installing.md)) +- [Setting up the Dimension integration manager](configuring-playbook-dimension.md) (optional; [unmaintained](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2806#issuecomment-1673559299); after [installing](installing.md)) - [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) (optional) diff --git a/docs/container-images.md b/docs/container-images.md index 9fafbc976..60ddcde1e 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -84,7 +84,7 @@ These services are not part of our default installation, but can be enabled by [ - [icewind1991/mx-puppet-steam](https://hub.docker.com/r/icewind1991/mx-puppet-steam) - the [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) bridge to [Steam](https://steampowered.com) (optional) -- [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) - the [Dimension](https://dimension.t2bot.io/) integrations manager (optional) +- [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) - the [Dimension](https://dimension.t2bot.io/) integration manager (optional) - [jitsi/web](https://hub.docker.com/r/jitsi/web) - the [Jitsi](https://jitsi.org/) web UI (optional) diff --git a/docs/faq.md b/docs/faq.md index 05f1d3932..cbd210868 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -96,7 +96,7 @@ The problem with a manual installation is: - Synapse requires a [Postgres](https://www.postgresql.org/) database (it can run on SQLite, but that's very much discouraged). So you'd need to install Postgres as well. - you may also need a reverse-proxy server in front of it (nginx, Apache), so you'd need to be familiar with that - SSL is required, so you'd need to obtain Let's Encrypt (or other free or non-free) certificates for one or more domain names. You'd need to be familiar with [certbot](https://certbot.eff.org/) (when using Let's Encrypt) or similar software. -- for each additional component you'd like to add (client like [Element](https://element.io), bridge to some other chat network, Integration Manager (sitckers, other services), Identity Manager, etc.), you'll need to spend extra time installing and wiring it with the rest of the system in a way that works. +- for each additional component you'd like to add (client like [Element](https://element.io), bridge to some other chat network, integration manager (stickers, other services, Identity Manager, etc.), you'll need to spend extra time installing and wiring it with the rest of the system in a way that works. - you'll likely get slower updates for all of these components, depending on your distro packaging or your own time and ability The playbook, on the other hand, installs a bunch of components for you by default, obtains SSL certificates for you, etc. If you'd like, you can enable various bridges and other services with very little effort. All the components are wired to work together. From 4bdbbd9e94cd9436aed0c62f8da8b643335f3f2b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 9 Oct 2024 01:02:55 +0900 Subject: [PATCH 176/404] docs/configuring-playbook-mautrix-bridges.md: fix periods Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-mautrix-bridges.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-mautrix-bridges.md b/docs/configuring-playbook-mautrix-bridges.md index ef8d21c8a..1747b079a 100644 --- a/docs/configuring-playbook-mautrix-bridges.md +++ b/docs/configuring-playbook-mautrix-bridges.md @@ -122,7 +122,7 @@ If you have issues with a service, and are requesting support, the higher levels You then need to start a chat with `@SERVICENAMEbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). -Send `login ` to the bridge bot to get started You can learn more here about authentication from the bridge's official documentation on Authentication https://docs.mau.fi/bridges/python/SERVICENAME/authentication.html . +Send `login` to the bridge bot to get started. You can learn more here about authentication from the bridge's official documentation on Authentication: https://docs.mau.fi/bridges/python/SERVICENAME/authentication.html If you run into trouble, check the [Troubleshooting](#troubleshooting) section below. From 9f372d9058ebb666d08815d67f2dbb63105366b2 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 23 Oct 2024 03:47:52 +0900 Subject: [PATCH 177/404] Consistent usage of the words related to BorgBackup (Borg) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In order to avoid confusions between the name of the program itself (BorgBackup and Borg in short) and the backups managed by BorgBackup, the official full name should be preferred where possible, minding capitalization. - Borg or borg → BorgBackup - Borg backup(s) → BorgBackup (if it means the program) / backups with BorgBackup (if it means the backups managed by the program) Based on https://www.borgbackup.org/ Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 8 ++++---- YEAR-IN-REVIEW.md | 2 +- docs/configuring-playbook-backup-borg.md | 14 +++++++------- docs/configuring-playbook-postgres-backup.md | 2 +- docs/configuring-playbook.md | 2 +- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c994cd861..9b9e5cc86 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1021,9 +1021,9 @@ You need to **update your roles** (`just roles` or `make roles`) regardless of w **TLDR**: the `matrix-backup-borg` role is now included from another repository. Some variables have been renamed. All functionality remains intact. -Thanks to [moan0s](https://github.com/moan0s), the `matrix-backup-borg` role (which configures [Borg backups](docs/configuring-playbook-backup-borg.md)) has been extracted from the playbook and now lives in its [own repository](https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg). This makes it possible to easily use it in other Ansible playbooks and will become part of [nextcloud-docker-ansible-deploy](https://github.com/spantaleev/nextcloud-docker-ansible-deploy) soon. +Thanks to [moan0s](https://github.com/moan0s), the `matrix-backup-borg` role (which configures [BorgBackup](docs/configuring-playbook-backup-borg.md)) has been extracted from the playbook and now lives in its [own repository](https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg). This makes it possible to easily use it in other Ansible playbooks and will become part of [nextcloud-docker-ansible-deploy](https://github.com/spantaleev/nextcloud-docker-ansible-deploy) soon. -You need to **update your roles** (`just roles` or `make roles`) regardless of whether you're enabling Borg backup functionality or not. If you're making use of Borg backups via this playbook, you will need to update variable references in your `vars.yml` file (`matrix_backup_borg_` -> `backup_borg_`). +You need to **update your roles** (`just roles` or `make roles`) regardless of whether you're enabling Borg's backup functionality or not. If you're making use of BorgBackup via this playbook, you will need to update variable references in your `vars.yml` file (`matrix_backup_borg_` -> `backup_borg_`). # 2023-02-12 @@ -1775,11 +1775,11 @@ See our [Setting up matrix-registration-bot](docs/configuring-playbook-bot-matri # 2022-04-19 -## Borg backup support +## BorgBackup support Thanks to [Aine](https://gitlab.com/etke.cc) of [etke.cc](https://etke.cc/), the playbook can now set up [Borg](https://www.borgbackup.org/) backups with [borgmatic](https://torsion.org/borgmatic/) of your Matrix server. -See our [Setting up borg backup](docs/configuring-playbook-backup-borg.md) documentation to get started. +See our [Setting up BorgBackup](docs/configuring-playbook-backup-borg.md) documentation to get started. ## (Compatibility Break) Upgrading to Synapse v1.57 on setups using workers may require manual action diff --git a/YEAR-IN-REVIEW.md b/YEAR-IN-REVIEW.md index ab689b9d3..509aeb62c 100644 --- a/YEAR-IN-REVIEW.md +++ b/YEAR-IN-REVIEW.md @@ -84,7 +84,7 @@ Support for the following new **bots** was added: Support for the following new **components and services** was added: -* [Borg backup](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/ba09705f7fbaf0108652ecbe209793b1d935eba7/CHANGELOG.md#borg-backup-support) +* [BorgBackup](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/ba09705f7fbaf0108652ecbe209793b1d935eba7/CHANGELOG.md#borg-backup-support) * [Cactus Comments](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/ba09705f7fbaf0108652ecbe209793b1d935eba7/CHANGELOG.md#cactus-comments-support) * [Cinny](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/ba09705f7fbaf0108652ecbe209793b1d935eba7/CHANGELOG.md#cinny-support) client support * [ntfy](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/ba09705f7fbaf0108652ecbe209793b1d935eba7/CHANGELOG.md#ntfy-push-notifications-support) notifications diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 7d68bd1ce..416b79093 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -1,14 +1,14 @@ -# Setting up borg backup (optional) +# Setting up BorgBackup (optional) -The playbook can install and configure [borgbackup](https://www.borgbackup.org/) with [borgmatic](https://torsion.org/borgmatic/) for you. +The playbook can install and configure [BorgBackup](https://www.borgbackup.org/) (short: Borg) with [borgmatic](https://torsion.org/borgmatic/) for you. BorgBackup is a deduplicating backup program with optional compression and encryption. That means your daily incremental backups can be stored in a fraction of the space and is safe whether you store it at home or on a cloud service. -You will need a remote server where borg will store the backups. There are hosted, borg compatible solutions available, such as [BorgBase](https://www.borgbase.com). +You will need a remote server where BorgBackup will store the backups. There are hosted, BorgBackup compatible solutions available, such as [BorgBase](https://www.borgbase.com). The backup will run based on `backup_borg_schedule` var (systemd timer calendar), default: 4am every day. -By default, if you're using the integrated Postgres database server (as opposed to [an external Postgres server](configuring-playbook-external-postgres.md)), Borg backups will also include dumps of your Postgres database. An alternative solution for backing up the Postgres database is [postgres backup](configuring-playbook-postgres-backup.md). If you decide to go with another solution, you can disable Postgres-backup support for Borg using the `backup_borg_postgresql_enabled` variable. +By default, if you're using the integrated Postgres database server (as opposed to [an external Postgres server](configuring-playbook-external-postgres.md)), backups with BorgBackup will also include dumps of your Postgres database. An alternative solution for backing up the Postgres database is [postgres backup](configuring-playbook-postgres-backup.md). If you decide to go with another solution, you can disable Postgres-backup support for BorgBackup using the `backup_borg_postgresql_enabled` variable. ## Prerequisites @@ -21,7 +21,7 @@ ssh-keygen -t ed25519 -N '' -f matrix-borg-backup -C matrix This can be done on any machine and you don't need to place the key in the `.ssh` folder. It will be added to the Ansible config later. -2. Add the **public** part of this SSH key (the `matrix-borg-backup.pub` file) to your borg provider/server: +2. Add the **public** part of this SSH key (the `matrix-borg-backup.pub` file) to your BorgBackup provider/server: If you plan to use a hosted solution, follow their instructions. If you have your own server, copy the key over: @@ -35,7 +35,7 @@ cat PUBKEY | ssh USER@HOST 'dd of=.ssh/authorized_keys oflag=append conv=notrunc ## Adjusting the playbook configuration -Minimal working configuration (`inventory/host_vars/matrix.example.com/vars.yml`) to enable borg backup: +Minimal working configuration (`inventory/host_vars/matrix.example.com/vars.yml`) to enable BorgBackup: ```yaml backup_borg_enabled: true @@ -56,7 +56,7 @@ where: * USER - SSH user of a provider/server * HOST - SSH host of a provider/server -* REPO - borg repository name, it will be initialized on backup start, eg: `matrix`, regarding Syntax see [Remote repositories](https://borgbackup.readthedocs.io/en/stable/usage/general.html#repository-urls) +* REPO - BorgBackup repository name, it will be initialized on backup start, eg: `matrix`, regarding Syntax see [Remote repositories](https://borgbackup.readthedocs.io/en/stable/usage/general.html#repository-urls) * PASSPHRASE - passphrase used for encrypting backups, you may generate it with `pwgen -s 64 1` or use any password manager * PRIVATE KEY - the content of the **private** part of the SSH key you created before. The whole key (all of its belonging lines) under `backup_borg_ssh_key_private` needs to be indented with 2 spaces diff --git a/docs/configuring-playbook-postgres-backup.md b/docs/configuring-playbook-postgres-backup.md index dfb31ba13..109cf8c20 100644 --- a/docs/configuring-playbook-postgres-backup.md +++ b/docs/configuring-playbook-postgres-backup.md @@ -2,7 +2,7 @@ The playbook can install and configure [docker-postgres-backup-local](https://github.com/prodrigestivill/docker-postgres-backup-local) for you via the [ansible-role-postgres-backup](https://github.com/mother-of-all-self-hosting/ansible-role-postgres-backup) Ansible role. -For a more complete backup solution (one that includes not only Postgres, but also other configuration/data files), you may wish to look into [borg backup](configuring-playbook-backup-borg.md) instead. +For a more complete backup solution (one that includes not only Postgres, but also other configuration/data files), you may wish to look into [BorgBackup](configuring-playbook-backup-borg.md) instead. ## Adjusting the playbook configuration diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 17007da1f..f0d3dc858 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -215,7 +215,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Backups -- [Setting up borg backup](configuring-playbook-backup-borg.md) - a full Matrix server backup solution, including the Postgres database (optional) +- [Setting up BorgBackup](configuring-playbook-backup-borg.md) - a full Matrix server backup solution, including the Postgres database (optional) - [Setting up postgres backup](configuring-playbook-postgres-backup.md) - a Postgres-database backup solution (note: does not include other files) (optional) From 70e4320edafb53e5d3d6285eff66942ad901ed1a Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 23 Oct 2024 03:18:25 +0900 Subject: [PATCH 178/404] =?UTF-8?q?Fix=20capitalization:=20Sliding=20Sync?= =?UTF-8?q?=20Proxy=20=E2=86=92=20Sliding=20Sync=20proxy?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Based on MSC3575 Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 4 ++-- YEAR-IN-REVIEW.md | 2 +- docs/configuring-playbook-sliding-sync-proxy.md | 6 +++--- docs/configuring-playbook.md | 2 +- roles/custom/matrix-sliding-sync/defaults/main.yml | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9b9e5cc86..d03d59b95 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -870,13 +870,13 @@ See our [Setting up synapse-auto-compressor](docs/configuring-playbook-synapse-a # 2023-03-07 -## Sliding Sync Proxy (Element X) support +## Sliding Sync proxy (Element X) support Thanks to [Benjamin Kampmann](https://github.com/gnunicorn) for [getting it started](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2515), [FSG-Cat](https://github.com/FSG-Cat) for fixing it up and me ([Slavi](https://github.com/spantaleev)) for polishing it up, the playbook can now install and configure the [sliding-sync proxy](https://github.com/matrix-org/sliding-sync). The upcoming Element X clients ([Element X iOS](https://github.com/vector-im/element-x-ios) and [Element X Android](https://github.com/vector-im/element-x-android)) require the `sliding-sync` proxy to do their job. **These clients are still in beta** (especially Element X Android, which requires manual compilation to get it working with a non-`matrix.org` homeseserver). Playbook users can now easily give these clients a try and help test them thanks to us having `sliding-sync` support. -To get started, see our [Setting up Sliding Sync Proxy](docs/configuring-playbook-sliding-sync-proxy.md) documentation page. +To get started, see our [Setting up Sliding Sync proxy](docs/configuring-playbook-sliding-sync-proxy.md) documentation page. # 2023-03-02 diff --git a/YEAR-IN-REVIEW.md b/YEAR-IN-REVIEW.md index 509aeb62c..b1b7c70c5 100644 --- a/YEAR-IN-REVIEW.md +++ b/YEAR-IN-REVIEW.md @@ -34,7 +34,7 @@ A few other **major components and changes** landed in 2023: * (2023-02-10) The [Draupnir](https://github.com/the-draupnir-project/Draupnir) moderation tool (successor to [Mjolnir](https://github.com/matrix-org/mjolnir)), thanks to a PR by [FSG-Cat](https://github.com/FSG-Cat) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#draupnir-moderation-tool-bot-support)) * (2023-02-10) [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) to add Matrix Authentication Support to our Jitsi setup, thanks to a PR by [Jakob S.](https://github.com/jakicoll) from [zakk gGmbH](https://github.com/zakk-it) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#matrix-authentication-support-for-jitsi)) * (2023-02-25) The [Rageshake](https://github.com/matrix-org/rageshake) bug report server, thanks to a PR by [Benjamin Kampmann](https://github.com/gnunicorn) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#rageshake-support)) -* (2023-03-07) [Sliding Sync Proxy](https://github.com/matrix-org/sliding-sync) (currently a necessary component for [Element X](https://element.io/labs/element-x) to work), thanks to: [Benjamin Kampmann](https://github.com/gnunicorn) and [FSG-Cat](https://github.com/FSG-Cat) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#sliding-sync-proxy-element-x-support)) +* (2023-03-07) [Sliding Sync proxy](https://github.com/matrix-org/sliding-sync) (currently a necessary component for [Element X](https://element.io/labs/element-x) to work), thanks to: [Benjamin Kampmann](https://github.com/gnunicorn) and [FSG-Cat](https://github.com/FSG-Cat) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#sliding-sync-proxy-element-x-support)) * (2023-03-12) synapse-auto-compressor to periodically and automatically run [rust-synapse-compress-state](https://github.com/matrix-org/rust-synapse-compress-state), thanks to a PR by [Aine](https://gitlab.com/etke.cc) from [etke.cc](https://etke.cc/) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#synapse-auto-compressor-support)) * (2023-07-17) [matrix-media-repo](https://github.com/turt2live/matrix-media-repo),  thanks to a PR by [Michael Hollister](https://github.com/Michael-Hollister) from [FUTO](https://www.futo.org/), the creators of the [Circles app](https://circu.li/) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#matrix-media-repo-support)) * (2023-08-31) [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) client app (fork of [element-web)](https://github.com/element-hq/element-web), thanks to a PR by [Aine](https://gitlab.com/etke.cc) from [etke.cc](https://etke.cc/) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#schildichat-support)) diff --git a/docs/configuring-playbook-sliding-sync-proxy.md b/docs/configuring-playbook-sliding-sync-proxy.md index 2303fd4e2..5754a5e9a 100644 --- a/docs/configuring-playbook-sliding-sync-proxy.md +++ b/docs/configuring-playbook-sliding-sync-proxy.md @@ -1,4 +1,4 @@ -# Setting up Sliding Sync Proxy (optional) +# Setting up Sliding Sync proxy (optional) The playbook can install and configure [sliding-sync](https://github.com/matrix-org/sliding-sync) proxy for you. @@ -60,8 +60,8 @@ matrix_sliding_sync_database_name: 'matrix_sliding_sync' ## Usage -You **don't need to do anything special** to make use of the Sliding Sync Proxy. Simply open your client which supports Sliding Sync (like Element X) and log in. +You **don't need to do anything special** to make use of the Sliding Sync proxy. Simply open your client which supports Sliding Sync (like Element X) and log in. When the Sliding Sync proxy is [installed](#installing), your `/.well-known/matrix/client` file is also updated. A new `org.matrix.msc3575.proxy` section and `url` property are added there and made to point to your Sliding Sync proxy's base URL (e.g. `https://matrix.example.com/sliding-sync`). -This allows clients which support Sliding Sync to detect the Sliding Sync Proxy's URL and make use of it. +This allows clients which support Sliding Sync to detect the Sliding Sync proxy's URL and make use of it. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index f0d3dc858..95817bb4f 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -224,7 +224,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up synapse-auto-compressor](configuring-playbook-synapse-auto-compressor.md) for compressing the database on Synapse homeservers (optional) -- [Setting up the Sliding Sync Proxy](configuring-playbook-sliding-sync-proxy.md) for clients which require Sliding Sync support (like Element X) (optional) +- [Setting up the Sliding Sync proxy](configuring-playbook-sliding-sync-proxy.md) for clients which require Sliding Sync support (like Element X) (optional) - [Setting up the Sygnal push gateway](configuring-playbook-sygnal.md) (optional) diff --git a/roles/custom/matrix-sliding-sync/defaults/main.yml b/roles/custom/matrix-sliding-sync/defaults/main.yml index 81e5a44a2..adc6312ac 100644 --- a/roles/custom/matrix-sliding-sync/defaults/main.yml +++ b/roles/custom/matrix-sliding-sync/defaults/main.yml @@ -1,6 +1,6 @@ --- -# Sliding Sync Proxy is an implementation of MSC3575 for the new sliding sync +# Sliding Sync proxy is an implementation of MSC3575 for the new sliding sync # Project source code URL: https://github.com/matrix-org/sliding-sync matrix_sliding_sync_enabled: true From 6dff60e7a472cb7a33590d0a56007a26fb4f5776 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 23 Oct 2024 03:28:18 +0900 Subject: [PATCH 179/404] =?UTF-8?q?Fix=20capitalization:=20Rageshake=20?= =?UTF-8?q?=E2=86=92=20rageshake?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Based on https://github.com/matrix-org/rageshake Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 6 +++--- README.md | 2 +- YEAR-IN-REVIEW.md | 2 +- docs/configuring-dns.md | 4 ++-- docs/configuring-playbook-rageshake.md | 14 +++++++------- docs/configuring-playbook.md | 2 +- roles/custom/matrix-rageshake/defaults/main.yml | 2 +- .../matrix-rageshake/templates/config.yml.j2 | 2 +- .../templates/systemd/matrix-rageshake.service.j2 | 2 +- 9 files changed, 18 insertions(+), 18 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d03d59b95..84c5b1722 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -972,11 +972,11 @@ We recommend that you follow the guide for [Fronting the integrated reverse-prox # 2023-02-25 -## Rageshake support +## rageshake support -Thanks to [Benjamin Kampmann](https://github.com/gnunicorn), the playbook can now install and configure the [Rageshake](https://github.com/matrix-org/rageshake) bug report server. +Thanks to [Benjamin Kampmann](https://github.com/gnunicorn), the playbook can now install and configure the [rageshake](https://github.com/matrix-org/rageshake) bug report server. -Additional details are available in [Setting up Rageshake](docs/configuring-playbook-rageshake.md). +Additional details are available in [Setting up rageshake](docs/configuring-playbook-rageshake.md). # 2023-02-17 diff --git a/README.md b/README.md index 58fc410d6..50a4cbaea 100644 --- a/README.md +++ b/README.md @@ -155,7 +155,7 @@ Services that help you in administrating and monitoring your Matrix installation | [synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) | x | A web UI tool for administrating users and rooms on your Matrix server | [Link](docs/configuring-playbook-synapse-admin.md) | | Metrics and Graphs | x | Consists of the [Prometheus](https://prometheus.io) time-series database server, the Prometheus [node-exporter](https://prometheus.io/docs/guides/node-exporter/) host metrics exporter, and the [Grafana](https://grafana.com/) web UI | [Link](docs/configuring-playbook-prometheus-grafana.md) | | [Borg](https://borgbackup.org) | x | Backups | [Link](docs/configuring-playbook-backup-borg.md) | -| [Rageshake](https://github.com/matrix-org/rageshake) | x | Bug report server | [Link](docs/configuring-playbook-rageshake.md) | +| [rageshake](https://github.com/matrix-org/rageshake) | x | Bug report server | [Link](docs/configuring-playbook-rageshake.md) | | [synapse-usage-exporter](https://github.com/loelkes/synapse-usage-exporter) | x | Export the usage statistics of a Synapse homeserver to be scraped by Prometheus. | [Link](docs/configuring-playbook-synapse-usage-exporter.md) | ### Misc diff --git a/YEAR-IN-REVIEW.md b/YEAR-IN-REVIEW.md index b1b7c70c5..3c756e81b 100644 --- a/YEAR-IN-REVIEW.md +++ b/YEAR-IN-REVIEW.md @@ -33,7 +33,7 @@ A few other **major components and changes** landed in 2023: * (2023-02-10) The [Draupnir](https://github.com/the-draupnir-project/Draupnir) moderation tool (successor to [Mjolnir](https://github.com/matrix-org/mjolnir)), thanks to a PR by [FSG-Cat](https://github.com/FSG-Cat) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#draupnir-moderation-tool-bot-support)) * (2023-02-10) [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) to add Matrix Authentication Support to our Jitsi setup, thanks to a PR by [Jakob S.](https://github.com/jakicoll) from [zakk gGmbH](https://github.com/zakk-it) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#matrix-authentication-support-for-jitsi)) -* (2023-02-25) The [Rageshake](https://github.com/matrix-org/rageshake) bug report server, thanks to a PR by [Benjamin Kampmann](https://github.com/gnunicorn) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#rageshake-support)) +* (2023-02-25) The [rageshake](https://github.com/matrix-org/rageshake) bug report server, thanks to a PR by [Benjamin Kampmann](https://github.com/gnunicorn) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#rageshake-support)) * (2023-03-07) [Sliding Sync proxy](https://github.com/matrix-org/sliding-sync) (currently a necessary component for [Element X](https://element.io/labs/element-x) to work), thanks to: [Benjamin Kampmann](https://github.com/gnunicorn) and [FSG-Cat](https://github.com/FSG-Cat) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#sliding-sync-proxy-element-x-support)) * (2023-03-12) synapse-auto-compressor to periodically and automatically run [rust-synapse-compress-state](https://github.com/matrix-org/rust-synapse-compress-state), thanks to a PR by [Aine](https://gitlab.com/etke.cc) from [etke.cc](https://etke.cc/) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#synapse-auto-compressor-support)) * (2023-07-17) [matrix-media-repo](https://github.com/turt2live/matrix-media-repo),  thanks to a PR by [Michael Hollister](https://github.com/Michael-Hollister) from [FUTO](https://www.futo.org/), the creators of the [Circles app](https://circu.li/) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#matrix-media-repo-support)) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index e027b7f1b..605da4182 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -43,7 +43,7 @@ When you're done configuring DNS, proceed to [Configuring the playbook](configur | [SchildiChat](configuring-playbook-client-schildichat.md) web client | CNAME | `schildichat` | - | - | - | `matrix.example.com` | | [wsproxy](configuring-playbook-bridge-mautrix-wsproxy.md) sms bridge | CNAME | `wsproxy` | - | - | - | `matrix.example.com` | | [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.example.com` | -| [Rageshake](docs/configuring-playbook-rageshake.md) bug report server | CNAME | `rageshake` | - | - | - | `matrix.example.com` | +| [rageshake](docs/configuring-playbook-rageshake.md) bug report server | CNAME | `rageshake` | - | - | - | `matrix.example.com` | | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | MX | `matrix` | 10 | 0 | - | `matrix.example.com` | | [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | | [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | @@ -81,7 +81,7 @@ The `wsproxy.example.com` subdomain may be necessary, because this playbook coul The `buscarron.example.com` subdomain may be necessary, because this playbook could install the [buscarron](https://github.com/etkecc/buscarron) bot. The installation of buscarron is disabled by default, it is not a core required component. To learn how to install it, see our [configuring buscarron guide](configuring-playbook-bot-buscarron.md). If you do not wish to set up buscarron, feel free to skip the `buscarron.example.com` DNS record. -The `rageshake.example.com` subdomain may be necessary, because this playbook could install the [rageshake](https://github.com/matrix-org/rageshake) bug report server. The installation of Rageshake is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Rageshake guide](configuring-playbook-rageshake.md). If you do not wish to set up Rageshake, feel free to skip the `rageshake.example.com` DNS record. +The `rageshake.example.com` subdomain may be necessary, because this playbook could install the [rageshake](https://github.com/matrix-org/rageshake) bug report server. The installation of rageshake is disabled by default, it is not a core required component. To learn how to install it, see our [configuring rageshake guide](configuring-playbook-rageshake.md). If you do not wish to set up rageshake, feel free to skip the `rageshake.example.com` DNS record. ## `_matrix-identity._tcp` SRV record setup diff --git a/docs/configuring-playbook-rageshake.md b/docs/configuring-playbook-rageshake.md index 154949499..e43114459 100644 --- a/docs/configuring-playbook-rageshake.md +++ b/docs/configuring-playbook-rageshake.md @@ -1,4 +1,4 @@ -# Setting up Rageshake (optional) +# Setting up rageshake (optional) The playbook can install and configure the [rageshake](https://github.com/matrix-org/rageshake) bug report server for you. @@ -6,13 +6,13 @@ This is useful if you're developing your own applications and would like to coll ## Adjusting the playbook configuration -To enable Rageshake, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable rageshake, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_rageshake_enabled: true ``` -Rageshake has various options which don't have dedicated Ansible variables. You can see the full list of options in the [`rageshake.sample.yaml` file](https://github.com/matrix-org/rageshake/blob/master/rageshake.sample.yaml). +rageshake has various options which don't have dedicated Ansible variables. You can see the full list of options in the [`rageshake.sample.yaml` file](https://github.com/matrix-org/rageshake/blob/master/rageshake.sample.yaml). To set these, you can make use of the `matrix_rageshake_configuration_extension_yaml` variable like this: @@ -24,9 +24,9 @@ matrix_rageshake_configuration_extension_yaml: | my-app: octocat/HelloWorld ``` -### Adjusting the Rageshake URL +### Adjusting the rageshake URL -By default, this playbook installs Rageshake on the `rageshake.` subdomain (`rageshake.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). +By default, this playbook installs rageshake on the `rageshake.` subdomain (`rageshake.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). By tweaking the `matrix_rageshake_hostname` and `matrix_rageshake_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. @@ -34,7 +34,7 @@ Example additional configuration for your `inventory/host_vars/matrix.example.co ```yaml # Switch to the domain used for Matrix services (`matrix.example.com`), -# so we won't need to add additional DNS records for Rageshake. +# so we won't need to add additional DNS records for rageshake. matrix_rageshake_hostname: "{{ matrix_server_fqn_matrix }}" # Expose under the /rageshake subpath @@ -43,7 +43,7 @@ matrix_rageshake_path_prefix: /rageshake ## Adjusting DNS records -Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Rageshake domain to the Matrix server. +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the rageshake domain to the Matrix server. By default, you will need to create a CNAME record for `rageshake`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 95817bb4f..f85201e26 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -232,6 +232,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up a Cactus Comments server](configuring-playbook-cactus-comments.md) - a federated comment system built on Matrix (optional) -- [Setting up the Rageshake bug report server](configuring-playbook-rageshake.md) (optional) +- [Setting up the rageshake bug report server](configuring-playbook-rageshake.md) (optional) - [Setting up Prometheus Alertmanager integration via matrix-alertmanager-receiver](configuring-playbook-alertmanager-receiver.md) (optional) diff --git a/roles/custom/matrix-rageshake/defaults/main.yml b/roles/custom/matrix-rageshake/defaults/main.yml index bbd271ec0..77caeab1b 100644 --- a/roles/custom/matrix-rageshake/defaults/main.yml +++ b/roles/custom/matrix-rageshake/defaults/main.yml @@ -88,7 +88,7 @@ matrix_rageshake_systemd_wanted_services_list: [] matrix_rageshake_config_api_prefix: "{{ matrix_rageshake_scheme }}://{{ matrix_rageshake_hostname }}{{ matrix_rageshake_path_prefix }}{{ '' if matrix_rageshake_path_prefix == '/' else '/' }}api/" -# Default Rageshake configuration template which covers the generic use case. +# Default rageshake configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # # For a more advanced customization, you can extend the default (see `matrix_rageshake_configuration_extension_yaml`) diff --git a/roles/custom/matrix-rageshake/templates/config.yml.j2 b/roles/custom/matrix-rageshake/templates/config.yml.j2 index 6b0c2664d..6790f2938 100644 --- a/roles/custom/matrix-rageshake/templates/config.yml.j2 +++ b/roles/custom/matrix-rageshake/templates/config.yml.j2 @@ -1,4 +1,4 @@ -# Default configuration for Rageshake. +# Default configuration for rageshake. # To extend it, use `matrix_rageshake_configuration_extension_yaml`. api_prefix: {{ matrix_rageshake_config_api_prefix | to_json }} diff --git a/roles/custom/matrix-rageshake/templates/systemd/matrix-rageshake.service.j2 b/roles/custom/matrix-rageshake/templates/systemd/matrix-rageshake.service.j2 index 53857b53c..9abaf3db5 100644 --- a/roles/custom/matrix-rageshake/templates/systemd/matrix-rageshake.service.j2 +++ b/roles/custom/matrix-rageshake/templates/systemd/matrix-rageshake.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Rageshake Service +Description=Matrix rageshake Service {% for service in matrix_rageshake_systemd_required_services_list %} Requires={{ service }} After={{ service }} From 823a911361b38078397b02c6e5e33eac3fbff1e3 Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Thu, 24 Oct 2024 14:14:17 +0300 Subject: [PATCH 180/404] Update configuring-playbook-synapse-admin.md - add community room link --- docs/configuring-playbook-synapse-admin.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-synapse-admin.md b/docs/configuring-playbook-synapse-admin.md index 27003b528..7fc76433e 100644 --- a/docs/configuring-playbook-synapse-admin.md +++ b/docs/configuring-playbook-synapse-admin.md @@ -1,6 +1,6 @@ # Setting up Synapse Admin (optional) -The playbook can install and configure [etkecc/synapse-admin](https://github.com/etkecc/synapse-admin) (a [feature-rich](https://github.com/etkecc/synapse-admin#fork-differences) fork of [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologies/synapse-admin)) for you. +The playbook can install and configure [etkecc/synapse-admin](https://github.com/etkecc/synapse-admin) (a [feature-rich](https://github.com/etkecc/synapse-admin#fork-differences) fork of [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologies/synapse-admin), community room: [#synapse-admin:etke.cc](https://matrix.to/#/#synapse-admin:etke.cc)) for you. synapse-admin is a web UI tool you can use to **administrate users, rooms, media, etc. on your Matrix server**. It's designed to work with the Synapse homeserver implementation and WON'T work with Dendrite because [Dendrite Admin API](https://matrix-org.github.io/dendrite/administration/adminapi) differs from [Synapse Admin API](https://element-hq.github.io/synapse/latest/usage/administration/admin_api/). From 3e3ac1178034cc9dc6af1ee6e486e180bcd48936 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 23 Oct 2024 02:43:03 +0900 Subject: [PATCH 181/404] Fix the title of docs/configuring-playbook-traefik.md Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-traefik.md | 2 +- docs/configuring-playbook.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-traefik.md b/docs/configuring-playbook-traefik.md index de860cef8..019265b16 100644 --- a/docs/configuring-playbook-traefik.md +++ b/docs/configuring-playbook-traefik.md @@ -1,4 +1,4 @@ -# Configure Traefik (optional, advanced) +# Configuring the Traefik reverse-proxy (optional, advanced) By default, this playbook installs and manages a [Traefik](https://doc.traefik.io/traefik/) reverse-proxy server, powered by the [ansible-role-traefik](https://github.com/mother-of-all-self-hosting/ansible-role-traefik) Ansible role. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index f85201e26..9fc053b84 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -66,7 +66,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Serving your base domain using this playbook's nginx server](configuring-playbook-base-domain-serving.md) (optional) -- [Configure the Traefik reverse-proxy](configuring-playbook-traefik.md) (optional, advanced) +- [Configuring the Traefik reverse-proxy](configuring-playbook-traefik.md) (optional, advanced) - [Using your own webserver, instead of this playbook's default reverse-proxy](configuring-playbook-own-webserver.md) (optional, advanced) From 17a20dca1e21cf621279ce2ee7360768450537c3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 25 Oct 2024 09:34:41 +0300 Subject: [PATCH 182/404] Make it more obvious that the Synapse OIDC config needs to go when using MAS --- ...guring-playbook-matrix-authentication-service.md | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index d6ddf5144..5ab1caca5 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -261,7 +261,11 @@ matrix_authentication_service_config_upstream_oauth2_providers: ⚠ The syntax for existing [OIDC providers configured in Synapse](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on) is slightly different, so you will need to adjust your configuration when switching from Synapse OIDC to MAS upstream OAuth2. -⚠ When [migrating an existing homeserver](#migrating-an-existing-homeserver-to-matrix-authentication-service) which contains OIDC-sourced users, you will need to [Configure upstream OIDC provider mapping for syn2mas](#configuring-upstream-oidc-provider-mapping-for-syn2mas). +⚠ When [migrating an existing homeserver](#migrating-an-existing-homeserver-to-matrix-authentication-service) which contains OIDC-sourced users, you will need to: + +- [Configure upstream OIDC provider mapping for syn2mas](#configuring-upstream-oidc-provider-mapping-for-syn2mas) +- go through the [migrating an existing homeserver](#migrating-an-existing-homeserver-to-matrix-authentication-service) process +- remove all Synapse OIDC-related configuration (`matrix_synapse_oidc_*`) to prevent it being in conflict with the MAS OIDC configuration ## Adjusting DNS records @@ -272,6 +276,7 @@ See [Configuring DNS](configuring-dns.md) for details about DNS changes. If you've decided to use the default hostname, you won't need to do any extra DNS configuration. + ## Installing Now that you've [adjusted the playbook configuration](#adjusting-the-playbook-configuration) and [your DNS records](#adjusting-dns-records), you can run the [installation](installing.md) command: `just install-all` @@ -305,7 +310,11 @@ The installation + migration steps are like this: 4. [Migrate your data from Synapse to Matrix Authentication Service using syn2mas](#migrate-your-data-from-synapse-to-matrix-authentication-service-using-syn2mas) -5. [Adjust your configuration](#adjusting-the-playbook-configuration) again, removing the `matrix_authentication_service_migration_in_progress: false` line +5. [Adjust your configuration](#adjusting-the-playbook-configuration) again, to: + + - remove the `matrix_authentication_service_migration_in_progress: false` line + + - if you had been using [OIDC providers configured in Synapse](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on), remove all Synapse OIDC-related configuration (`matrix_synapse_oidc_*`) to prevent it being in conflict with the MAS OIDC configuration 5. Perform the [installation](#installing) again. At this point: From f4c4930215010b80d5bbfe47339e261f05a5c428 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 25 Oct 2024 09:37:03 +0300 Subject: [PATCH 183/404] Fix some anchors on the MAS docs page --- ...uring-playbook-matrix-authentication-service.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index 5ab1caca5..c4632945b 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -10,7 +10,7 @@ Matrix Authentication Service is an implementation of [MSC3861: Next-generation - the [Expectations](#expectations) section below - the [FAQ section on areweoidcyet.com](https://areweoidcyet.com/#faqs) -**If you've already been using Synapse** and have user accounts in its database, you can [migrate to Matrix Authentication Service](#migrating-an-existing-homeserver-to-matrix-authentication-service). +**If you've already been using Synapse** and have user accounts in its database, you can [migrate to Matrix Authentication Service](#migrating-an-existing-synapse-homeserver-to-matrix-authentication-service). ## Reasons to use Matrix Authentication Service @@ -57,7 +57,7 @@ This section details what you can expect when switching to the Matrix Authentica - ⚠ **You will need to have email sending configured** (see [Adjusting email-sending settings](./configuring-playbook-email.md)), because **Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user** going through the new SSO-based login flow. It's also possible to [work around email deliverability issues](#working-around-email-deliverability-issues) if your email configuration is not working. -- ⚠ **Migrating an existing homeserver to MAS is possible**, but requires **some playbook-assisted manual work** as described in the [Migrating an existing homeserver to Matrix Authentication Service](#migrating-an-existing-homeserver-to-matrix-authentication-service) section below. **Migration is reversible with no or minor issues if done quickly enough**, but as users start logging in (creating new login sessions) via the new MAS setup, disabling MAS and reverting back to the Synapse user database will cause these new sessions to break. +- ⚠ [Migrating an existing Synapse homeserver to Matrix Authentication Service](#migrating-an-existing-synapse-homeserver-to-matrix-authentication-service) is **possible**, but requires **some playbook-assisted manual work**. Migration is **reversible with no or minor issues if done quickly enough**, but as users start logging in (creating new login sessions) via the new MAS setup, disabling MAS and reverting back to the Synapse user database will cause these new sessions to break. - ⚠ Delegating user authentication to MAS causes **your Synapse server to be completely dependant on one more service** for its operations. MAS is quick & lightweight and should be stable enough already, but this is something to keep in mind when making the switch. @@ -91,7 +91,7 @@ For existing Synapse homeservers: - when following the [Adjusting the playbook configuration](#adjusting-the-playbook-configuration) instructions, make sure to **disable the integration between Synapse and MAS** by **uncommenting** the `matrix_authentication_service_migration_in_progress: true` line as described in the [Marking an existing homeserver for migration](#marking-an-existing-homeserver-for-migration) section below. -- then follow the [Migrating an existing homeserver to Matrix Authentication Service](#migrating-an-existing-homeserver-to-matrix-authentication-service) instructions to perform the installation and migration +- then follow the [Migrating an existing Synapse homeserver to Matrix Authentication Service](#migrating-an-existing-synapse-homeserver-to-matrix-authentication-service) instructions to perform the installation and migration ## Adjusting the playbook configuration @@ -133,7 +133,7 @@ matrix_authentication_service_path_prefix: / The [configuration above](#adjusting-the-playbook-configuration) instructs existing users wishing to migrate to add `matrix_authentication_service_migration_in_progress: true` to their configuration. -This is done temporarily. The migration steps are described in more detail in the [Migrating an existing homeserver to Matrix Authentication Service](#migrating-an-existing-homeserver-to-matrix-authentication-service) section below. +This is done temporarily. The migration steps are described in more detail in the [Migrating an existing Synapse homeserver to Matrix Authentication Service](#migrating-an-existing-synapse-homeserver-to-matrix-authentication-service) section below. ### Upstream OAuth2 configuration @@ -261,10 +261,10 @@ matrix_authentication_service_config_upstream_oauth2_providers: ⚠ The syntax for existing [OIDC providers configured in Synapse](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on) is slightly different, so you will need to adjust your configuration when switching from Synapse OIDC to MAS upstream OAuth2. -⚠ When [migrating an existing homeserver](#migrating-an-existing-homeserver-to-matrix-authentication-service) which contains OIDC-sourced users, you will need to: +⚠ When [migrating an existing homeserver](#migrating-an-existing-synapse-homeserver-to-matrix-authentication-service) which contains OIDC-sourced users, you will need to: - [Configure upstream OIDC provider mapping for syn2mas](#configuring-upstream-oidc-provider-mapping-for-syn2mas) -- go through the [migrating an existing homeserver](#migrating-an-existing-homeserver-to-matrix-authentication-service) process +- go through the [migrating an existing homeserver](#migrating-an-existing-synapse-homeserver-to-matrix-authentication-service) process - remove all Synapse OIDC-related configuration (`matrix_synapse_oidc_*`) to prevent it being in conflict with the MAS OIDC configuration @@ -281,7 +281,7 @@ If you've decided to use the default hostname, you won't need to do any extra DN Now that you've [adjusted the playbook configuration](#adjusting-the-playbook-configuration) and [your DNS records](#adjusting-dns-records), you can run the [installation](installing.md) command: `just install-all` -If you're in the process of migrating an existing Synapse homeserver to MAS, you should now follow the rest of the steps in the [Migrating an existing homeserver to Matrix Authentication Service](#migrating-an-existing-homeserver-to-matrix-authentication-service) guide. +If you're in the process of migrating an existing Synapse homeserver to MAS, you should now follow the rest of the steps in the [Migrating an existing Synapse homeserver to Matrix Authentication Service](#migrating-an-existing-synapse-homeserver-to-matrix-authentication-service) guide. 💡 After installation, you should [verify that Matrix Authentication Service is installed correctly](#verify-that-matrix-authentication-service-is-installed-correctly). From 54e84c5c73d35e7ad5901da4d39e4dbf7aff5d9c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 8 Oct 2024 03:08:48 +0900 Subject: [PATCH 184/404] Update docs/configuring-playbook-bridge-appservice-discord.md Fix a typo Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-discord.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index 0eaad761c..db2aff680 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -55,7 +55,7 @@ On the Discord side, you can say `!matrix help` to get a list of available comma ## Portal Bridging (Automatic) -Through portal bridging, Matrix rooms will automatically be created by the bot and bridged to the relevant Discord room. This is done by simply joining a room with a specific name pattern (`#_discord__`). +Through portal bridging, Matrix rooms will automatically be created by the bot and bridged to the relevant Discord room. This is done by simply joining a room with a specific name pattern (`#_discord__`). All Matrix rooms created this way are **listed publicly** by default, and you will not have admin permissions to change this. To get more control, [make yourself a room Administrator](#getting-administrator-access-in-a-portal-bridged-room). You can then unlist the room from the directory and change the join rules. From 082b75b0c02e87f9ab5f40a512c4d56db251b20d Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 25 Oct 2024 02:30:02 +0900 Subject: [PATCH 185/404] Fix indentations of list items Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 38 +++++----- docs/configuring-playbook-backup-borg.md | 24 +++---- ...ring-playbook-bridge-appservice-discord.md | 23 +++--- ...ing-playbook-bridge-appservice-webhooks.md | 70 ++++++++++--------- ...-playbook-matrix-authentication-service.md | 12 ++-- docs/configuring-playbook-s3-goofys.md | 56 +++++++-------- ...ng-playbook-synapse-s3-storage-provider.md | 4 +- 7 files changed, 117 insertions(+), 110 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 84c5b1722..1d8bbc413 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1684,8 +1684,8 @@ See our [Setting up the ntfy push notifications server](docs/configuring-playboo **If you are using the [Hookshot bridge](docs/configuring-playbook-bridge-hookshot.md)**, you may find that: 1. **Metrics may not be enabled by default anymore**: - - If Prometheus is enabled (`prometheus_enabled: true`), then Hookshot metrics will be enabled automatically (`matrix_hookshot_metrics_enabled: true`). These metrics will be collected from the local (in-container) Prometheus over the container network. - - **If Prometheus is not enabled** (you are either not using Prometheus or are using an external one), **Hookshot metrics will not be enabled by default anymore**. Feel free to enable them by setting `matrix_hookshot_metrics_enabled: true`. Also, see below. + - If Prometheus is enabled (`prometheus_enabled: true`), then Hookshot metrics will be enabled automatically (`matrix_hookshot_metrics_enabled: true`). These metrics will be collected from the local (in-container) Prometheus over the container network. + - **If Prometheus is not enabled** (you are either not using Prometheus or are using an external one), **Hookshot metrics will not be enabled by default anymore**. Feel free to enable them by setting `matrix_hookshot_metrics_enabled: true`. Also, see below. 2. When metrics are meant to be **consumed by an external Prometheus server**, `matrix_hookshot_metrics_proxying_enabled` needs to be set to `true`, so that metrics would be exposed (proxied) "publicly" on `https://matrix.example.com/metrics/hookshot`. To make use of this, you'll also need to enable the new `https://matrix.example.com/metrics/*` endpoints mentioned above, using `matrix_nginx_proxy_proxy_matrix_metrics_enabled`. Learn more in our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation. 3. **We've changed the URL we're exposing Hookshot metrics at** for external Prometheus servers. Until now, you were advised to consume Hookshot metrics from `https://stats.example.com/hookshot/metrics` (working in conjunction with `matrix_nginx_proxy_proxy_synapse_metrics`). From now on, **this no longer works**. As described above, you need to start consuming metrics from `https://matrix.example.com/metrics/hookshot`. @@ -2136,9 +2136,9 @@ To migrate to the new setup, expect a few minutes of downtime, while you follow 2. Generate a strong password to be used for your superuser Postgres user (called `matrix`). You can use `pwgen -s 64 1` to generate it, or some other tool. The **maximum length** for a Postgres password is 100 bytes (characters). Don't go crazy! 3. Update your playbook's `inventory/host_vars/matrix.example.com/vars.yml` file, adding a line like this: -```yaml -matrix_postgres_connection_password: 'YOUR_POSTGRES_PASSWORD_HERE' -``` + ```yaml + matrix_postgres_connection_password: 'YOUR_POSTGRES_PASSWORD_HERE' + ``` .. where `YOUR_POSTGRES_PASSWORD_HERE` is to be replaced with the password you generated during step #2. @@ -2148,31 +2148,31 @@ matrix_postgres_connection_password: 'YOUR_POSTGRES_PASSWORD_HERE' 7. Open a Postgres shell: `/usr/local/bin/matrix-postgres-cli` 8. Execute the following query, while making sure to **change the password inside** (**don't forget the ending `;`**): -```sql -CREATE ROLE matrix LOGIN SUPERUSER PASSWORD 'YOUR_POSTGRES_PASSWORD_HERE'; -``` + ```sql + CREATE ROLE matrix LOGIN SUPERUSER PASSWORD 'YOUR_POSTGRES_PASSWORD_HERE'; + ``` .. where `YOUR_POSTGRES_PASSWORD_HERE` is to be replaced with the password you generated during step #2. 9. Execute the following queries as you see them (no modifications necessary, so you can just **paste them all at once**): -```sql -CREATE DATABASE matrix OWNER matrix; + ```sql + CREATE DATABASE matrix OWNER matrix; -ALTER DATABASE postgres OWNER TO matrix; -ALTER DATABASE template0 OWNER TO matrix; -ALTER DATABASE template1 OWNER TO matrix; + ALTER DATABASE postgres OWNER TO matrix; + ALTER DATABASE template0 OWNER TO matrix; + ALTER DATABASE template1 OWNER TO matrix; -\c matrix; + \c matrix; -ALTER DATABASE homeserver RENAME TO synapse; + ALTER DATABASE homeserver RENAME TO synapse; -ALTER ROLE synapse NOSUPERUSER NOCREATEDB NOCREATEROLE; + ALTER ROLE synapse NOSUPERUSER NOCREATEDB NOCREATEROLE; -\quit -``` + \quit + ``` -You may need to press *Enter* after pasting the lines above. + You may need to press *Enter* after pasting the lines above. 10. Re-run the playbook normally: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 416b79093..647ccb945 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -15,23 +15,23 @@ By default, if you're using the integrated Postgres database server (as opposed 1. Create a new SSH key: -```bash -ssh-keygen -t ed25519 -N '' -f matrix-borg-backup -C matrix -``` + ```bash + ssh-keygen -t ed25519 -N '' -f matrix-borg-backup -C matrix + ``` -This can be done on any machine and you don't need to place the key in the `.ssh` folder. It will be added to the Ansible config later. + This can be done on any machine and you don't need to place the key in the `.ssh` folder. It will be added to the Ansible config later. 2. Add the **public** part of this SSH key (the `matrix-borg-backup.pub` file) to your BorgBackup provider/server: -If you plan to use a hosted solution, follow their instructions. If you have your own server, copy the key over: + If you plan to use a hosted solution, follow their instructions. If you have your own server, copy the key over: -```bash -# example to append the new PUBKEY contents, where: -# PUBKEY is path to the public key, -# USER is a ssh user on a provider / server -# HOST is a ssh host of a provider / server -cat PUBKEY | ssh USER@HOST 'dd of=.ssh/authorized_keys oflag=append conv=notrunc' -``` + ```bash + # example to append the new PUBKEY contents, where: + # PUBKEY is path to the public key, + # USER is a ssh user on a provider / server + # HOST is a ssh host of a provider / server + cat PUBKEY | ssh USER@HOST 'dd of=.ssh/authorized_keys oflag=append conv=notrunc' + ``` ## Adjusting the playbook configuration diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index db2aff680..781968ac5 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -18,17 +18,20 @@ Instructions loosely based on [this](https://github.com/Half-Shot/matrix-appserv 3. Create a bot from the Bot tab and retrieve the Bot token. 4. Enable the bridge with the following configuration in your `vars.yml` file: -```yaml -matrix_appservice_discord_enabled: true -matrix_appservice_discord_client_id: "YOUR DISCORD APP CLIENT ID" -matrix_appservice_discord_bot_token: "YOUR DISCORD APP BOT TOKEN" -``` + ```yaml + matrix_appservice_discord_enabled: true + matrix_appservice_discord_client_id: "YOUR DISCORD APP CLIENT ID" + matrix_appservice_discord_bot_token: "YOUR DISCORD APP BOT TOKEN" + ``` + 5. As of Synapse 1.90.0, you will need to add the following to `matrix_synapse_configuration_extension_yaml` to enable the [backwards compatibility](https://matrix-org.github.io/synapse/latest/upgrade#upgrading-to-v1900) that this bridge needs: -```yaml -matrix_synapse_configuration_extension_yaml: | - use_appservice_legacy_authorization: true -``` -**Note**: This deprecated method is considered insecure. + + ```yaml + matrix_synapse_configuration_extension_yaml: | + use_appservice_legacy_authorization: true + ``` + + **Note**: This deprecated method is considered insecure. 6. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md index 07fe99d8c..145b0cace 100644 --- a/docs/configuring-playbook-bridge-appservice-webhooks.md +++ b/docs/configuring-playbook-bridge-appservice-webhooks.md @@ -12,25 +12,27 @@ loosely based on [this](https://github.com/turt2live/matrix-appservice-webhooks/ 1. All you basically need is to adjust your `inventory/host_vars/matrix.example.com/vars.yml`: -```yaml -matrix_appservice_webhooks_enabled: true -matrix_appservice_webhooks_api_secret: '' -``` + ```yaml + matrix_appservice_webhooks_enabled: true + matrix_appservice_webhooks_api_secret: '' + ``` 2. In case you want to change the verbosity of logging via `journalctl -fu matrix-appservice-webhooks.service` you can adjust this in `inventory/host_vars/matrix.example.com/vars.yml` as well. -**Note**: default value is: `info` and availabe log levels are : `info`, `verbose` + **Note**: default value is: `info` and availabe log levels are : `info`, `verbose` -```yaml -matrix_appservice_webhooks_log_level: '' -``` + ```yaml + matrix_appservice_webhooks_log_level: '' + ``` 3. As of Synapse 1.90.0, you will need to add the following to `matrix_synapse_configuration_extension_yaml` to enable the [backwards compatibility](https://matrix-org.github.io/synapse/latest/upgrade#upgrading-to-v1900) that this bridge needs: -```yaml -matrix_synapse_configuration_extension_yaml: | - use_appservice_legacy_authorization: true -``` -**Note**: This deprecated method is considered insecure. + + ```yaml + matrix_synapse_configuration_extension_yaml: | + use_appservice_legacy_authorization: true + ``` + + **Note**: This deprecated method is considered insecure. 4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. @@ -43,29 +45,31 @@ matrix_synapse_configuration_extension_yaml: | - or simply add the bridge bot to a private channel (personal channels imply you being an administrator) 7. Send a message to the bridge bot in order to receive a private message including the webhook link. -``` -!webhook -``` + + ``` + !webhook + ``` 8. The JSON body for posting messages will have to look like this: -```json -{ + + ```json + { + "text": "Hello world!", + "format": "plain", + "displayName": "My Cool Webhook", + "avatar_url": "http://i.imgur.com/IDOBtEJ.png" + } + ``` + + You can test this via curl like so: + + ```sh + curl --header "Content-Type: application/json" \ + --data '{ "text": "Hello world!", "format": "plain", "displayName": "My Cool Webhook", "avatar_url": "http://i.imgur.com/IDOBtEJ.png" -} -``` - -You can test this via curl like so: - -``` -curl --header "Content-Type: application/json" \ ---data '{ -"text": "Hello world!", -"format": "plain", -"displayName": "My Cool Webhook", -"avatar_url": "http://i.imgur.com/IDOBtEJ.png" -}' \ - -``` + }' \ + + ``` diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index c4632945b..cc81b4c23 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -298,13 +298,13 @@ The installation + migration steps are like this: 2. Perform the initial [installation](#installing). At this point: - - Matrix Authentication Service will be installed. Its database will be empty, so it cannot validate existing access tokens or authentication users yet. + - Matrix Authentication Service will be installed. Its database will be empty, so it cannot validate existing access tokens or authentication users yet. - - The homeserver will still continue to use its local database for validating existing access tokens. + - The homeserver will still continue to use its local database for validating existing access tokens. - - Various [compatibility layer URLs](https://element-hq.github.io/matrix-authentication-service/setup/homeserver.html#set-up-the-compatibility-layer) are not yet installed. New login sessions will still be forwarded to the homeserver, which is capable of completing them. + - Various [compatibility layer URLs](https://element-hq.github.io/matrix-authentication-service/setup/homeserver.html#set-up-the-compatibility-layer) are not yet installed. New login sessions will still be forwarded to the homeserver, which is capable of completing them. - - The `matrix-user-creator` role would be suppressed, so that it doesn't automatically attempt to create users (for bots, etc.) in the MAS database. These user accounts likely already exist in Synapse's user database and could be migrated over (via syn2mas, as per the steps below), so creating them in the MAS database would have been unnecessary and potentially problematic (conflicts during the syn2mas migration). + - The `matrix-user-creator` role would be suppressed, so that it doesn't automatically attempt to create users (for bots, etc.) in the MAS database. These user accounts likely already exist in Synapse's user database and could be migrated over (via syn2mas, as per the steps below), so creating them in the MAS database would have been unnecessary and potentially problematic (conflicts during the syn2mas migration). 3. Consider taking a full [backup of your Postgres database](./maintenance-postgres.md#backing-up-postgresql). This is done just in case. The **syn2mas migration tool does not delete any data**, so it should be possible to revert to your previous setup by merely disabling MAS and re-running the playbook (no need to restore a Postgres backup). However, do note that as users start logging in (creating new login sessions) via the new MAS setup, disabling MAS and reverting back to the Synapse user database will cause these new sessions to break. @@ -318,9 +318,9 @@ The installation + migration steps are like this: 5. Perform the [installation](#installing) again. At this point: - - The homeserver will start delegating authentication to MAS. + - The homeserver will start delegating authentication to MAS. - - The compatibility layer URLs will be installed. New login sessions will be completed by MAS. + - The compatibility layer URLs will be installed. New login sessions will be completed by MAS. 6. [Verify that Matrix Authentication Service is installed correctly](#verify-that-matrix-authentication-service-is-installed-correctly) diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md index ba1001f0e..eb674faeb 100644 --- a/docs/configuring-playbook-s3-goofys.md +++ b/docs/configuring-playbook-s3-goofys.md @@ -52,21 +52,21 @@ It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-d 3. In addition to the base configuration you see above, add this to your `vars.yml` file: -```yaml -matrix_s3_media_store_path: /matrix/s3-media-store -``` + ```yaml + matrix_s3_media_store_path: /matrix/s3-media-store + ``` -This enables S3 support, but mounts the S3 storage bucket to `/matrix/s3-media-store` without hooking it to your homeserver yet. Your homeserver will still continue using your local filesystem for its media store. + This enables S3 support, but mounts the S3 storage bucket to `/matrix/s3-media-store` without hooking it to your homeserver yet. Your homeserver will still continue using your local filesystem for its media store. 4. Run the playbook to apply the changes: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` 5. Do an **initial sync of your files** by running this **on the server** (it may take a very long time): -```sh -sudo -u matrix -- rsync --size-only --ignore-existing -avr /matrix/synapse/storage/media-store/. /matrix/s3-media-store/. -``` + ```sh + sudo -u matrix -- rsync --size-only --ignore-existing -avr /matrix/synapse/storage/media-store/. /matrix/s3-media-store/. + ``` -You may need to install `rsync` manually. + You may need to install `rsync` manually. 6. Stop all Matrix services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) @@ -78,9 +78,9 @@ You may need to install `rsync` manually. 10. Get the old media store out of the way by running this command on the server: -```sh -mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup -``` + ```sh + mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup + ``` 11. Remove the `matrix_s3_media_store_path` configuration from your `vars.yml` file (undoing step #3 above) @@ -97,34 +97,34 @@ It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-d 1. While all Matrix services are running, run the following command on the server: -(you need to adjust the 3 `--env` line below with your own data) + (you need to adjust the 3 `--env` line below with your own data) -```sh -docker run -it --rm -w /work \ ---env='B2_KEY_ID=YOUR_KEY_GOES_HERE' \ ---env='B2_KEY_SECRET=YOUR_SECRET_GOES_HERE' \ ---env='B2_BUCKET_NAME=YOUR_BUCKET_NAME_GOES_HERE' \ ---mount type=bind,src=/matrix/synapse/storage/media-store,dst=/work,ro \ ---entrypoint=/bin/sh \ -docker.io/tianon/backblaze-b2:3.6.0 \ --c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer' -``` + ```sh + docker run -it --rm -w /work \ + --env='B2_KEY_ID=YOUR_KEY_GOES_HERE' \ + --env='B2_KEY_SECRET=YOUR_SECRET_GOES_HERE' \ + --env='B2_BUCKET_NAME=YOUR_BUCKET_NAME_GOES_HERE' \ + --mount type=bind,src=/matrix/synapse/storage/media-store,dst=/work,ro \ + --entrypoint=/bin/sh \ + docker.io/tianon/backblaze-b2:3.6.0 \ + -c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer' + ``` -This is some initial file sync, which may take a very long time. + This is some initial file sync, which may take a very long time. 2. Stop all Matrix services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) 3. Run the command from step #1 again. -Doing this will sync any new files that may have been created locally in the meantime. + Doing this will sync any new files that may have been created locally in the meantime. -Now that Matrix services aren't running, we're sure to get Backblaze B2 and your local media store fully in sync. + Now that Matrix services aren't running, we're sure to get Backblaze B2 and your local media store fully in sync. 4. Get the old media store out of the way by running this command on the server: -```sh -mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup -``` + ```sh + mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup + ``` 5. Put the [Backblaze B2 settings seen above](#backblaze-b2) in your `vars.yml` file diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index dc7d56648..410af46eb 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -76,8 +76,8 @@ This launches a Synapse container, which has access to the local media store, Po Then use the following commands (`$` values come from environment variables - they're **not placeholders** that you need to substitute): 1. `s3_media_upload update-db $UPDATE_DB_DURATION` - create a local SQLite database (`cache.db`) with a list of media repository files (from the `synapse` Postgres database) eligible for operating on - - `$UPDATE_DB_DURATION` is influenced by the `matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count` variable (defaults to `0`) - - `$UPDATE_DB_DURATION` defaults to `0d` (0 days), which means **include files which haven't been accessed for more than 0 days** (that is, **all files will be included**). + - `$UPDATE_DB_DURATION` is influenced by the `matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count` variable (defaults to `0`) + - `$UPDATE_DB_DURATION` defaults to `0d` (0 days), which means **include files which haven't been accessed for more than 0 days** (that is, **all files will be included**). 2. `s3_media_upload check-deleted $MEDIA_PATH` - check whether files in the local cache still exist in the local media repository directory 3. `s3_media_upload upload $MEDIA_PATH $BUCKET --delete --storage-class $STORAGE_CLASS --endpoint-url $ENDPOINT` - uploads locally-stored files to S3 and deletes them from the local media repository directory From 91cf8e323074feec9b1ac407ec2ac8282c8d3842 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 25 Oct 2024 02:55:15 +0900 Subject: [PATCH 186/404] Update docs/configuring-playbook-s3-goofys.md: fix the anchor link for Backblaze B2 The link has been broken since ac7cb3619dfe522af280875566e859007f7a0374 Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-s3-goofys.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md index eb674faeb..b15a2bfcd 100644 --- a/docs/configuring-playbook-s3-goofys.md +++ b/docs/configuring-playbook-s3-goofys.md @@ -126,7 +126,7 @@ It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-d mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup ``` -5. Put the [Backblaze B2 settings seen above](#backblaze-b2) in your `vars.yml` file +5. Put the [Backblaze B2 settings](configuring-playbook-s3.md#backblaze-b2) in your `vars.yml` file 6. Run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` From 1b117f1757b5bedef22271e9bd80cdaec8eb6eae Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 25 Oct 2024 03:14:53 +0900 Subject: [PATCH 187/404] Update docs/configuring-playbook-s3-goofys.md: update Table of Contents It is a legacy of docs/configuring-playbook-s3.md on ac7cb3619dfe522af280875566e859007f7a0374, and the upper levels of those two list items are redundant. Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-s3-goofys.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md index b15a2bfcd..190b74ec7 100644 --- a/docs/configuring-playbook-s3-goofys.md +++ b/docs/configuring-playbook-s3-goofys.md @@ -36,11 +36,8 @@ It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-d Follow one of the guides below for a migration path from a locally-stored media store to one stored on S3-compatible storage: -- [Storing Matrix media files on Amazon S3 with Goofys (optional)](#storing-matrix-media-files-on-amazon-s3-with-goofys-optional) - - [Usage](#usage) - - [Migrating from local filesystem storage to S3](#migrating-from-local-filesystem-storage-to-s3) - - [Migrating to any S3-compatible storage (universal, but likely slow)](#migrating-to-any-s3-compatible-storage-universal-but-likely-slow) - - [Migrating to Backblaze B2](#migrating-to-backblaze-b2) +- [Migrating to any S3-compatible storage (universal, but likely slow)](#migrating-to-any-s3-compatible-storage-universal-but-likely-slow) +- [Migrating to Backblaze B2](#migrating-to-backblaze-b2) ### Migrating to any S3-compatible storage (universal, but likely slow) From cbdf619bd4e9dda363b0c7318a6bb343412e627b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 25 Oct 2024 03:20:38 +0900 Subject: [PATCH 188/404] Update docs/configuring-playbook-s3-goofys.md: remove repetitive suggestions to create a backup Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-s3-goofys.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md index 190b74ec7..5924933d8 100644 --- a/docs/configuring-playbook-s3-goofys.md +++ b/docs/configuring-playbook-s3-goofys.md @@ -34,15 +34,13 @@ If you have local media store files and wish to migrate to Backblaze B2 subseque It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before migrating your local media store to an S3-backed one. -Follow one of the guides below for a migration path from a locally-stored media store to one stored on S3-compatible storage: +After making the backup, follow one of the guides below for a migration path from a locally-stored media store to one stored on S3-compatible storage: - [Migrating to any S3-compatible storage (universal, but likely slow)](#migrating-to-any-s3-compatible-storage-universal-but-likely-slow) - [Migrating to Backblaze B2](#migrating-to-backblaze-b2) ### Migrating to any S3-compatible storage (universal, but likely slow) -It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before doing this. - 1. Proceed with the steps below without stopping Matrix services 2. Start by adding the base S3 configuration in your `vars.yml` file (seen above, may be different depending on the S3 provider of your choice) @@ -90,8 +88,6 @@ It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-d ### Migrating to Backblaze B2 -It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before doing this. - 1. While all Matrix services are running, run the following command on the server: (you need to adjust the 3 `--env` line below with your own data) From 1c0ba91a4738acd01d95092a890fc223bbdd9c95 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 25 Oct 2024 11:10:15 +0900 Subject: [PATCH 189/404] Update docs/configuring-playbook-s3-goofys.md: fix the referred step number Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-s3-goofys.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md index 5924933d8..494f96752 100644 --- a/docs/configuring-playbook-s3-goofys.md +++ b/docs/configuring-playbook-s3-goofys.md @@ -67,7 +67,7 @@ After making the backup, follow one of the guides below for a migration path fro 7. Start the S3 service by running this **on the server**: `systemctl start matrix-goofys` -8. Sync the files again by re-running the `rsync` command you see in step #6 +8. Sync the files again by re-running the `rsync` command you see in step #5 9. Stop the S3 service by running this **on the server**: `systemctl stop matrix-goofys` From f9e37fc61469f508b275b0822b42c7ae21a6d2e7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 26 Oct 2024 10:32:18 +0300 Subject: [PATCH 190/404] Adjust step number on alertmanager-receiver docs page --- docs/configuring-playbook-alertmanager-receiver.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index f05fcaa80..13be70b5c 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -104,4 +104,4 @@ route: .. where `URL_HERE` looks like `https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/some-room-name` or `https://matrix.example.com/matrix-alertmanager-receiver-RANDOM_VALUE_HERE/alert/!qporfwt:example.com`. -This bot does **not** accept room invitations automatically (like many other bots do). To deliver messages to rooms, **the bot must be joined to all rooms manually** - see Step 5 of the [Account and room preparation](#account-and-room-preparation) section. +This bot does **not** accept room invitations automatically (like many other bots do). To deliver messages to rooms, **the bot must be joined to all rooms manually** - see Step 4 of the [Account and room preparation](#account-and-room-preparation) section. From 3d47e0d69cedd3a53e2fe1f09f58872a4f40feaf Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 23 Oct 2024 02:36:24 +0900 Subject: [PATCH 191/404] Synchronize document titles and links based on configuring-playbook.md Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 16 ++++++++-------- ...configuring-playbook-alertmanager-receiver.md | 2 +- docs/configuring-playbook-base-domain-serving.md | 2 +- docs/configuring-playbook-bot-chatgpt.md | 2 +- docs/configuring-playbook-bot-postmoogle.md | 2 +- ...iguring-playbook-bridge-appservice-discord.md | 2 +- ...configuring-playbook-bridge-appservice-irc.md | 2 +- ...uring-playbook-bridge-appservice-kakaotalk.md | 2 +- ...nfiguring-playbook-bridge-appservice-slack.md | 2 +- ...guring-playbook-bridge-appservice-webhooks.md | 2 +- ...onfiguring-playbook-bridge-beeper-linkedin.md | 2 +- ...onfiguring-playbook-bridge-go-skype-bridge.md | 2 +- docs/configuring-playbook-bridge-heisenbridge.md | 2 +- docs/configuring-playbook-bridge-hookshot.md | 2 +- ...figuring-playbook-bridge-matrix-bridge-sms.md | 2 +- ...onfiguring-playbook-bridge-mautrix-discord.md | 2 +- ...nfiguring-playbook-bridge-mautrix-facebook.md | 2 +- ...figuring-playbook-bridge-mautrix-gmessages.md | 2 +- ...iguring-playbook-bridge-mautrix-googlechat.md | 2 +- ...nfiguring-playbook-bridge-mautrix-hangouts.md | 2 +- ...figuring-playbook-bridge-mautrix-instagram.md | 2 +- ...configuring-playbook-bridge-mautrix-signal.md | 2 +- .../configuring-playbook-bridge-mautrix-slack.md | 2 +- ...nfiguring-playbook-bridge-mautrix-telegram.md | 2 +- ...onfiguring-playbook-bridge-mautrix-twitter.md | 2 +- ...nfiguring-playbook-bridge-mautrix-whatsapp.md | 2 +- ...onfiguring-playbook-bridge-mautrix-wsproxy.md | 2 +- ...figuring-playbook-bridge-mx-puppet-discord.md | 2 +- ...figuring-playbook-bridge-mx-puppet-groupme.md | 2 +- ...guring-playbook-bridge-mx-puppet-instagram.md | 2 +- ...onfiguring-playbook-bridge-mx-puppet-skype.md | 2 +- ...onfiguring-playbook-bridge-mx-puppet-slack.md | 2 +- ...onfiguring-playbook-bridge-mx-puppet-steam.md | 2 +- ...figuring-playbook-bridge-mx-puppet-twitter.md | 2 +- docs/configuring-playbook-bridge-wechat.md | 2 +- docs/configuring-playbook-client-cinny.md | 2 +- docs/configuring-playbook-client-hydrogen.md | 2 +- docs/configuring-playbook-client-schildichat.md | 2 +- docs/configuring-playbook-dimension.md | 2 +- docs/configuring-playbook-dynamic-dns.md | 2 +- docs/configuring-playbook-jitsi.md | 2 +- docs/configuring-playbook-ma1sd.md | 2 +- ...ing-playbook-matrix-authentication-service.md | 2 +- docs/configuring-playbook-matrix-media-repo.md | 2 +- docs/configuring-playbook-ntfy.md | 2 +- docs/configuring-playbook-pantalaimon.md | 2 +- docs/configuring-playbook-prometheus-grafana.md | 2 +- docs/configuring-playbook-rageshake.md | 2 +- docs/configuring-playbook-sliding-sync-proxy.md | 2 +- docs/configuring-playbook-sygnal.md | 2 +- ...nfiguring-playbook-synapse-auto-compressor.md | 2 +- ...onfiguring-playbook-synapse-usage-exporter.md | 2 +- docs/configuring-playbook-turn.md | 2 +- docs/configuring-playbook.md | 14 +++++++------- 54 files changed, 67 insertions(+), 67 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1d8bbc413..97c9d5d6f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -876,7 +876,7 @@ Thanks to [Benjamin Kampmann](https://github.com/gnunicorn) for [getting it star The upcoming Element X clients ([Element X iOS](https://github.com/vector-im/element-x-ios) and [Element X Android](https://github.com/vector-im/element-x-android)) require the `sliding-sync` proxy to do their job. **These clients are still in beta** (especially Element X Android, which requires manual compilation to get it working with a non-`matrix.org` homeseserver). Playbook users can now easily give these clients a try and help test them thanks to us having `sliding-sync` support. -To get started, see our [Setting up Sliding Sync proxy](docs/configuring-playbook-sliding-sync-proxy.md) documentation page. +To get started, see our [Setting up the Sliding Sync proxy](docs/configuring-playbook-sliding-sync-proxy.md) documentation page. # 2023-03-02 @@ -1464,7 +1464,7 @@ With the new Synapse-customization feature in the playbook, we use the original Thanks to [@TheOneWithTheBraid](https://github.com/TheOneWithTheBraid), we now support installing [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) - a proxy which handles Matrix registration requests and forwards them to LDAP. -See our [Setting up the ldap-registration-proxy](docs/configuring-playbook-matrix-ldap-registration-proxy.md) documentation to get started. +See our [Setting up matrix-ldap-registration-proxy](docs/configuring-playbook-matrix-ldap-registration-proxy.md) documentation to get started. # 2022-09-15 @@ -1564,7 +1564,7 @@ Below we'll discuss **potential backward incompatibilities**. Thanks to [Julian-Samuel Gebühr (@moan0s)](https://github.com/moan0s), the playbook can now set up [Cactus Comments](https://cactus.chat) - federated comment system for the web based on Matrix. -See our [Setting up a Cactus Comments server](docs/configuring-playbook-cactus-comments.md) documentation to get started. +See our [Setting up Cactus Comments](docs/configuring-playbook-cactus-comments.md) documentation to get started. # 2022-08-23 @@ -1708,7 +1708,7 @@ See our [Setting up the ntfy push notifications server](docs/configuring-playboo Thanks to [CyberShadow](https://github.com/CyberShadow), the playbook can now install the [go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) bridge for bridging Matrix to [Skype](https://www.skype.com/). -See our [Setting up Go Skype Bridge](docs/configuring-playbook-bridge-go-skype-bridge.md) documentation to get started. +See our [Setting up Go Skype Bridge bridging](docs/configuring-playbook-bridge-go-skype-bridge.md) documentation to get started. The playbook has supported [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype) bridging (see [Setting up MX Puppet Skype bridging](docs/configuring-playbook-bridge-mx-puppet-skype.md)) since [2020-04-09](#2020-04-09), but `mx-puppet-skype` is reportedly broken. @@ -2038,7 +2038,7 @@ The playbook can now install the [Sygnal](https://github.com/matrix-org/sygnal) This is only useful to people who develop/build their own Matrix client applications. -Additional details are available in our [Setting up Sygnal](docs/configuring-playbook-sygnal.md) docs. +Additional details are available in our [Setting up the Sygnal push gateway](docs/configuring-playbook-sygnal.md) docs. # 2021-03-16 @@ -2717,7 +2717,7 @@ It forces a [Postgres database upgrade](docs/maintenance-postgres.md#upgrading-p Thanks to a contribution from [Björn Marten](https://github.com/tripleawwy) from [netresearch](https://www.netresearch.de/), the playbook can now install and configure [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) for you. This bridge provides support for Slack-compatible webhooks. -Learn more in [Setting up Appservice Webhooks](docs/configuring-playbook-bridge-appservice-webhooks.md). +Learn more in [Setting up Appservice Webhooks bridging](docs/configuring-playbook-bridge-appservice-webhooks.md). # 2020-01-12 @@ -3292,7 +3292,7 @@ When using: ## IRC bridging support [Devon Maloney (@Plailect)](https://github.com/Plailect) has done some great work bringing IRC bridging support via [matrix-appservice-irc](https://github.com/TeDomum/matrix-appservice-irc). -To learn more, see the [Setting up Appservice IRC](docs/configuring-playbook-bridge-appservice-irc.md) documentation page. +To learn more, see the [Setting up Appservice IRC bridging](docs/configuring-playbook-bridge-appservice-irc.md) documentation page. # 2019-01-29 @@ -3757,7 +3757,7 @@ The Client APIs run only on the http port (8008) now. ## mxisd Identity Server support The playbook now sets up an [mxisd](https://github.com/kamax-io/mxisd) Identity Server for you by default. -Additional details are available in [Adjusting mxisd Identity Server configuration](docs/configuring-playbook-mxisd.md). +Additional details are available in [Setting up ma1sd Identity Server](docs/configuring-playbook-mxisd.md). # 2018-08-14 diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index 13be70b5c..ab81eb7c0 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -1,4 +1,4 @@ -# Setting up matrix-alertmanager-receiver (optional) +# Setting up Prometheus Alertmanager integration via matrix-alertmanager-receiver (optional) The playbook can install and configure the [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) service for you. It's a [client](https://prometheus.io/docs/alerting/latest/clients/) for Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/), allowing you to deliver alerts to Matrix rooms. diff --git a/docs/configuring-playbook-base-domain-serving.md b/docs/configuring-playbook-base-domain-serving.md index 175eae883..8aff309c0 100644 --- a/docs/configuring-playbook-base-domain-serving.md +++ b/docs/configuring-playbook-base-domain-serving.md @@ -1,4 +1,4 @@ -# Serving the base domain +# Serving the base domain (optional) This playbook sets up services on your Matrix server (`matrix.example.com`). To have this server officially be responsible for Matrix services for the base domain (`example.com`), you need to set up [Server Delegation](howto-server-delegation.md). This is normally done by [configuring well-known](configuring-well-known.md) files on the base domain. diff --git a/docs/configuring-playbook-bot-chatgpt.md b/docs/configuring-playbook-bot-chatgpt.md index 100b1060c..4482f7b47 100644 --- a/docs/configuring-playbook-bot-chatgpt.md +++ b/docs/configuring-playbook-bot-chatgpt.md @@ -1,4 +1,4 @@ -# Setting up ChatGPT (optional) +# Setting up matrix-bot-chatgpt (optional) The playbook can install and configure [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) for you. diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 9de3ac035..5d12f7b2a 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -1,4 +1,4 @@ -# Setting up Postmoogle (optional) +# Setting up Postmoogle email bridging (optional) **Note**: email bridging can also happen via the [email2matrix](configuring-playbook-email2matrix.md) bridge supported by the playbook. diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index 781968ac5..c7afe27a1 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -1,4 +1,4 @@ -# Setting up Appservice Discord (optional) +# Setting up Appservice Discord bridging (optional) **Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. - For using as a Bot we are recommend the Appservice Discord bridge (the one being discussed here), because it supports plumbing. diff --git a/docs/configuring-playbook-bridge-appservice-irc.md b/docs/configuring-playbook-bridge-appservice-irc.md index 82623b998..84c3b4dd4 100644 --- a/docs/configuring-playbook-bridge-appservice-irc.md +++ b/docs/configuring-playbook-bridge-appservice-irc.md @@ -1,4 +1,4 @@ -# Setting up Appservice IRC (optional) +# Setting up Appservice IRC bridging (optional) **Note**: bridging to [IRC](https://en.wikipedia.org/wiki/Internet_Relay_Chat) can also happen via the [Heisenbridge](configuring-playbook-bridge-heisenbridge.md) bridge supported by the playbook. diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index cbc52a6cc..1e9816b41 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -1,4 +1,4 @@ -# Setting up Appservice Kakaotalk (optional) +# Setting up Appservice Kakaotalk bridging (optional) The playbook can install and configure [matrix-appservice-kakaotalk](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) for you. `matrix-appservice-kakaotalk` is a bridge to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) based on [node-kakao](https://github.com/storycraft/node-kakao) (now unmaintained) and some [mautrix-facebook](https://github.com/mautrix/facebook) code. diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index ecc0ab04e..c0c81c66e 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -1,4 +1,4 @@ -# Setting up Appservice Slack (optional) +# Setting up Appservice Slack bridging (optional) **Note**: bridging to [Slack](https://slack.com) can also happen via the [mx-puppet-slack](configuring-playbook-bridge-mx-puppet-slack.md) and [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) bridges supported by the playbook. diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md index 145b0cace..562b08cdf 100644 --- a/docs/configuring-playbook-bridge-appservice-webhooks.md +++ b/docs/configuring-playbook-bridge-appservice-webhooks.md @@ -1,4 +1,4 @@ -# Setting up Appservice Webhooks (optional) +# Setting up Appservice Webhooks bridging (optional) The playbook can install and configure [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) for you. diff --git a/docs/configuring-playbook-bridge-beeper-linkedin.md b/docs/configuring-playbook-bridge-beeper-linkedin.md index 5ba0233ec..3c2143a6c 100644 --- a/docs/configuring-playbook-bridge-beeper-linkedin.md +++ b/docs/configuring-playbook-bridge-beeper-linkedin.md @@ -1,4 +1,4 @@ -# Setting up Beeper Linkedin (optional) +# Setting up Beeper Linkedin bridging (optional) The playbook can install and configure [beeper-linkedin](https://github.com/beeper/linkedin) for you, for bridging to [LinkedIn](https://www.linkedin.com/) Messaging. This bridge is based on the mautrix-python framework and can be configured in a similar way to the other mautrix bridges diff --git a/docs/configuring-playbook-bridge-go-skype-bridge.md b/docs/configuring-playbook-bridge-go-skype-bridge.md index ed39d9996..2370f5fa4 100644 --- a/docs/configuring-playbook-bridge-go-skype-bridge.md +++ b/docs/configuring-playbook-bridge-go-skype-bridge.md @@ -1,4 +1,4 @@ -# Setting up Go Skype Bridge (optional) +# Setting up Go Skype Bridge bridging (optional) The playbook can install and configure [go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) for you. diff --git a/docs/configuring-playbook-bridge-heisenbridge.md b/docs/configuring-playbook-bridge-heisenbridge.md index c5b7f4a7c..34dc627a4 100644 --- a/docs/configuring-playbook-bridge-heisenbridge.md +++ b/docs/configuring-playbook-bridge-heisenbridge.md @@ -1,4 +1,4 @@ -# Setting up Heisenbridge (optional) +# Setting up Heisenbridge bouncer-style IRC bridging (optional) **Note**: bridging to [IRC](https://en.wikipedia.org/wiki/Internet_Relay_Chat) can also happen via the [matrix-appservice-irc](configuring-playbook-bridge-appservice-irc.md) bridge supported by the playbook. diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 3bb1ba0ab..465765cb9 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -1,4 +1,4 @@ -# Setting up Hookshot (optional) +# Setting up matrix-hookshot (optional) The playbook can install and configure [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) for you. diff --git a/docs/configuring-playbook-bridge-matrix-bridge-sms.md b/docs/configuring-playbook-bridge-matrix-bridge-sms.md index f698ad986..6ac1e686a 100644 --- a/docs/configuring-playbook-bridge-matrix-bridge-sms.md +++ b/docs/configuring-playbook-bridge-matrix-bridge-sms.md @@ -1,4 +1,4 @@ -# Setting up matrix-sms-bridge (optional) +# Setting up Matrix SMS bridging (optional) The playbook can install and configure [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) for you. diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 11a3560b0..ee736cda0 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -1,4 +1,4 @@ -# Setting up Mautrix Discord (optional) +# Setting up Mautrix Discord bridging (optional) **Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. - For using as a Bot we recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index 3ce6010de..c0337837c 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -1,4 +1,4 @@ -# Setting up Mautrix Facebook (optional) +# Setting up Mautrix Facebook bridging (optional) **Note**: bridging to Facebook [Messenger](https://messenger.com) via this bridge is being [superseded by a new bridge - mautrix-meta](https://github.com/mautrix/facebook/issues/332). For now, the mautrix-facebook bridge continues to work, but the new [mautrix-meta-messenger bridge](./configuring-playbook-bridge-mautrix-meta-messenger.md) is better and more supported. Consider using that bridge instead of this one. diff --git a/docs/configuring-playbook-bridge-mautrix-gmessages.md b/docs/configuring-playbook-bridge-mautrix-gmessages.md index 6b44eeeee..d4913bb11 100644 --- a/docs/configuring-playbook-bridge-mautrix-gmessages.md +++ b/docs/configuring-playbook-bridge-mautrix-gmessages.md @@ -1,4 +1,4 @@ -# Setting up Mautrix gmessages (optional) +# Setting up Mautrix Google Messages bridging (optional) The playbook can install and configure [mautrix-gmessages](https://github.com/mautrix/gmessages) for you, for bridging to [Google Messages](https://messages.google.com/). diff --git a/docs/configuring-playbook-bridge-mautrix-googlechat.md b/docs/configuring-playbook-bridge-mautrix-googlechat.md index a62003cb2..505fecd41 100644 --- a/docs/configuring-playbook-bridge-mautrix-googlechat.md +++ b/docs/configuring-playbook-bridge-mautrix-googlechat.md @@ -1,4 +1,4 @@ -# Setting up Mautrix Google Chat (optional) +# Setting up Mautrix Google Chat bridging (optional) The playbook can install and configure [mautrix-googlechat](https://github.com/mautrix/googlechat) for you. diff --git a/docs/configuring-playbook-bridge-mautrix-hangouts.md b/docs/configuring-playbook-bridge-mautrix-hangouts.md index 198d4c923..072f8ee0e 100644 --- a/docs/configuring-playbook-bridge-mautrix-hangouts.md +++ b/docs/configuring-playbook-bridge-mautrix-hangouts.md @@ -1,6 +1,6 @@ # The [Mautrix Hangouts Bridge](https://mau.dev/mautrix/hangouts) is no longer maintained. It has changed to a [Google Chat Bridge](https://github.com/mautrix/googlechat). Setup instructions for the Google Chat Bridge can be [found here](configuring-playbook-bridge-mautrix-googlechat.md). -# Setting up Mautrix Hangouts (optional) +# Setting up Mautrix Hangouts bridging (optional) The playbook can install and configure [mautrix-hangouts](https://github.com/mautrix/hangouts) for you. diff --git a/docs/configuring-playbook-bridge-mautrix-instagram.md b/docs/configuring-playbook-bridge-mautrix-instagram.md index ffafa25db..a32322457 100644 --- a/docs/configuring-playbook-bridge-mautrix-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-instagram.md @@ -1,4 +1,4 @@ -# Setting up Mautrix Instagram (optional) +# Setting up Mautrix Instagram bridging (optional) **Note**: bridging to Facebook [Instagram](https://instagram.com) via this bridge is being [superseded by a new bridge - mautrix-meta](https://github.com/mautrix/facebook/issues/332). For now, the mautrix-instagram bridge continues to work, but the new [mautrix-meta-instagram bridge](./configuring-playbook-bridge-mautrix-meta-instagram.md) is better and more supported. Consider using that bridge instead of this one. diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index ec9d18024..07b9638ac 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -1,4 +1,4 @@ -# Setting up Mautrix Signal (optional) +# Setting up Mautrix Signal bridging (optional) The playbook can install and configure [mautrix-signal](https://github.com/mautrix/signal) for you. diff --git a/docs/configuring-playbook-bridge-mautrix-slack.md b/docs/configuring-playbook-bridge-mautrix-slack.md index 43eaf274b..18d9ba76f 100644 --- a/docs/configuring-playbook-bridge-mautrix-slack.md +++ b/docs/configuring-playbook-bridge-mautrix-slack.md @@ -1,4 +1,4 @@ -# Setting up Mautrix Slack (optional) +# Setting up Mautrix Slack bridging (optional) **Note**: bridging to [Slack](https://slack.com/) can also happen via the [mx-puppet-slack](configuring-playbook-bridge-mx-puppet-slack.md) and [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) bridges supported by the playbook. - For using as a Bot we recommend the [Appservice Slack](configuring-playbook-bridge-appservice-slack.md), because it supports plumbing. diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index 48ed559a1..344a45c31 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -1,4 +1,4 @@ -# Setting up Mautrix Telegram (optional) +# Setting up Mautrix Telegram bridging (optional) The playbook can install and configure [mautrix-telegram](https://github.com/mautrix/telegram) for you. diff --git a/docs/configuring-playbook-bridge-mautrix-twitter.md b/docs/configuring-playbook-bridge-mautrix-twitter.md index fe08c77bf..6e3c82838 100644 --- a/docs/configuring-playbook-bridge-mautrix-twitter.md +++ b/docs/configuring-playbook-bridge-mautrix-twitter.md @@ -1,4 +1,4 @@ -# Setting up Mautrix Twitter (optional) +# Setting up Mautrix Twitter bridging (optional) **Note**: bridging to [Twitter](https://twitter.com/) can also happen via the [mx-puppet-twitter](configuring-playbook-bridge-mx-puppet-twitter.md) bridge supported by the playbook. diff --git a/docs/configuring-playbook-bridge-mautrix-whatsapp.md b/docs/configuring-playbook-bridge-mautrix-whatsapp.md index c04940ebf..c5533da8f 100644 --- a/docs/configuring-playbook-bridge-mautrix-whatsapp.md +++ b/docs/configuring-playbook-bridge-mautrix-whatsapp.md @@ -1,4 +1,4 @@ -# Setting up Mautrix Whatsapp (optional) +# Setting up Mautrix Whatsapp bridging (optional) The playbook can install and configure [mautrix-whatsapp](https://github.com/mautrix/whatsapp) for you. diff --git a/docs/configuring-playbook-bridge-mautrix-wsproxy.md b/docs/configuring-playbook-bridge-mautrix-wsproxy.md index b32a4749d..cb0a9280a 100644 --- a/docs/configuring-playbook-bridge-mautrix-wsproxy.md +++ b/docs/configuring-playbook-bridge-mautrix-wsproxy.md @@ -1,4 +1,4 @@ -# Setting up Mautrix wsproxy (optional) +# Setting up Mautrix wsproxy for bridging Android SMS or Apple iMessage (optional) The playbook can install and configure [mautrix-wsproxy](https://github.com/mautrix/wsproxy) for you. diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index 01eaef8d4..a1396f185 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -1,4 +1,4 @@ -# Setting up MX Puppet Discord (optional) +# Setting up MX Puppet Discord bridging (optional) **Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md)and [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. - For using as a Bot we recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. diff --git a/docs/configuring-playbook-bridge-mx-puppet-groupme.md b/docs/configuring-playbook-bridge-mx-puppet-groupme.md index 5090b2d59..424aa8855 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-groupme.md +++ b/docs/configuring-playbook-bridge-mx-puppet-groupme.md @@ -1,4 +1,4 @@ -# Setting up MX Puppet GroupMe (optional) +# Setting up MX Puppet GroupMe bridging (optional) The playbook can install and configure [mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) for you. diff --git a/docs/configuring-playbook-bridge-mx-puppet-instagram.md b/docs/configuring-playbook-bridge-mx-puppet-instagram.md index 145baa49a..54bd0b011 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-instagram.md +++ b/docs/configuring-playbook-bridge-mx-puppet-instagram.md @@ -1,4 +1,4 @@ -# Setting up mx-puppet-instagram (optional) +# Setting up MX Puppet Instagram bridging (optional) The playbook can install and configure [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) for you. diff --git a/docs/configuring-playbook-bridge-mx-puppet-skype.md b/docs/configuring-playbook-bridge-mx-puppet-skype.md index c80b1af82..51dd34832 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-skype.md +++ b/docs/configuring-playbook-bridge-mx-puppet-skype.md @@ -1,4 +1,4 @@ -# Setting up MX Puppet Skype (optional) +# Setting up MX Puppet Skype bridging (optional) The playbook used to be able to install and configure [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype), but no longer includes this component, because it has been broken and unmaintaned for a long time. diff --git a/docs/configuring-playbook-bridge-mx-puppet-slack.md b/docs/configuring-playbook-bridge-mx-puppet-slack.md index 44d86056f..bb187ae63 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-slack.md +++ b/docs/configuring-playbook-bridge-mx-puppet-slack.md @@ -1,4 +1,4 @@ -# Setting up MX Puppet Slack (optional) +# Setting up MX Puppet Slack bridging (optional) **Note**: bridging to [Slack](https://slack.com) can also happen via the [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) and [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) bridges supported by the playbook. diff --git a/docs/configuring-playbook-bridge-mx-puppet-steam.md b/docs/configuring-playbook-bridge-mx-puppet-steam.md index 66edf8c79..08a52bd18 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-steam.md +++ b/docs/configuring-playbook-bridge-mx-puppet-steam.md @@ -1,4 +1,4 @@ -# Setting up MX Puppet Steam (optional) +# Setting up MX Puppet Steam bridging (optional) The playbook can install and configure [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) for you. diff --git a/docs/configuring-playbook-bridge-mx-puppet-twitter.md b/docs/configuring-playbook-bridge-mx-puppet-twitter.md index 493eb1403..c84c63e54 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-twitter.md +++ b/docs/configuring-playbook-bridge-mx-puppet-twitter.md @@ -1,4 +1,4 @@ -# Setting up MX Puppet Twitter (optional) +# Setting up MX Puppet Twitter bridging (optional) **Note**: bridging to [Twitter](https://twitter.com/) can also happen via the [mautrix-twitter](configuring-playbook-bridge-mautrix-twitter.md) bridge supported by the playbook. diff --git a/docs/configuring-playbook-bridge-wechat.md b/docs/configuring-playbook-bridge-wechat.md index e5a1546c7..8e57062e5 100644 --- a/docs/configuring-playbook-bridge-wechat.md +++ b/docs/configuring-playbook-bridge-wechat.md @@ -1,4 +1,4 @@ -# Setting up the WeChat Bridge (optional) +# Setting up WeChat bridging (optional) The playbook can install and configure the [matrix-wechat](https://github.com/duo/matrix-wechat) bridge for you (for bridging to the [WeChat](https://www.wechat.com/) network). diff --git a/docs/configuring-playbook-client-cinny.md b/docs/configuring-playbook-client-cinny.md index 9925c836f..b6a70ae1b 100644 --- a/docs/configuring-playbook-client-cinny.md +++ b/docs/configuring-playbook-client-cinny.md @@ -1,4 +1,4 @@ -# Configuring Cinny (optional) +# Setting up Cinny (optional) This playbook can install the [cinny](https://github.com/ajbura/cinny) Matrix web client for you. diff --git a/docs/configuring-playbook-client-hydrogen.md b/docs/configuring-playbook-client-hydrogen.md index 7e3aab465..6c4570acd 100644 --- a/docs/configuring-playbook-client-hydrogen.md +++ b/docs/configuring-playbook-client-hydrogen.md @@ -1,4 +1,4 @@ -# Configuring Hydrogen (optional) +# Setting up Hydrogen (optional) This playbook can install the [Hydrogen](https://github.com/element-hq/hydrogen-web) Matrix web client for you. diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat.md index 0cf640f6f..acaa0dd35 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat.md @@ -1,4 +1,4 @@ -# Configuring SchildiChat (optional) +# Setting up SchildiChat (optional) This playbook can install the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) Matrix web client for you. diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index 5d5a2b6a3..91abb24f4 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -1,4 +1,4 @@ -# Setting up Dimension (optional) +# Setting up Dimension integration manager (optional) **[Dimension](https://dimension.t2bot.io) can only be installed after Matrix services are installed and running.** If you're just installing Matrix services for the first time, please continue with the [Configuration](configuring-playbook.md) / [Installation](installing.md) flow and come back here later. diff --git a/docs/configuring-playbook-dynamic-dns.md b/docs/configuring-playbook-dynamic-dns.md index 4bae5ea83..573987c84 100644 --- a/docs/configuring-playbook-dynamic-dns.md +++ b/docs/configuring-playbook-dynamic-dns.md @@ -1,4 +1,4 @@ -# Dynamic DNS +# Setting up Dynamic DNS (optional) ## Setup diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 3f71a0f1c..48f362443 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -1,4 +1,4 @@ -# Jitsi +# Setting up the Jitsi video-conferencing platform (optional) The playbook can install the [Jitsi](https://jitsi.org/) video-conferencing platform and integrate it with [Element](configuring-playbook-client-element.md). diff --git a/docs/configuring-playbook-ma1sd.md b/docs/configuring-playbook-ma1sd.md index 1f8a6f28f..52116e142 100644 --- a/docs/configuring-playbook-ma1sd.md +++ b/docs/configuring-playbook-ma1sd.md @@ -1,4 +1,4 @@ -# Adjusting ma1sd Identity Server configuration (optional) +# Setting up ma1sd Identity Server (optional) The playbook can configure the [ma1sd](https://github.com/ma1uta/ma1sd) Identity Server for you. diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index cc81b4c23..d83bdf58a 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -1,4 +1,4 @@ -# Matrix Authentication Service (MAS) +# Setting up Matrix Authentication Service (optional) This playbook can install and configure [Matrix Authentication Service](https://github.com/element-hq/matrix-authentication-service/) (MAS) - a service operating alongside your existing [Synapse](./configuring-playbook-synapse.md) homeserver and providing [better authentication, session management and permissions in Matrix](https://matrix.org/blog/2023/09/better-auth/). diff --git a/docs/configuring-playbook-matrix-media-repo.md b/docs/configuring-playbook-matrix-media-repo.md index a935bcbea..161965d95 100644 --- a/docs/configuring-playbook-matrix-media-repo.md +++ b/docs/configuring-playbook-matrix-media-repo.md @@ -1,4 +1,4 @@ -# Setting up matrix-media-repo (optional) +# Storing Matrix media files using matrix-media-repo (optional) [matrix-media-repo](https://docs.t2bot.io/matrix-media-repo/) (often abbreviated "MMR") is a highly customizable multi-domain media repository for Matrix. Intended for medium to large environments consisting of several homeservers, this media repo de-duplicates media (including remote media) while being fully compliant with the specification. diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index e89f20ea7..abda19481 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -1,4 +1,4 @@ -# Setting up ntfy (optional) +# Setting up the ntfy push notifications server (optional) The playbook can install and configure the [ntfy](https://ntfy.sh/) push notifications server for you. diff --git a/docs/configuring-playbook-pantalaimon.md b/docs/configuring-playbook-pantalaimon.md index 4c2ad39ec..91bc9a0d9 100644 --- a/docs/configuring-playbook-pantalaimon.md +++ b/docs/configuring-playbook-pantalaimon.md @@ -1,4 +1,4 @@ -# Setting up pantalaimon (optional) +# Setting up Pantalaimon (E2EE aware proxy daemon) (optional) The playbook can install and configure the [pantalaimon](https://github.com/matrix-org/pantalaimon) E2EE aware proxy daemon for you. diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index 92197cbff..440b9f224 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -1,4 +1,4 @@ -# Enabling metrics and graphs for your Matrix server (optional) +# Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server (optional) The playbook can install [Grafana](https://grafana.com/) with [Prometheus](https://prometheus.io/) and configure performance metrics of your homeserver with graphs for you. diff --git a/docs/configuring-playbook-rageshake.md b/docs/configuring-playbook-rageshake.md index e43114459..538e86928 100644 --- a/docs/configuring-playbook-rageshake.md +++ b/docs/configuring-playbook-rageshake.md @@ -1,4 +1,4 @@ -# Setting up rageshake (optional) +# Setting up the rageshake bug report server (optional) The playbook can install and configure the [rageshake](https://github.com/matrix-org/rageshake) bug report server for you. diff --git a/docs/configuring-playbook-sliding-sync-proxy.md b/docs/configuring-playbook-sliding-sync-proxy.md index 5754a5e9a..817458e6e 100644 --- a/docs/configuring-playbook-sliding-sync-proxy.md +++ b/docs/configuring-playbook-sliding-sync-proxy.md @@ -1,4 +1,4 @@ -# Setting up Sliding Sync proxy (optional) +# Setting up the Sliding Sync proxy (optional) The playbook can install and configure [sliding-sync](https://github.com/matrix-org/sliding-sync) proxy for you. diff --git a/docs/configuring-playbook-sygnal.md b/docs/configuring-playbook-sygnal.md index df6d57292..28f50b78f 100644 --- a/docs/configuring-playbook-sygnal.md +++ b/docs/configuring-playbook-sygnal.md @@ -1,4 +1,4 @@ -# Setting up Sygnal (optional) +# Setting up the Sygnal push gateway (optional) The playbook can install and configure the [Sygnal](https://github.com/matrix-org/sygnal) push gateway for you. diff --git a/docs/configuring-playbook-synapse-auto-compressor.md b/docs/configuring-playbook-synapse-auto-compressor.md index bf2c0e1c4..3e1cda4bc 100644 --- a/docs/configuring-playbook-synapse-auto-compressor.md +++ b/docs/configuring-playbook-synapse-auto-compressor.md @@ -1,4 +1,4 @@ -# Setting up synapse_auto_compressor +# Setting up synapse-auto-compressor (optional) The playbook can install and configure [synapse_auto_compressor](https://github.com/matrix-org/rust-synapse-compress-state/#automated-tool-synapse_auto_compressor) for you. diff --git a/docs/configuring-playbook-synapse-usage-exporter.md b/docs/configuring-playbook-synapse-usage-exporter.md index 8a472f345..b3180281a 100644 --- a/docs/configuring-playbook-synapse-usage-exporter.md +++ b/docs/configuring-playbook-synapse-usage-exporter.md @@ -1,4 +1,4 @@ -# Setting up synapse-usage-exporter (optional) +# Enabling synapse-usage-exporter for Synapse usage statistics (optional) [synapse-usage-exporter](https://github.com/loelkes/synapse-usage-exporter) allows you to export the usage statistics of a Synapse homeserver to this container service and for the collected metrics to later be scraped by Prometheus. diff --git a/docs/configuring-playbook-turn.md b/docs/configuring-playbook-turn.md index 0a85fd129..b52b54691 100644 --- a/docs/configuring-playbook-turn.md +++ b/docs/configuring-playbook-turn.md @@ -1,4 +1,4 @@ -# TURN server +# Adjusting TURN server configuration (optional, advanced) The playbook installs a [Coturn](https://github.com/coturn/coturn) TURN server by default, so that clients can make audio/video calls even from [NAT](https://en.wikipedia.org/wiki/Network_address_translation)-ed networks. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 9fc053b84..daa184b86 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -64,11 +64,11 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Adjusting SSL certificate retrieval](configuring-playbook-ssl-certificates.md) (optional, advanced) -- [Serving your base domain using this playbook's nginx server](configuring-playbook-base-domain-serving.md) (optional) +- [Serving the base domain](configuring-playbook-base-domain-serving.md) (optional) - [Configuring the Traefik reverse-proxy](configuring-playbook-traefik.md) (optional, advanced) -- [Using your own webserver, instead of this playbook's default reverse-proxy](configuring-playbook-own-webserver.md) (optional, advanced) +- [Using your own webserver, instead of this playbook's Traefik reverse-proxy](configuring-playbook-own-webserver.md) (optional, advanced) - [Adjusting TURN server configuration](configuring-playbook-turn.md) (optional, advanced) @@ -94,7 +94,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) (optional) -- [Setting up an ma1sd Identity Server](configuring-playbook-ma1sd.md) (optional) +- [Setting up ma1sd Identity Server](configuring-playbook-ma1sd.md) (optional) - [Setting up Synapse Admin](configuring-playbook-synapse-admin.md) (optional) @@ -104,9 +104,9 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up the Shared Secret Auth password provider module](configuring-playbook-shared-secret-auth.md) (optional, advanced) -- [Setting up the LDAP password provider module](configuring-playbook-ldap-auth.md) (optional, advanced) +- [Setting up the LDAP authentication password provider module](configuring-playbook-ldap-auth.md) (optional, advanced) -- [Setting up the ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) (optional, advanced) +- [Setting up matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) (optional, advanced) - [Setting up Synapse Simple Antispam](configuring-playbook-synapse-simple-antispam.md) (optional, advanced) @@ -208,7 +208,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Draupnir](configuring-playbook-bot-draupnir.md) - a moderation tool/bot, forked from Mjolnir and maintained by its former leader developer (optional) -- [Setting up Draupnir for all](configuring-playbook-appservice-draupnir-for-all.md) - like the [Draupnir bot](configuring-playbook-bot-draupnir.md) mentioned above, but running in appservice mode and supporting multiple instances (optional) +- [Setting up Draupnir for all/D4A](configuring-playbook-appservice-draupnir-for-all.md) - like the [Draupnir bot](configuring-playbook-bot-draupnir.md) mentioned above, but running in appservice mode and supporting multiple instances (optional) - [Setting up Buscarron](configuring-playbook-bot-buscarron.md) - a bot you can use to send any form (HTTP POST, HTML) to a (encrypted) Matrix room (optional) @@ -230,7 +230,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up the ntfy push notifications server](configuring-playbook-ntfy.md) (optional) -- [Setting up a Cactus Comments server](configuring-playbook-cactus-comments.md) - a federated comment system built on Matrix (optional) +- [Setting up Cactus Comments](configuring-playbook-cactus-comments.md) - a federated comment system built on Matrix (optional) - [Setting up the rageshake bug report server](configuring-playbook-rageshake.md) (optional) From 601406ddda79b1ea4dd50ffe38d65ddada5ee62b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 01:28:37 +0900 Subject: [PATCH 192/404] =?UTF-8?q?Fix=20capitalization:=20buscarron=20?= =?UTF-8?q?=E2=86=92=20Buscarron?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 2 +- docs/configuring-dns.md | 2 +- docs/configuring-playbook-bot-buscarron.md | 2 +- roles/custom/matrix-base/defaults/main.yml | 2 +- roles/custom/matrix-bot-buscarron/defaults/main.yml | 4 ++-- .../matrix-bot-buscarron/tasks/setup_install.yml | 12 ++++++------ .../matrix-bot-buscarron/tasks/setup_uninstall.yml | 2 +- 7 files changed, 13 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 97c9d5d6f..c5b31d217 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1757,7 +1757,7 @@ You could then restart services: `ansible-playbook -i inventory/hosts setup.yml # 2022-04-25 -## buscarron bot support +## Buscarron bot support Thanks to [Aine](https://gitlab.com/etke.cc) of [etke.cc](https://etke.cc/), the playbook can now set up [the Buscarron bot](https://github.com/etkecc/buscarron). It's a bot you can use to send any form (HTTP POST, HTML) to a (encrypted) Matrix room diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 605da4182..58482f5a6 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -79,7 +79,7 @@ The `schildichat.example.com` subdomain may be necessary, because this playbook The `wsproxy.example.com` subdomain may be necessary, because this playbook could install the [wsproxy](https://github.com/mautrix/wsproxy) web client. The installation of wsproxy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring wsproxy guide](configuring-playbook-bridge-mautrix-wsproxy.md). If you do not wish to set up wsproxy, feel free to skip the `wsproxy.example.com` DNS record. -The `buscarron.example.com` subdomain may be necessary, because this playbook could install the [buscarron](https://github.com/etkecc/buscarron) bot. The installation of buscarron is disabled by default, it is not a core required component. To learn how to install it, see our [configuring buscarron guide](configuring-playbook-bot-buscarron.md). If you do not wish to set up buscarron, feel free to skip the `buscarron.example.com` DNS record. +The `buscarron.example.com` subdomain may be necessary, because this playbook could install the [Buscarron](https://github.com/etkecc/buscarron) bot. The installation of Buscarron is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Buscarron guide](configuring-playbook-bot-buscarron.md). If you do not wish to set up Buscarron, feel free to skip the `buscarron.example.com` DNS record. The `rageshake.example.com` subdomain may be necessary, because this playbook could install the [rageshake](https://github.com/matrix-org/rageshake) bug report server. The installation of rageshake is disabled by default, it is not a core required component. To learn how to install it, see our [configuring rageshake guide](configuring-playbook-rageshake.md). If you do not wish to set up rageshake, feel free to skip the `rageshake.example.com` DNS record. diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index f38d25298..d918f79ee 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -1,6 +1,6 @@ # Setting up Buscarron (optional) -The playbook can install and configure [buscarron](https://github.com/etkecc/buscarron) for you. +The playbook can install and configure [Buscarron](https://github.com/etkecc/buscarron) for you. Buscarron is bot that receives HTTP POST submissions of web forms and forwards them to a Matrix room. diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 90fe71a53..a8a668925 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -80,7 +80,7 @@ matrix_server_fqn_cinny: "cinny.{{ matrix_domain }}" # This is where you access the SchildiChat web client from (if enabled via matrix_client_schildichat_enabled; disabled by default). matrix_server_fqn_schildichat: "schildichat.{{ matrix_domain }}" -# This is where you access the buscarron bot from (if enabled via matrix_bot_buscarron_enabled; disabled by default). +# This is where you access the Buscarron bot from (if enabled via matrix_bot_buscarron_enabled; disabled by default). matrix_server_fqn_buscarron: "buscarron.{{ matrix_domain }}" # This is where you access the Dimension. diff --git a/roles/custom/matrix-bot-buscarron/defaults/main.yml b/roles/custom/matrix-bot-buscarron/defaults/main.yml index 052f619e7..e8e2fa3e9 100644 --- a/roles/custom/matrix-bot-buscarron/defaults/main.yml +++ b/roles/custom/matrix-bot-buscarron/defaults/main.yml @@ -1,6 +1,6 @@ --- -# buscarron is a Web forms (HTTP POST) to Matrix service. +# Buscarron is a Web forms (HTTP POST) to Matrix service. # Project source code URL: https://github.com/etkecc/buscarron matrix_bot_buscarron_enabled: true @@ -186,7 +186,7 @@ matrix_bot_buscarron_smtp_from: '' # enforce SMTP validation matrix_bot_buscarron_smtp_validation: false -# Additional environment variables to pass to the buscarron container +# Additional environment variables to pass to the Buscarron container # # Example: # matrix_bot_buscarron_environment_variables_extension: | diff --git a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml index 7742ab726..a011a016b 100644 --- a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml @@ -26,7 +26,7 @@ - ansible.builtin.set_fact: matrix_bot_buscarron_requires_restart: true -- name: Ensure buscarron paths exist +- name: Ensure Buscarron paths exist ansible.builtin.file: path: "{{ item.path }}" state: directory @@ -40,7 +40,7 @@ - {path: "{{ matrix_bot_buscarron_docker_src_files_path }}", when: true} when: "item.when | bool" -- name: Ensure buscarron support files installed +- name: Ensure Buscarron support files installed ansible.builtin.template: src: "{{ role_path }}/templates/{{ item }}.j2" dest: "{{ matrix_bot_buscarron_config_path }}/{{ item }}" @@ -51,7 +51,7 @@ - env - labels -- name: Ensure buscarron image is pulled +- name: Ensure Buscarron image is pulled community.docker.docker_image: name: "{{ matrix_bot_buscarron_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" @@ -63,7 +63,7 @@ delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed -- name: Ensure buscarron repository is present on self-build +- name: Ensure Buscarron repository is present on self-build ansible.builtin.git: repo: "{{ matrix_bot_buscarron_docker_repo }}" version: "{{ matrix_bot_buscarron_docker_repo_version }}" @@ -74,7 +74,7 @@ register: matrix_bot_buscarron_git_pull_results when: "matrix_bot_buscarron_container_image_self_build | bool" -- name: Ensure buscarron image is built +- name: Ensure Buscarron image is built community.docker.docker_image: name: "{{ matrix_bot_buscarron_docker_image }}" source: build @@ -92,7 +92,7 @@ dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-buscarron.service" mode: 0644 -- name: Ensure buscarron container network is created +- name: Ensure Buscarron container network is created community.general.docker_network: enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}" name: "{{ matrix_bot_buscarron_container_network }}" diff --git a/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml index 26d920f48..7a47471ef 100644 --- a/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml @@ -19,7 +19,7 @@ path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-buscarron.service" state: absent - - name: Ensure Matrix buscarron paths don't exist + - name: Ensure Matrix Buscarron paths don't exist ansible.builtin.file: path: "{{ matrix_bot_buscarron_base_path }}" state: absent From b71c4a1a3ee4d23005e775296a2b4452976ee0fb Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 01:58:08 +0900 Subject: [PATCH 193/404] =?UTF-8?q?Consistent=20capitalization:=20honoroit?= =?UTF-8?q?=20=E2=86=92=20Honoroit?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- README.md | 2 +- docs/configuring-playbook.md | 2 +- docs/container-images.md | 2 +- roles/custom/matrix-bot-honoroit/defaults/main.yml | 10 +++++----- .../matrix-bot-honoroit/tasks/setup_install.yml | 12 ++++++------ .../matrix-bot-honoroit/tasks/setup_uninstall.yml | 2 +- .../matrix-bot-honoroit/tasks/validate_config.yml | 2 +- 7 files changed, 16 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 50a4cbaea..3038f3ec1 100644 --- a/README.md +++ b/README.md @@ -137,7 +137,7 @@ Bots provide various additional functionality to your installation. | [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) | x | Bot for scheduling one-off & recurring reminders and alarms | [Link](docs/configuring-playbook-bot-matrix-reminder-bot.md) | | [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) | x | Bot for invitations by creating and managing registration tokens | [Link](docs/configuring-playbook-bot-matrix-registration-bot.md) | | [maubot](https://github.com/maubot/maubot) | x | A plugin-based Matrix bot system | [Link](docs/configuring-playbook-bot-maubot.md) | -| [honoroit](https://github.com/etkecc/honoroit) | x | A helpdesk bot | [Link](docs/configuring-playbook-bot-honoroit.md) | +| [Honoroit](https://github.com/etkecc/honoroit) | x | A helpdesk bot | [Link](docs/configuring-playbook-bot-honoroit.md) | | [Postmoogle](https://github.com/etkecc/postmoogle) | x | Email to Matrix bot | [Link](docs/configuring-playbook-bot-postmoogle.md) | | [Go-NEB](https://github.com/matrix-org/go-neb) | x | A multi functional bot written in Go | [Link](docs/configuring-playbook-bot-go-neb.md) | | [Mjolnir](https://github.com/matrix-org/mjolnir) | x | A moderation tool for Matrix | [Link](docs/configuring-playbook-bot-mjolnir.md) | diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index daa184b86..20b8a1d6f 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -200,7 +200,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up maubot](configuring-playbook-bot-maubot.md) - a plugin-based Matrix bot system (optional) -- [Setting up honoroit](configuring-playbook-bot-honoroit.md) - a helpdesk bot (optional) +- [Setting up Honoroit](configuring-playbook-bot-honoroit.md) - a helpdesk bot (optional) - [Setting up Go-NEB](configuring-playbook-bot-go-neb.md) - an extensible multifunctional bot (optional) diff --git a/docs/container-images.md b/docs/container-images.md index 60ddcde1e..6c6f1d76d 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -100,7 +100,7 @@ These services are not part of our default installation, but can be enabled by [ - [dock.mau.dev/maubot/maubot](https://mau.dev/maubot/maubot/container_registry) - the [maubot](https://github.com/maubot/maubot) bot (a plugin-based Matrix bot system) (optional) -- [etke.cc/honoroit](https://github.com/etkecc/honoroit/container_registry) - the [honoroit](https://github.com/etkecc/honoroit) helpdesk bot (optional) +- [etke.cc/honoroit](https://github.com/etkecc/honoroit/container_registry) - the [Honoroit](https://github.com/etkecc/honoroit) helpdesk bot (optional) - [etke.cc/postmoogle](https://github.com/etkecc/postmoogle/container_registry) - the [Postmoogle](https://github.com/etkecc/postmoogle) email bridge bot (optional) diff --git a/roles/custom/matrix-bot-honoroit/defaults/main.yml b/roles/custom/matrix-bot-honoroit/defaults/main.yml index 5a1279bdc..4f35ad931 100644 --- a/roles/custom/matrix-bot-honoroit/defaults/main.yml +++ b/roles/custom/matrix-bot-honoroit/defaults/main.yml @@ -1,17 +1,17 @@ --- -# honoroit is a helpdesk bot +# Honoroit is a helpdesk bot # Project source code URL: https://github.com/etkecc/honoroit matrix_bot_honoroit_enabled: true -# The hostname at which honoroit is served. +# The hostname at which Honoroit is served. matrix_bot_honoroit_hostname: '' -# The path at which honoroit is exposed. +# The path at which Honoroit is exposed. # This value must either be `/` or not end with a slash (e.g. `/honoroit`). matrix_bot_honoroit_path_prefix: / -# The path at which honoroit will expose metrics +# The path at which Honoroit will expose metrics # This value must either be `/` or not end with a slash (e.g. `/metrics`). matrix_bot_honoroit_metrics_path: /metrics @@ -161,7 +161,7 @@ matrix_bot_honoroit_redmine_new_status_id: '' # new status ID (e.g. 1) matrix_bot_honoroit_redmine_in_progress_status_id: '' # in progress status ID (e.g. 2) matrix_bot_honoroit_redmine_done_status_id: '' # done status ID (e.g. 3) -# A list of whitelisted users allowed to use/invite honoroit +# A list of whitelisted users allowed to use/invite a Honoroit bot # If not defined, everyone is allowed. # Example set of rules: # matrix_bot_honoroit_allowedusers: diff --git a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml index 8dd647d1b..be96d021b 100644 --- a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml @@ -26,7 +26,7 @@ - ansible.builtin.set_fact: matrix_bot_honoroit_requires_restart: true -- name: Ensure honoroit paths exist +- name: Ensure Honoroit paths exist ansible.builtin.file: path: "{{ item.path }}" state: directory @@ -40,7 +40,7 @@ - {path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true} when: "item.when | bool" -- name: Ensure honoroit support files installed +- name: Ensure Honoroit support files installed ansible.builtin.template: src: "{{ role_path }}/templates/{{ item }}.j2" dest: "{{ matrix_bot_honoroit_config_path }}/{{ item }}" @@ -51,7 +51,7 @@ - env - labels -- name: Ensure honoroit image is pulled +- name: Ensure Honoroit image is pulled community.docker.docker_image: name: "{{ matrix_bot_honoroit_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" @@ -63,7 +63,7 @@ delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed -- name: Ensure honoroit repository is present on self-build +- name: Ensure Honoroit repository is present on self-build ansible.builtin.git: repo: "{{ matrix_bot_honoroit_docker_repo }}" version: "{{ matrix_bot_honoroit_docker_repo_version }}" @@ -74,7 +74,7 @@ register: matrix_bot_honoroit_git_pull_results when: "matrix_bot_honoroit_container_image_self_build | bool" -- name: Ensure honoroit image is built +- name: Ensure Honoroit image is built community.docker.docker_image: name: "{{ matrix_bot_honoroit_docker_image }}" source: build @@ -86,7 +86,7 @@ pull: true when: "matrix_bot_honoroit_container_image_self_build | bool" -- name: Ensure honoroit container network is created +- name: Ensure Honoroit container network is created community.general.docker_network: enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}" name: "{{ matrix_bot_honoroit_container_network }}" diff --git a/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml index 757345861..72df4f013 100644 --- a/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml @@ -19,7 +19,7 @@ path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-honoroit.service" state: absent - - name: Ensure Matrix honoroit paths don't exist + - name: Ensure Matrix Honoroit paths don't exist ansible.builtin.file: path: "{{ matrix_bot_honoroit_base_path }}" state: absent diff --git a/roles/custom/matrix-bot-honoroit/tasks/validate_config.yml b/roles/custom/matrix-bot-honoroit/tasks/validate_config.yml index d15411ab2..afd580c2a 100644 --- a/roles/custom/matrix-bot-honoroit/tasks/validate_config.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/validate_config.yml @@ -1,6 +1,6 @@ --- -- name: Fail if required honoroit settings not defined +- name: Fail if required Honoroit settings not defined ansible.builtin.fail: msg: >- You need to define a required configuration setting (`{{ item.name }}`). From e77b14a69920618733c008f563a08a87cf810727 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 11:11:48 +0900 Subject: [PATCH 194/404] =?UTF-8?q?Fix=20capitalization:=20cinny=20?= =?UTF-8?q?=E2=86=92=20Cinny?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-client-cinny.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-client-cinny.md b/docs/configuring-playbook-client-cinny.md index b6a70ae1b..e3c9d2f14 100644 --- a/docs/configuring-playbook-client-cinny.md +++ b/docs/configuring-playbook-client-cinny.md @@ -1,6 +1,6 @@ # Setting up Cinny (optional) -This playbook can install the [cinny](https://github.com/ajbura/cinny) Matrix web client for you. +This playbook can install the [Cinny](https://github.com/ajbura/cinny) Matrix web client for you. Cinny is a web client focusing primarily on simple, elegant and secure interface. It can be installed alongside or instead of Element. From 2d36bf17d57c4cb7636958c7aff30744f9771307 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 12:52:45 +0900 Subject: [PATCH 195/404] =?UTF-8?q?Fix=20capitalization:=20heisenbridge=20?= =?UTF-8?q?=E2=86=92=20Heisenbridge?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- .../matrix-bridge-heisenbridge/defaults/main.yml | 4 ++-- .../matrix-bridge-heisenbridge/tasks/setup_install.yml | 10 +++++----- .../tasks/validate_config.yml | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/custom/matrix-bridge-heisenbridge/defaults/main.yml b/roles/custom/matrix-bridge-heisenbridge/defaults/main.yml index 438799842..ee1cea6b4 100644 --- a/roles/custom/matrix-bridge-heisenbridge/defaults/main.yml +++ b/roles/custom/matrix-bridge-heisenbridge/defaults/main.yml @@ -1,5 +1,5 @@ --- -# heisenbridge is a bouncer-style Matrix IRC bridge +# Heisenbridge is a bouncer-style Matrix IRC bridge # Project source code URL: https://github.com/hifi/heisenbridge matrix_heisenbridge_enabled: true @@ -93,7 +93,7 @@ matrix_heisenbridge_registration_yaml_heisenbridge: displayname: "{{ matrix_heisenbridge_config_displayname }}" # Default registration file consumed by both the homeserver and Heisenbridge. -# Besides registration information, it contains configuration (see the heisenbridge key). +# Besides registration information, it contains configuration (see the Heisenbridge key). matrix_heisenbridge_registration_yaml: id: heisenbridge url: http://matrix-heisenbridge:9898 diff --git a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml index c854689da..9ea3500ff 100644 --- a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml @@ -1,6 +1,6 @@ --- -- name: Ensure heisenbridge image is pulled +- name: Ensure Heisenbridge image is pulled community.docker.docker_image: name: "{{ matrix_heisenbridge_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" @@ -11,7 +11,7 @@ delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed -- name: Ensure heisenbridge paths exist +- name: Ensure Heisenbridge paths exist ansible.builtin.file: path: "{{ item }}" state: directory @@ -21,7 +21,7 @@ with_items: - "{{ matrix_heisenbridge_base_path }}" -- name: Ensure heisenbridge registration.yaml installed if provided +- name: Ensure Heisenbridge registration.yaml installed if provided ansible.builtin.copy: content: "{{ matrix_heisenbridge_registration | to_nice_yaml(indent=2, width=999999) }}" dest: "{{ matrix_heisenbridge_base_path }}/registration.yaml" @@ -29,7 +29,7 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" -- name: Ensure heisenbridge support files installed +- name: Ensure Heisenbridge support files installed ansible.builtin.template: src: "{{ role_path }}/templates/{{ item }}.j2" dest: "{{ matrix_heisenbridge_base_path }}/{{ item }}" @@ -39,7 +39,7 @@ with_items: - labels -- name: Ensure heisenbridge container network is created +- name: Ensure Heisenbridge container network is created community.general.docker_network: enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}" name: "{{ matrix_heisenbridge_container_network }}" diff --git a/roles/custom/matrix-bridge-heisenbridge/tasks/validate_config.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/validate_config.yml index 6f9516e3d..604df5a56 100644 --- a/roles/custom/matrix-bridge-heisenbridge/tasks/validate_config.yml +++ b/roles/custom/matrix-bridge-heisenbridge/tasks/validate_config.yml @@ -1,6 +1,6 @@ --- -- name: Fail if required heisenbridge settings not defined +- name: Fail if required Heisenbridge settings not defined ansible.builtin.fail: msg: >- You need to define a required configuration setting (`{{ item.name }}`). From 2e343b44eaefc7f54dd143e457a76ae37693dbe5 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 28 Oct 2024 03:59:44 +0900 Subject: [PATCH 196/404] =?UTF-8?q?Fix=20capitalization:=20Container=20Ima?= =?UTF-8?q?ges=20=E2=86=92=20Container=20images?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docs/container-images.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/container-images.md b/docs/container-images.md index 6c6f1d76d..062e73fe1 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -1,4 +1,4 @@ -# Container Images used by the playbook +# Container images used by the playbook This page summarizes the container ([Docker](https://www.docker.com/)) images used by the playbook when setting up your server. From 85ccd143ac567e25c8e2a5991fb0a7b80612b4ad Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 02:34:26 +0900 Subject: [PATCH 197/404] Update documentation regarding mx-puppet-slack The transition to the Beeper fork (https://gitlab.com/beeper/mx-puppet-monorepo) has been reverted with 894669eca2092351e6105ef7beba981d96419b5e on May 15, 2022, after https://github.com/Sorunome/mx-puppet-slack was archived on Apr 19, 2022 and migrated to https://gitlab.com/mx-puppet/slack/mx-puppet-slack. Signed-off-by: Suguru Hirahara --- README.md | 2 +- docs/configuring-playbook-bridge-mx-puppet-slack.md | 6 +++--- docs/container-images.md | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 3038f3ec1..50f85aadb 100644 --- a/README.md +++ b/README.md @@ -118,7 +118,7 @@ Bridges can be used to connect your Matrix installation with third-party communi | [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) | x | Bridge to SMS | [Link](docs/configuring-playbook-bridge-matrix-bridge-sms.md) | | [Heisenbridge](https://github.com/hifi/heisenbridge) | x | Bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-heisenbridge.md) | | [go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) | x | Bridge to [Skype](https://www.skype.com) | [Link](docs/configuring-playbook-bridge-go-skype-bridge.md) | -| [mx-puppet-slack](https://hub.docker.com/r/sorunome/mx-puppet-slack) | x | Bridge to [Slack](https://slack.com) | [Link](docs/configuring-playbook-bridge-mx-puppet-slack.md) | +| [mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) | x | Bridge to [Slack](https://slack.com) | [Link](docs/configuring-playbook-bridge-mx-puppet-slack.md) | | [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) | x | Bridge for Instagram-DMs ([Instagram](https://www.instagram.com/)) | [Link](docs/configuring-playbook-bridge-mx-puppet-instagram.md) | | [mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) | x | Bridge for Twitter-DMs ([Twitter](https://twitter.com/)) | [Link](docs/configuring-playbook-bridge-mx-puppet-twitter.md) | | [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) | x | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-discord.md) | diff --git a/docs/configuring-playbook-bridge-mx-puppet-slack.md b/docs/configuring-playbook-bridge-mx-puppet-slack.md index bb187ae63..a04fc2feb 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-slack.md +++ b/docs/configuring-playbook-bridge-mx-puppet-slack.md @@ -3,13 +3,13 @@ **Note**: bridging to [Slack](https://slack.com) can also happen via the [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) and [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) bridges supported by the playbook. -The playbook can install and configure [Beeper](https://www.beeper.com/)-maintained fork of [mx-puppet-slack](https://gitlab.com/beeper/mx-puppet-monorepo) for you. +The playbook can install and configure [mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) for you. See the project page to learn what it does and why it might be useful to you. ## Prerequisite -Follow the [OAuth credentials](https://github.com/Sorunome/mx-puppet-slack#option-2-oauth) instructions to create a new Slack app, setting the redirect URL to `https://matrix.example.com/slack/oauth`. +Follow the [OAuth credentials](https://gitlab.com/mx-puppet/slack/mx-puppet-slack#option-2-oauth) instructions to create a new Slack app, setting the redirect URL to `https://matrix.example.com/slack/oauth`. ## Adjusting the playbook configuration @@ -34,7 +34,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start Once the bot is enabled you need to start a chat with `Slack Puppet Bridge` with the handle `@_slackpuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). -Three authentication methods are available, Legacy Token, OAuth and xoxc token. See mx-puppet-slack [documentation](https://github.com/Sorunome/mx-puppet-slack) for more information about how to configure the bridge. +Three authentication methods are available, Legacy Token, OAuth and xoxc token. See mx-puppet-slack [documentation](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) for more information about how to configure the bridge. Once logged in, send `list` to the bot user to list the available rooms. diff --git a/docs/container-images.md b/docs/container-images.md index 062e73fe1..3d05dd4dd 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -72,7 +72,7 @@ These services are not part of our default installation, but can be enabled by [ - [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) - the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) (optional) -- [sorunome/mx-puppet-slack](https://hub.docker.com/r/sorunome/mx-puppet-slack) - the [mx-puppet-slack](https://github.com/Sorunome/mx-puppet-slack) bridge to [Slack](https://slack.com) (optional) +- [mx-puppet/slack/mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack/container_registry) - the [mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) bridge to [Slack](https://slack.com) (optional) - [sorunome/mx-puppet-instagram](https://hub.docker.com/r/sorunome/mx-puppet-instagram) - the [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) bridge to [Instagram](https://www.instagram.com) (optional) From afb538610d693304df1098d8d2e444b4d9767347 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 02:46:18 +0900 Subject: [PATCH 198/404] Update documentation regarding mx-puppet-discord The transition to the Beeper fork (https://gitlab.com/beeper/mx-puppet-monorepo) has been reverted with 3f45805fd2b3b05cd1f3893767d9f25b0760ad3a on May 7, 2022 after https://github.com/matrix-discord/mx-puppet-discord was archived on Apr 17, 2022 and migrated to https://gitlab.com/mx-puppet/discord/mx-puppet-discord. Signed-off-by: Suguru Hirahara --- README.md | 2 +- docs/configuring-playbook-bridge-mx-puppet-discord.md | 6 ++---- docs/container-images.md | 4 ++-- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 50f85aadb..50259cfe1 100644 --- a/README.md +++ b/README.md @@ -121,7 +121,7 @@ Bridges can be used to connect your Matrix installation with third-party communi | [mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) | x | Bridge to [Slack](https://slack.com) | [Link](docs/configuring-playbook-bridge-mx-puppet-slack.md) | | [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) | x | Bridge for Instagram-DMs ([Instagram](https://www.instagram.com/)) | [Link](docs/configuring-playbook-bridge-mx-puppet-instagram.md) | | [mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) | x | Bridge for Twitter-DMs ([Twitter](https://twitter.com/)) | [Link](docs/configuring-playbook-bridge-mx-puppet-twitter.md) | -| [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) | x | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-discord.md) | +| [mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord) | x | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-discord.md) | | [mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) | x | Bridge to [GroupMe](https://groupme.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-groupme.md) | | [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) | x | Bridge to [Steam](https://steamapp.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-steam.md) | | [Email2Matrix](https://github.com/devture/email2matrix) | x | Bridge for relaying emails to Matrix rooms | [Link](docs/configuring-playbook-email2matrix.md) | diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index a1396f185..c4958d4c4 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -4,12 +4,10 @@ - For using as a Bot we recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. - For personal use with a discord account we recommend the [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridge, because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. -The playbook can install and configure [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) for you. +The playbook can install and configure [mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord) for you. See the project page to learn what it does and why it might be useful to you. -**Note**: we actually use the [Beeper](https://www.beeper.com/)-maintained [fork of mx-puppet-discord](https://gitlab.com/beeper/mx-puppet-monorepo), because `matrix-discord/mx-puppet-discord` is a low-quality and poorly maintained project. - ## Adjusting the playbook configuration To enable the [Discord](https://discordapp.com/) bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: @@ -26,7 +24,7 @@ After configuring the playbook, run the [installation](installing.md) command: ` Once the bot is enabled you need to start a chat with `Discord Puppet Bridge` with the handle `@_discordpuppet_bot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). -Three authentication methods are available, Legacy Token, OAuth and xoxc token. See mx-puppet-discord [documentation](https://github.com/matrix-discord/mx-puppet-discord) for more information about how to configure the bridge. +Three authentication methods are available, Legacy Token, OAuth and xoxc token. See mx-puppet-discord [documentation](https://gitlab.com/mx-puppet/discord/mx-puppet-discord) for more information about how to configure the bridge. Once logged in, send `list` to the bot user to list the available rooms. diff --git a/docs/container-images.md b/docs/container-images.md index 3d05dd4dd..16896d570 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -72,14 +72,14 @@ These services are not part of our default installation, but can be enabled by [ - [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) - the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) (optional) +- [mx-puppet/discord/mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord/container_registry) - the [mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord) bridge to [Discord](https://discordapp.com) (optional) + - [mx-puppet/slack/mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack/container_registry) - the [mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) bridge to [Slack](https://slack.com) (optional) - [sorunome/mx-puppet-instagram](https://hub.docker.com/r/sorunome/mx-puppet-instagram) - the [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) bridge to [Instagram](https://www.instagram.com) (optional) - [sorunome/mx-puppet-twitter](https://hub.docker.com/r/sorunome/mx-puppet-twitter) - the [mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) bridge to [Twitter](https://twitter.com) (optional) -- [sorunome/mx-puppet-discord](https://hub.docker.com/r/sorunome/mx-puppet-discord) - the [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) bridge to [Discord](https://discordapp.com) (optional) - - [xangelix/mx-puppet-groupme](https://hub.docker.com/r/xangelix/mx-puppet-groupme) - the [mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) bridge to [GroupMe](https://groupme.com/) (optional) - [icewind1991/mx-puppet-steam](https://hub.docker.com/r/icewind1991/mx-puppet-steam) - the [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) bridge to [Steam](https://steampowered.com) (optional) From 560ebd0ae6d4fbde7be59b6f374559be0f864787 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 28 Oct 2024 08:55:51 +0200 Subject: [PATCH 199/404] Make /tmp for maubot writable --- .../templates/systemd/matrix-bot-maubot.service.j2 | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 4b9f782f7..c54dbd084 100644 --- a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -16,6 +16,10 @@ Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-bot-maubot 2>/dev/null || true' ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' +{# + We mount a tmpfs at /tmp, because some maubot plugins may wish to write to it. + It makes sense to provide at least some sort of temporary storage. +#} ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \ --rm \ --name=matrix-bot-maubot \ @@ -25,6 +29,7 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \ --cap-drop=ALL \ --mount type=bind,src={{ matrix_bot_maubot_config_path }},dst=/config,ro \ --mount type=bind,src={{ matrix_bot_maubot_data_path }},dst=/data \ + --tmpfs=/tmp:rw,noexec,nosuid,size=1024m \ --label-file={{ matrix_bot_maubot_base_path }}/labels \ {% for arg in matrix_bot_maubot_container_extra_arguments %} {{ arg }} \ From 0cd74040741e5405b465063b7c1d082d07fd6640 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 26 Oct 2024 21:42:59 +0900 Subject: [PATCH 200/404] Update docs/configuring-playbook-bot-go-neb.md: add deprecation notice Go-NEB has been discontinued since Jun 29, 2023. See: https://github.com/matrix-org/go-neb/commit/3ba3d4600f42d913824ae36cf98d113d6a0d1099 Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-go-neb.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 767998450..668636580 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -1,5 +1,7 @@ # Setting up Go-NEB (optional) +**Note**: [Go-NEB](https://github.com/matrix-org/go-neb) is now an archived (**unmaintained**) project. We recommend not bothering with installing it. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md). Consider using that bridge instead of this one. + The playbook can install and configure [Go-NEB](https://github.com/matrix-org/go-neb) for you. Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python. From 9bd1e3e79104422a6db4d101cf0eee7feb16cb08 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 26 Oct 2024 21:34:25 +0900 Subject: [PATCH 201/404] Update deprecation notices on documentation Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-chatgpt.md | 5 ++--- docs/configuring-playbook-bridge-appservice-webhooks.md | 6 ++---- docs/configuring-playbook-bridge-mautrix-facebook.md | 2 +- docs/configuring-playbook-bridge-mautrix-hangouts.md | 4 ++-- docs/configuring-playbook-bridge-mautrix-instagram.md | 2 +- 5 files changed, 8 insertions(+), 11 deletions(-) diff --git a/docs/configuring-playbook-bot-chatgpt.md b/docs/configuring-playbook-bot-chatgpt.md index 4482f7b47..2397a5188 100644 --- a/docs/configuring-playbook-bot-chatgpt.md +++ b/docs/configuring-playbook-bot-chatgpt.md @@ -1,12 +1,11 @@ # Setting up matrix-bot-chatgpt (optional) +**Note**: [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) is now an archived (**unmaintained**) project. Talking to ChatGPT (and many other LLM providers) can happen via the much more featureful [baibot](https://github.com/etkecc/baibot), which can be installed using [this playbook](configuring-playbook-bot-baibot.md). Consider using that bridge instead of this one. + The playbook can install and configure [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) for you. Talk to [ChatGPT](https://openai.com/blog/chatgpt/) via your favourite Matrix client! -**Note**: [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) is now an archived (**unmaintained**) project. Talking to ChatGPT (and many other LLM providers) can happen via the much more featureful [baibot](./configuring-playbook-bot-baibot.md) bot supported by the playbook. - - ## 1. Register the bot account The playbook does not automatically create users for you. The bot requires an access token to be able to connect to your homeserver. diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md index 562b08cdf..6fb3485af 100644 --- a/docs/configuring-playbook-bridge-appservice-webhooks.md +++ b/docs/configuring-playbook-bridge-appservice-webhooks.md @@ -1,10 +1,8 @@ # Setting up Appservice Webhooks bridging (optional) -The playbook can install and configure [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) for you. +**Note**: This bridge has been deprecated. We recommend not bothering with installing it. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md). Consider using that bridge instead of this one. -**Note**: This bridge is no longer maintained. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md). - -This bridge provides support for Slack-compatible webhooks. +The playbook can install and configure [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) for you. This bridge provides support for Slack-compatible webhooks. Setup Instructions: diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index c0337837c..fdb20c343 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -1,6 +1,6 @@ # Setting up Mautrix Facebook bridging (optional) -**Note**: bridging to Facebook [Messenger](https://messenger.com) via this bridge is being [superseded by a new bridge - mautrix-meta](https://github.com/mautrix/facebook/issues/332). For now, the mautrix-facebook bridge continues to work, but the new [mautrix-meta-messenger bridge](./configuring-playbook-bridge-mautrix-meta-messenger.md) is better and more supported. Consider using that bridge instead of this one. +**Note**: This bridge has been deprecated in favor of the [mautrix-meta](https://github.com/mautrix/meta) Messenger/Instagram bridge, which can be installed using [this playbook](configuring-playbook-bridge-mautrix-meta-messenger.md). Consider using that bridge instead of this one. The playbook can install and configure [mautrix-facebook](https://github.com/mautrix/facebook) for you. diff --git a/docs/configuring-playbook-bridge-mautrix-hangouts.md b/docs/configuring-playbook-bridge-mautrix-hangouts.md index 072f8ee0e..43aeeaa4c 100644 --- a/docs/configuring-playbook-bridge-mautrix-hangouts.md +++ b/docs/configuring-playbook-bridge-mautrix-hangouts.md @@ -1,7 +1,7 @@ -# The [Mautrix Hangouts Bridge](https://mau.dev/mautrix/hangouts) is no longer maintained. It has changed to a [Google Chat Bridge](https://github.com/mautrix/googlechat). Setup instructions for the Google Chat Bridge can be [found here](configuring-playbook-bridge-mautrix-googlechat.md). - # Setting up Mautrix Hangouts bridging (optional) +**Note**: This bridge has been deprecated in favor of [Google Chat bridge](https://github.com/mautrix/googlechat), which can be installed using [this playbook](configuring-playbook-bridge-mautrix-googlechat.md). Consider using that bridge instead of this one. + The playbook can install and configure [mautrix-hangouts](https://github.com/mautrix/hangouts) for you. See the project's [documentation](https://docs.mau.fi/bridges/python/hangouts/index.html) to learn what it does and why it might be useful to you. diff --git a/docs/configuring-playbook-bridge-mautrix-instagram.md b/docs/configuring-playbook-bridge-mautrix-instagram.md index a32322457..c829fd085 100644 --- a/docs/configuring-playbook-bridge-mautrix-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-instagram.md @@ -1,6 +1,6 @@ # Setting up Mautrix Instagram bridging (optional) -**Note**: bridging to Facebook [Instagram](https://instagram.com) via this bridge is being [superseded by a new bridge - mautrix-meta](https://github.com/mautrix/facebook/issues/332). For now, the mautrix-instagram bridge continues to work, but the new [mautrix-meta-instagram bridge](./configuring-playbook-bridge-mautrix-meta-instagram.md) is better and more supported. Consider using that bridge instead of this one. +**Note**: This bridge has been deprecated in favor of the [mautrix-meta](https://github.com/mautrix/meta) Messenger/Instagram bridge, which can be installed using [this playbook](configuring-playbook-bridge-mautrix-meta-instagram.md). Consider using that bridge instead of this one. The playbook can install and configure [mautrix-instagram](https://github.com/mautrix/instagram) for you. From 379a8677ba58a51dc567282d7ce4f1fc545ef913 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 28 Oct 2024 00:58:10 +0900 Subject: [PATCH 202/404] Fix anchor links to matrix-hookshot The namaspace has been replaced with 58771a9c65bb59bdf0d29301d59d05c1a50fea02 on Mar 3, 2022. Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 2 +- README.md | 2 +- docs/configuring-playbook-bridge-appservice-webhooks.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c5b31d217..fd41f333b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1844,7 +1844,7 @@ To enable this module (and prevent encryption from being used on your homserver) ## matrix-hookshot bridging support -Thanks to [HarHarLinks](https://github.com/HarHarLinks), the playbook can now install the [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) bridge for bridging Matrix to multiple project management services, such as GitHub, GitLab and JIRA. +Thanks to [HarHarLinks](https://github.com/HarHarLinks), the playbook can now install the [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) bridge for bridging Matrix to multiple project management services, such as GitHub, GitLab and JIRA. See our [Setting up matrix-hookshot](docs/configuring-playbook-bridge-hookshot.md) documentation to get started. diff --git a/README.md b/README.md index 50259cfe1..8f2f1bcd1 100644 --- a/README.md +++ b/README.md @@ -114,7 +114,7 @@ Bridges can be used to connect your Matrix installation with third-party communi | [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) | x | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-appservice-discord.md) | | [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) | x | Bridge to [Slack](https://slack.com/) | [Link](docs/configuring-playbook-bridge-appservice-slack.md) | | [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) | x | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) | [Link](docs/configuring-playbook-bridge-appservice-webhooks.md) | -| [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) | x | Bridge for generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular | [Link](docs/configuring-playbook-bridge-hookshot.md) | +| [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) | x | Bridge for generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular | [Link](docs/configuring-playbook-bridge-hookshot.md) | | [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) | x | Bridge to SMS | [Link](docs/configuring-playbook-bridge-matrix-bridge-sms.md) | | [Heisenbridge](https://github.com/hifi/heisenbridge) | x | Bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-heisenbridge.md) | | [go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) | x | Bridge to [Skype](https://www.skype.com) | [Link](docs/configuring-playbook-bridge-go-skype-bridge.md) | diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md index 6fb3485af..d55ef16fa 100644 --- a/docs/configuring-playbook-bridge-appservice-webhooks.md +++ b/docs/configuring-playbook-bridge-appservice-webhooks.md @@ -1,6 +1,6 @@ # Setting up Appservice Webhooks bridging (optional) -**Note**: This bridge has been deprecated. We recommend not bothering with installing it. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md). Consider using that bridge instead of this one. +**Note**: This bridge has been deprecated. We recommend not bothering with installing it. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md). Consider using that bridge instead of this one. The playbook can install and configure [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) for you. This bridge provides support for Slack-compatible webhooks. From 17ccd95734d959d99898c23c95e88078b17ef856 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 28 Oct 2024 16:33:35 +0900 Subject: [PATCH 203/404] Update docs/configuring-playbook-bot-chatgpt.md Co-authored-by: Slavi Pantaleev --- docs/configuring-playbook-bot-chatgpt.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-chatgpt.md b/docs/configuring-playbook-bot-chatgpt.md index 2397a5188..d866d7577 100644 --- a/docs/configuring-playbook-bot-chatgpt.md +++ b/docs/configuring-playbook-bot-chatgpt.md @@ -1,6 +1,6 @@ # Setting up matrix-bot-chatgpt (optional) -**Note**: [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) is now an archived (**unmaintained**) project. Talking to ChatGPT (and many other LLM providers) can happen via the much more featureful [baibot](https://github.com/etkecc/baibot), which can be installed using [this playbook](configuring-playbook-bot-baibot.md). Consider using that bridge instead of this one. +**Note**: [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) is now an archived (**unmaintained**) project. Talking to ChatGPT (and many other LLM providers) can happen via the much more featureful [baibot](https://github.com/etkecc/baibot), which can be installed using [this playbook](configuring-playbook-bot-baibot.md). Consider using that bot instead of this one. The playbook can install and configure [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) for you. From 9cfb8c8c671cc36de3d0788b3701a8efa159f3a0 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 28 Oct 2024 16:34:20 +0900 Subject: [PATCH 204/404] Update docs/configuring-playbook-bot-go-neb.md Co-authored-by: Slavi Pantaleev --- docs/configuring-playbook-bot-go-neb.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 668636580..268ee596a 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -1,6 +1,6 @@ # Setting up Go-NEB (optional) -**Note**: [Go-NEB](https://github.com/matrix-org/go-neb) is now an archived (**unmaintained**) project. We recommend not bothering with installing it. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md). Consider using that bridge instead of this one. +**Note**: [Go-NEB](https://github.com/matrix-org/go-neb) is now an archived (**unmaintained**) project. We recommend not bothering with installing it. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md). Consider using that bot instead of this one. The playbook can install and configure [Go-NEB](https://github.com/matrix-org/go-neb) for you. From 6e4ad586e4f92b7b2c3715148c46418eba8deabc Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 28 Oct 2024 15:55:32 +0900 Subject: [PATCH 205/404] Replace existing links to matrix-org/synapse which should be replaced Note that links to the issues and PRs on the original repository (matrix-org/synapse) should not be replaced with ones on the forked one (element-hq/synapse) as those are not available on the latter, where the issues and PRs with the same number as matrix-org/synapse are "reserved" to avoid conflicts between those repositories. For reasoning of such complexity (including the reason why trasferring the original repository to element-hq/synapse was avoided), see: https://github.com/element-hq/synapse/issues/6#issuecomment-1861116896 Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-synapse.md | 2 +- docs/maintenance-and-troubleshooting.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-synapse.md b/docs/configuring-playbook-synapse.md index 1a214eaec..949620d62 100644 --- a/docs/configuring-playbook-synapse.md +++ b/docs/configuring-playbook-synapse.md @@ -78,7 +78,7 @@ When Synapse workers are enabled, the integrated [Postgres database is tuned](ma A separate Ansible role (`matrix-synapse-reverse-proxy-companion`) and component handles load-balancing for workers. This role/component is automatically enabled when you enable workers. Make sure to use the `setup-all` tag (not `install-all`!) during the playbook's [installation](./installing.md) process, especially if you're disabling workers, so that components may be installed/uninstalled correctly. -In case any problems occur, make sure to have a look at the [list of synapse issues about workers](https://github.com/matrix-org/synapse/issues?q=workers+in%3Atitle) and your `journalctl --unit 'matrix-*'`. +In case any problems occur, make sure to have a look at the [list of synapse issues about workers](https://github.com/element-hq/synapse/issues?q=workers+in%3Atitle) and your `journalctl --unit 'matrix-*'`. ## Synapse Admin diff --git a/docs/maintenance-and-troubleshooting.md b/docs/maintenance-and-troubleshooting.md index b6262a63a..e16b75977 100644 --- a/docs/maintenance-and-troubleshooting.md +++ b/docs/maintenance-and-troubleshooting.md @@ -26,7 +26,7 @@ sudo journalctl -fu matrix-synapse Because the [Synapse](https://github.com/element-hq/synapse) Matrix server is originally very chatty when it comes to logging, we intentionally reduce its [logging level](https://docs.python.org/3/library/logging.html#logging-levels) from `INFO` to `WARNING`. -If you'd like to debug an issue or [report a Synapse bug](https://github.com/matrix-org/synapse/issues/new/choose) to the developers, it'd be better if you temporarily increasing the logging level to `INFO`. +If you'd like to debug an issue or [report a Synapse bug](https://github.com/element-hq/synapse/issues/new/choose) to the developers, it'd be better if you temporarily increasing the logging level to `INFO`. Example configuration (`inventory/host_vars/matrix.example.com/vars.yml`): From ae864830e0bd542cbca5c1d78fce659d7cafc27d Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 03:32:40 +0900 Subject: [PATCH 206/404] Update the URL to matrix-appservice-discord The URL seems to have been changed at least since several years though the exact date is unknown to me, considering the latest tagged docker image on https://hub.docker.com/r/halfshot/matrix-appservice-discord/tags (https://hub.docker.com/layers/halfshot/matrix-appservice-discord/develop/images/sha256-a1015907545603448d2d8e2ea0d31f0fdb6c7676009e2cb38e324440a9284317) is dated Feb 15, 2021. Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 2 +- README.md | 2 +- docs/configuring-playbook-bridge-appservice-discord.md | 8 ++++---- docs/container-images.md | 2 +- .../matrix-bridge-appservice-discord/defaults/main.yml | 2 +- .../templates/config.yaml.j2 | 2 +- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fd41f333b..38b5d579b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3214,7 +3214,7 @@ To learn more, see the [Customizing email templates](docs/configuring-playbook-m ## Discord bridging support -[@Lionstiger](https://github.com/Lionstiger) has done some great work adding Discord bridging support via [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord). +[@Lionstiger](https://github.com/Lionstiger) has done some great work adding Discord bridging support via [matrix-appservice-discord](https://github.com/matrix-org/matrix-appservice-discord). To learn more, see the [Setting up Appservice Discord bridging](docs/configuring-playbook-bridge-appservice-discord.md) documentation page. diff --git a/README.md b/README.md index 8f2f1bcd1..a648a9634 100644 --- a/README.md +++ b/README.md @@ -111,7 +111,7 @@ Bridges can be used to connect your Matrix installation with third-party communi | [mautrix-signal](https://github.com/mautrix/signal) | x | Bridge to [Signal](https://www.signal.org/) | [Link](docs/configuring-playbook-bridge-mautrix-signal.md) | | [beeper-linkedin](https://github.com/beeper/linkedin) | x | Bridge to [LinkedIn](https://www.linkedin.com/) | [Link](docs/configuring-playbook-bridge-beeper-linkedin.md) | | [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) | x | Bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-appservice-irc.md) | -| [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) | x | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-appservice-discord.md) | +| [matrix-appservice-discord](https://github.com/matrix-org/matrix-appservice-discord) | x | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-appservice-discord.md) | | [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) | x | Bridge to [Slack](https://slack.com/) | [Link](docs/configuring-playbook-bridge-appservice-slack.md) | | [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) | x | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) | [Link](docs/configuring-playbook-bridge-appservice-webhooks.md) | | [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) | x | Bridge for generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular | [Link](docs/configuring-playbook-bridge-hookshot.md) | diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index c7afe27a1..173cf2252 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -4,14 +4,14 @@ - For using as a Bot we are recommend the Appservice Discord bridge (the one being discussed here), because it supports plumbing. - For personal use we recommend the [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridge, because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. -The playbook can install and configure [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) for you. +The playbook can install and configure [matrix-appservice-discord](https://github.com/matrix-org/matrix-appservice-discord) for you. -See the project's [documentation](https://github.com/Half-Shot/matrix-appservice-discord/blob/master/README.md) to learn what it does and why it might be useful to you. +See the project's [documentation](https://github.com/matrix-org/matrix-appservice-discord/blob/master/README.md) to learn what it does and why it might be useful to you. ## Setup Instructions -Instructions loosely based on [this](https://github.com/Half-Shot/matrix-appservice-discord#setting-up). +Instructions loosely based on [this](https://github.com/matrix-org/matrix-appservice-discord#setting-up). 1. Create a Discord Application [here](https://discordapp.com/developers/applications). 2. Retrieve Client ID. @@ -80,7 +80,7 @@ By default, you won't have Administrator access in rooms created by the bridge. To adjust room access privileges or do various other things (change the room name subsequently, etc.), you'd wish to become an Administrator. -There's the Discord bridge's guide for [setting privileges on bridge managed rooms](https://github.com/Half-Shot/matrix-appservice-discord/blob/master/docs/howto.md#set-privileges-on-bridge-managed-rooms). To do the same with our container setup, run the following command on the server: +There's the Discord bridge's guide for [setting privileges on bridge managed rooms](https://github.com/matrix-org/matrix-appservice-discord/blob/master/docs/howto.md#set-privileges-on-bridge-managed-rooms). To do the same with our container setup, run the following command on the server: ```sh docker exec -it matrix-appservice-discord \ diff --git a/docs/container-images.md b/docs/container-images.md index 16896d570..56c30380f 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -64,7 +64,7 @@ These services are not part of our default installation, but can be enabled by [ - [matrixdotorg/matrix-appservice-irc](https://hub.docker.com/r/matrixdotorg/matrix-appservice-irc) - the [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) (optional) -- [halfshot/matrix-appservice-discord](https://hub.docker.com/r/halfshot/matrix-appservice-discord) - the [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) bridge to [Discord](https://discordapp.com/) (optional) +- [matrix-org/matrix-appservice-discord](https://ghcr.io/matrix-org/matrix-appservice-discord) - the [matrix-appservice-discord](https://github.com/matrix-org/matrix-appservice-discord) bridge to [Discord](https://discordapp.com/) (optional) - [cadair/matrix-appservice-slack](https://hub.docker.com/r/cadair/matrix-appservice-slack) - the [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) bridge to [Slack](https://slack.com/) (optional) diff --git a/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml b/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml index 1ca26ee01..64b2d7db8 100644 --- a/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml @@ -1,6 +1,6 @@ --- # matrix-appservice-discord is a Matrix <-> Discord bridge -# Project source code URL: https://github.com/Half-Shot/matrix-appservice-discord +# Project source code URL: https://github.com/matrix-org/matrix-appservice-discord matrix_appservice_discord_enabled: false matrix_appservice_discord_container_image_self_build: false diff --git a/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 index 2309be443..64f2923cc 100644 --- a/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 @@ -64,7 +64,7 @@ database: # You may either use SQLite or Postgresql for the bridge database, which contains # important mappings for events and user puppeting configurations. # Use the filename option for SQLite, or connString for Postgresql. - # If you are migrating, see https://github.com/Half-Shot/matrix-appservice-discord/blob/master/docs/howto.md#migrate-to-postgres-from-sqlite + # If you are migrating, see https://github.com/matrix-org/matrix-appservice-discord/blob/master/docs/howto.md#migrate-to-postgres-from-sqlite # WARNING: You will almost certainly be fine with sqlite unless your bridge # is in heavy demand and you suffer from IO slowness. {% if matrix_appservice_discord_database_engine == 'sqlite' %} From 4bf0414555d4fb78b159ebec82b6101ba25b1039 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 26 Oct 2024 22:58:58 +0900 Subject: [PATCH 207/404] Update docs/configuring-playbook.md: create "Deprecated / unmaintained / removed services" section Create a dedicated section for deprecated, unmaintained, or removed services such as: - Appservice Webhooks - Dimension - Go-NEB - matrix-bot-chatgpt - Mautrix Facebook - Mautrix Hangouts - Mautrix Instagram - MX Puppet Skype Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 20b8a1d6f..5840bc566 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -33,8 +33,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Additional useful services -- [Setting up the Dimension integration manager](configuring-playbook-dimension.md) (optional; [unmaintained](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2806#issuecomment-1673559299); after [installing](installing.md)) - - [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) (optional) - [Setting up Etherpad](configuring-playbook-etherpad.md) (optional) @@ -133,14 +131,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Messenger bridging via Mautrix Meta](configuring-playbook-bridge-mautrix-meta-messenger.md) (optional) -- ~~[Setting up Mautrix Facebook bridging](configuring-playbook-bridge-mautrix-facebook.md)~~ - consider bridging to Facebook/Messenger using the new [mautrix-meta-messenger](./configuring-playbook-bridge-mautrix-meta-messenger.md) bridge (optional) - -- [Setting up Mautrix Hangouts bridging](configuring-playbook-bridge-mautrix-hangouts.md) (optional) - - [Setting up Mautrix Google Chat bridging](configuring-playbook-bridge-mautrix-googlechat.md) (optional) -- ~~[Setting up Mautrix Instagram bridging](configuring-playbook-bridge-mautrix-instagram.md)~~ - consider bridging to Instagram using the new [mautrix-meta-instagram](./configuring-playbook-bridge-mautrix-meta-instagram.md) bridge (optional) - - [Setting up Mautrix Twitter bridging](configuring-playbook-bridge-mautrix-twitter.md) (optional) - [Setting up Mautrix Signal bridging](configuring-playbook-bridge-mautrix-signal.md) (optional) @@ -153,16 +145,12 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Appservice Slack bridging](configuring-playbook-bridge-appservice-slack.md) (optional) -- [Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (optional) - - [Setting up Appservice Kakaotalk bridging](configuring-playbook-bridge-appservice-kakaotalk.md) (optional) - [Setting up Beeper LinkedIn bridging](configuring-playbook-bridge-beeper-linkedin.md) (optional) - [Setting up matrix-hookshot](configuring-playbook-bridge-hookshot.md) - a bridge between Matrix and multiple project management services, such as [GitHub](https://github.com), [GitLab](https://about.gitlab.com) and [JIRA](https://www.atlassian.com/software/jira). (optional) -- ~~[Setting up MX Puppet Skype bridging](configuring-playbook-bridge-mx-puppet-skype.md)~~ (optional) - this component has been broken for a long time, so it has been removed from the playbook. Consider [Setting up Go Skype Bridge bridging](configuring-playbook-bridge-go-skype-bridge.md) - - [Setting up MX Puppet Slack bridging](configuring-playbook-bridge-mx-puppet-slack.md) (optional) - [Setting up MX Puppet Instagram bridging](configuring-playbook-bridge-mx-puppet-instagram.md) (optional) @@ -192,8 +180,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up baibot](configuring-playbook-bot-baibot.md) - a bot through which you can talk to various [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) services ([OpenAI](https://openai.com/)'s [ChatGPT](https://openai.com/blog/chatgpt/) and [others](https://github.com/etkecc/baibot/blob/main/docs/providers.md)) (optional) -- [Setting up matrix-bot-chatgpt](configuring-playbook-bot-chatgpt.md) - a bot through which you can talk to the [ChatGPT](https://openai.com/blog/chatgpt/) model (optional) - - [Setting up matrix-reminder-bot](configuring-playbook-bot-matrix-reminder-bot.md) - a bot to remind you about stuff (optional) - [Setting up matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md) - a bot to create and manage registration tokens to invite users (optional) @@ -202,8 +188,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Honoroit](configuring-playbook-bot-honoroit.md) - a helpdesk bot (optional) -- [Setting up Go-NEB](configuring-playbook-bot-go-neb.md) - an extensible multifunctional bot (optional) - - [Setting up Mjolnir](configuring-playbook-bot-mjolnir.md) - a moderation tool/bot (optional) - [Setting up Draupnir](configuring-playbook-bot-draupnir.md) - a moderation tool/bot, forked from Mjolnir and maintained by its former leader developer (optional) @@ -235,3 +219,21 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up the rageshake bug report server](configuring-playbook-rageshake.md) (optional) - [Setting up Prometheus Alertmanager integration via matrix-alertmanager-receiver](configuring-playbook-alertmanager-receiver.md) (optional) + +### Deprecated / unmaintained / removed services + +- [Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (deprecated; the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md)) + +- [Setting up the Dimension integration manager](configuring-playbook-dimension.md) ([unmaintained](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2806#issuecomment-1673559299); after [installing](installing.md)) + +- [Setting up Go-NEB](configuring-playbook-bot-go-neb.md) (unmaintained; the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md)) + +- [Setting up matrix-bot-chatgpt](configuring-playbook-bot-chatgpt.md) (unmaintained; the bridge's author suggests taking a look at [baibot](https://github.com/etkecc/baibot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bot-baibot.md)) + +- [Setting up Mautrix Facebook bridging](configuring-playbook-bridge-mautrix-facebook.md) (deprecated in favor of the Messenger/Instagram bridge with [mautrix-meta-messenger](configuring-playbook-bridge-mautrix-meta-messenger.md)) + +- [Setting up Mautrix Hangouts bridging](configuring-playbook-bridge-mautrix-hangouts.md) (deprecated in favor of the Google Chat bridge with [mautrix-googlechat](configuring-playbook-bridge-mautrix-googlechat.md)) + +- [Setting up Mautrix Instagram bridging](configuring-playbook-bridge-mautrix-instagram.md) (deprecated in favor of the Messenger/Instagram bridge with [mautrix-meta-instagram](configuring-playbook-bridge-mautrix-meta-instagram.md)) + +- [Setting up MX Puppet Skype bridging](configuring-playbook-bridge-mx-puppet-skype.md) (removed; this component has been broken for a long time, so it has been removed from the playbook. Consider [setting up Go Skype Bridge bridging](configuring-playbook-bridge-go-skype-bridge.md)) From ef04f5b33ff1acc223c309362e27b9f6849a1d8a Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 01:11:06 +0900 Subject: [PATCH 208/404] Add disclaimer to the deprecated services section Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 5840bc566..22341ef84 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -222,6 +222,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Deprecated / unmaintained / removed services +**Note**: since a deprecated or unmaintained service will not be updated, its bug or vulnerability will be unlikely to get patched. It is recommended to migrate from the service to an alternative if any, and make sure to do your own research before you decide to keep it running nonetheless. + - [Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (deprecated; the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md)) - [Setting up the Dimension integration manager](configuring-playbook-dimension.md) ([unmaintained](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2806#issuecomment-1673559299); after [installing](installing.md)) From 15ad4780d617a0a2c9cd3c47445a3ed23ce40900 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 28 Oct 2024 10:11:29 +0000 Subject: [PATCH 209/404] Update ghcr.io/etkecc/postmoogle Docker tag to v0.9.22 --- roles/custom/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bot-postmoogle/defaults/main.yml b/roles/custom/matrix-bot-postmoogle/defaults/main.yml index c2163680f..19d1590c5 100644 --- a/roles/custom/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/custom/matrix-bot-postmoogle/defaults/main.yml @@ -10,7 +10,7 @@ matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_v matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" # renovate: datasource=docker depName=ghcr.io/etkecc/postmoogle -matrix_bot_postmoogle_version: v0.9.21 +matrix_bot_postmoogle_version: v0.9.22 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}etkecc/postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'ghcr.io/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From 409f4195c3536af838ff7d2397ff708bbfc23244 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 03:40:10 +0900 Subject: [PATCH 210/404] Update docs/container-images.md: replace URL to matrix-appservice-slack Docker image We have used the officially maintained image since 8f41041f6db84a2b8b10ddd9e035c42d47962118 on Sep 15, 2020. Signed-off-by: Suguru Hirahara --- docs/container-images.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/container-images.md b/docs/container-images.md index 56c30380f..86466bc09 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -66,7 +66,7 @@ These services are not part of our default installation, but can be enabled by [ - [matrix-org/matrix-appservice-discord](https://ghcr.io/matrix-org/matrix-appservice-discord) - the [matrix-appservice-discord](https://github.com/matrix-org/matrix-appservice-discord) bridge to [Discord](https://discordapp.com/) (optional) -- [cadair/matrix-appservice-slack](https://hub.docker.com/r/cadair/matrix-appservice-slack) - the [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) bridge to [Slack](https://slack.com/) (optional) +- [matrixdotorg/matrix-appservice-slack](https://hub.docker.com/r/matrixdotorg/matrix-appservice-slack) - the [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) bridge to [Slack](https://slack.com/) (optional) - [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) - the [Appservice Webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge (optional) From 7a791ab6920e008f33d85fd4d9e6430a0d924a1c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 18:15:49 +0900 Subject: [PATCH 211/404] Update docs/container-images.md: replace matrixdotorg/synapse with its fork The switch to element-hq/synapse was conducted with aa0a85b094190a5b9508058680becb3bbb83c7c6. Since the fork no longer belongs to Matrix Foundation, it is not quite "official" anymore, while it is enabled by default and not optional. Signed-off-by: Suguru Hirahara --- docs/container-images.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/container-images.md b/docs/container-images.md index 86466bc09..5ee476e12 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -9,7 +9,7 @@ We try to stick to official images (provided by their respective projects) as mu These services are enabled and used by default, but you can turn them off, if you wish. -- [matrixdotorg/synapse](https://hub.docker.com/r/matrixdotorg/synapse/) - the official [Synapse](https://github.com/element-hq/synapse) Matrix homeserver (optional) +- [element-hq/synapse](https://ghcr.io/element-hq/synapse) - a fork of [matrixdotorg/synapse](https://github.com/matrix-org/synapse) Matrix homeserver - [coturn/coturn](https://hub.docker.com/r/coturn/coturn/) - the [Coturn](https://github.com/coturn/coturn) STUN/TURN server (optional) From ecd4fc028d071116423bdc104755027d3018608c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 28 Oct 2024 23:27:42 +0900 Subject: [PATCH 212/404] Recategorize Postmoogle (#3696) * Update configuring-playbook.md: move a link for docs/configuring-playbook-bot-postmoogle.md to Bots section The document (on 9c2a8addee93910cb9079f856bc3fb3932592c91; initial commit to add Postmoogle) says: > Postmoogle is a bot/bridge you can use to forward emails to Matrix rooms Therefore it is not really incorrect to categorize Postmoogle as bridge document-wise, but since the list on README.md categorizes it as a bot, and based on the file name of the documentation, this commit moves the link for Postmoogle to the Bots section. Signed-off-by: Suguru Hirahara * Revert "Update configuring-playbook.md: move a link for docs/configuring-playbook-bot-postmoogle.md to Bots section" This reverts commit 1e2e903cb955fcf5033788c508816293b837e9f5. * Change the file name of Postmoogle documentation to make it clear that Postmoogle is a bridge Signed-off-by: Suguru Hirahara * Update documentation for Postmoogle related to a bridge/bot status Signed-off-by: Suguru Hirahara --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara --- CHANGELOG.md | 6 +-- README.md | 2 +- docs/configuring-dns.md | 42 +++++++++---------- ...configuring-playbook-bridge-postmoogle.md} | 10 ++--- docs/configuring-playbook-email2matrix.md | 2 +- ...-playbook-matrix-authentication-service.md | 2 +- docs/configuring-playbook.md | 2 +- .../matrix-bot-postmoogle/defaults/main.yml | 2 +- 8 files changed, 34 insertions(+), 34 deletions(-) rename docs/{configuring-playbook-bot-postmoogle.md => configuring-playbook-bridge-postmoogle.md} (77%) diff --git a/CHANGELOG.md b/CHANGELOG.md index 38b5d579b..c56c2f4bb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1110,7 +1110,7 @@ Switching to Traefik will obtain new SSL certificates from Let's Encrypt (stored Treafik directly reverse-proxies to **some** services right now, but for most other services it goes through `matrix-nginx-proxy` (e.g. Traefik -> `matrix-nginx-proxy` -> [Ntfy](docs/configuring-playbook-ntfy.md)). So, even if you opt into Traefik, you'll still see `matrix-nginx-proxy` being installed in local-only mode. This will improve with time. -Some services (like [Coturn](docs/configuring-playbook-turn.md) and [Postmoogle](docs/configuring-playbook-bot-postmoogle.md)) cannot be reverse-proxied to directly from Traefik, so they require direct access to SSL certificate files extracted out of Traefik. The playbook does this automatically thanks to a new [com.devture.ansible.role.traefik_certs_dumper](https://github.com/devture/com.devture.ansible.role.traefik_certs_dumper) role utilizing the [traefik-certs-dumper](https://github.com/ldez/traefik-certs-dumper) tool. +Some services (like [Coturn](docs/configuring-playbook-turn.md) and [Postmoogle](docs/configuring-playbook-bridge-postmoogle.md)) cannot be reverse-proxied to directly from Traefik, so they require direct access to SSL certificate files extracted out of Traefik. The playbook does this automatically thanks to a new [com.devture.ansible.role.traefik_certs_dumper](https://github.com/devture/com.devture.ansible.role.traefik_certs_dumper) role utilizing the [traefik-certs-dumper](https://github.com/ldez/traefik-certs-dumper) tool. Our Traefik setup mostly works, but certain esoteric features may not work. If you have a default setup, we expect you to have a good experience. @@ -1571,9 +1571,9 @@ See our [Setting up Cactus Comments](docs/configuring-playbook-cactus-comments.m ## Postmoogle email bridge support -Thanks to [Aine](https://gitlab.com/etke.cc) of [etke.cc](https://etke.cc/), the playbook can now set up the new [Postmoogle](https://github.com/etkecc/postmoogle) email bridge/bot. Postmoogle is like the [email2matrix bridge](https://github.com/devture/email2matrix) (also [already supported by the playbook](docs/configuring-playbook-email2matrix.md)), but more capable and with the intention to soon support *sending* emails, not just receiving. +Thanks to [Aine](https://gitlab.com/etke.cc) of [etke.cc](https://etke.cc/), the playbook can now set up the new [Postmoogle](https://github.com/etkecc/postmoogle) email bridge. Postmoogle is like the [email2matrix bridge](https://github.com/devture/email2matrix) (also [already supported by the playbook](docs/configuring-playbook-email2matrix.md)), but more capable and with the intention to soon support *sending* emails, not just receiving. -See our [Setting up Postmoogle email bridging](docs/configuring-playbook-bot-postmoogle.md) documentation to get started. +See our [Setting up Postmoogle email bridging](docs/configuring-playbook-bridge-postmoogle.md) documentation to get started. # 2022-08-10 diff --git a/README.md b/README.md index a648a9634..ef62d6e89 100644 --- a/README.md +++ b/README.md @@ -125,6 +125,7 @@ Bridges can be used to connect your Matrix installation with third-party communi | [mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) | x | Bridge to [GroupMe](https://groupme.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-groupme.md) | | [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) | x | Bridge to [Steam](https://steamapp.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-steam.md) | | [Email2Matrix](https://github.com/devture/email2matrix) | x | Bridge for relaying emails to Matrix rooms | [Link](docs/configuring-playbook-email2matrix.md) | +| [Postmoogle](https://github.com/etkecc/postmoogle) | x | Email to Matrix bridge | [Link](docs/configuring-playbook-bridge-postmoogle.md) | ### Bots @@ -138,7 +139,6 @@ Bots provide various additional functionality to your installation. | [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) | x | Bot for invitations by creating and managing registration tokens | [Link](docs/configuring-playbook-bot-matrix-registration-bot.md) | | [maubot](https://github.com/maubot/maubot) | x | A plugin-based Matrix bot system | [Link](docs/configuring-playbook-bot-maubot.md) | | [Honoroit](https://github.com/etkecc/honoroit) | x | A helpdesk bot | [Link](docs/configuring-playbook-bot-honoroit.md) | -| [Postmoogle](https://github.com/etkecc/postmoogle) | x | Email to Matrix bot | [Link](docs/configuring-playbook-bot-postmoogle.md) | | [Go-NEB](https://github.com/matrix-org/go-neb) | x | A multi functional bot written in Go | [Link](docs/configuring-playbook-bot-go-neb.md) | | [Mjolnir](https://github.com/matrix-org/mjolnir) | x | A moderation tool for Matrix | [Link](docs/configuring-playbook-bot-mjolnir.md) | | [Draupnir](https://github.com/the-draupnir-project/Draupnir) | x | A moderation tool for Matrix (Fork of Mjolnir) | [Link](docs/configuring-playbook-bot-draupnir.md) | diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 58482f5a6..a9a3f3244 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -28,26 +28,26 @@ When you're done configuring DNS, proceed to [Configuring the playbook](configur ## DNS settings for optional services/features -| Used by component | Type | Host | Priority | Weight | Port | Target | -| ----------------------------------------------------------------------------------------------------------------------- | ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | -| [ma1sd](configuring-playbook-ma1sd.md) identity server | SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.example.com` | -| [Dimension](configuring-playbook-dimension.md) integration server | CNAME | `dimension` | - | - | - | `matrix.example.com` | -| [Jitsi](configuring-playbook-jitsi.md) video-conferencing platform | CNAME | `jitsi` | - | - | - | `matrix.example.com` | -| [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) monitoring system | CNAME | `stats` | - | - | - | `matrix.example.com` | -| [Go-NEB](configuring-playbook-bot-go-neb.md) bot | CNAME | `goneb` | - | - | - | `matrix.example.com` | -| [Sygnal](configuring-playbook-sygnal.md) push notification gateway | CNAME | `sygnal` | - | - | - | `matrix.example.com` | -| [ntfy](configuring-playbook-ntfy.md) push notifications server | CNAME | `ntfy` | - | - | - | `matrix.example.com` | -| [Etherpad](configuring-playbook-etherpad.md) collaborative text editor | CNAME | `etherpad` | - | - | - | `matrix.example.com` | -| [Hydrogen](configuring-playbook-client-hydrogen.md) web client | CNAME | `hydrogen` | - | - | - | `matrix.example.com` | -| [Cinny](configuring-playbook-client-cinny.md) web client | CNAME | `cinny` | - | - | - | `matrix.example.com` | -| [SchildiChat](configuring-playbook-client-schildichat.md) web client | CNAME | `schildichat` | - | - | - | `matrix.example.com` | -| [wsproxy](configuring-playbook-bridge-mautrix-wsproxy.md) sms bridge | CNAME | `wsproxy` | - | - | - | `matrix.example.com` | -| [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.example.com` | -| [rageshake](docs/configuring-playbook-rageshake.md) bug report server | CNAME | `rageshake` | - | - | - | `matrix.example.com` | -| [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | MX | `matrix` | 10 | 0 | - | `matrix.example.com` | -| [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | -| [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | -| [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | +| Used by component | Type | Host | Priority | Weight | Port | Target | +| -------------------------------------------------------------------------------------------------------------------------- | ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | +| [ma1sd](configuring-playbook-ma1sd.md) identity server | SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.example.com` | +| [Dimension](configuring-playbook-dimension.md) integration server | CNAME | `dimension` | - | - | - | `matrix.example.com` | +| [Jitsi](configuring-playbook-jitsi.md) video-conferencing platform | CNAME | `jitsi` | - | - | - | `matrix.example.com` | +| [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) monitoring system | CNAME | `stats` | - | - | - | `matrix.example.com` | +| [Go-NEB](configuring-playbook-bot-go-neb.md) bot | CNAME | `goneb` | - | - | - | `matrix.example.com` | +| [Sygnal](configuring-playbook-sygnal.md) push notification gateway | CNAME | `sygnal` | - | - | - | `matrix.example.com` | +| [ntfy](configuring-playbook-ntfy.md) push notifications server | CNAME | `ntfy` | - | - | - | `matrix.example.com` | +| [Etherpad](configuring-playbook-etherpad.md) collaborative text editor | CNAME | `etherpad` | - | - | - | `matrix.example.com` | +| [Hydrogen](configuring-playbook-client-hydrogen.md) web client | CNAME | `hydrogen` | - | - | - | `matrix.example.com` | +| [Cinny](configuring-playbook-client-cinny.md) web client | CNAME | `cinny` | - | - | - | `matrix.example.com` | +| [SchildiChat](configuring-playbook-client-schildichat.md) web client | CNAME | `schildichat` | - | - | - | `matrix.example.com` | +| [wsproxy](configuring-playbook-bridge-mautrix-wsproxy.md) sms bridge | CNAME | `wsproxy` | - | - | - | `matrix.example.com` | +| [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.example.com` | +| [rageshake](docs/configuring-playbook-rageshake.md) bug report server | CNAME | `rageshake` | - | - | - | `matrix.example.com` | +| [Postmoogle](configuring-playbook-bridge-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | MX | `matrix` | 10 | 0 | - | `matrix.example.com` | +| [Postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge | TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | +| [Postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge | TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | +| [Postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge | TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | When setting up a SRV record, if you are asked for a service and protocol instead of a hostname split the host value from the table where the period is. For example use service as `_matrix-identity` and protocol as `_tcp`. @@ -97,4 +97,4 @@ When you're done with the DNS configuration and ready to proceed, continue with ## `_dmarc`, `postmoogle._domainkey` TXT and `matrix` MX records setup -To make the [postmoogle](configuring-playbook-bot-postmoogle.md) email bridge enable its email sending features, you need to configure SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records +To make the [postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge enable its email sending features, you need to configure SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bridge-postmoogle.md similarity index 77% rename from docs/configuring-playbook-bot-postmoogle.md rename to docs/configuring-playbook-bridge-postmoogle.md index 5d12f7b2a..4a7f31c26 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bridge-postmoogle.md @@ -4,7 +4,7 @@ The playbook can install and configure [Postmoogle](https://github.com/etkecc/postmoogle) for you. -Postmoogle is a bot/bridge you can use to forward emails to Matrix rooms. It runs an SMTP email server and allows you to assign mailbox addresses to Matrix rooms. +Postmoogle is a bridge you can use to have its bot user forward emails to Matrix rooms. It runs an SMTP email server and allows you to assign mailbox addresses to the rooms. See the project's [documentation](https://github.com/etkecc/postmoogle) to learn what it does and why it might be useful to you. @@ -57,18 +57,18 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-use **Notes**: -- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account +- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create a user account of the bridge's bot -- if you change the bot password (`matrix_bot_postmoogle_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_postmoogle_password` to let the bot know its new password +- if you change the bridge's bot password (`matrix_bot_postmoogle_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_postmoogle_password` to let the bot know its new password ## Usage -To use the bot, invite the `@postmoogle:example.com` bot user into a room you want to use as a mailbox. +To use the bridge, invite the `@postmoogle:example.com` bot user into a room you want to use as a mailbox. Then send `!pm mailbox NAME` to expose this Matrix room as an inbox with the email address `NAME@matrix.example.com`. Emails sent to that email address will be forwarded to the room. -Send `!pm help` to the room to see the bot's help menu for additional commands. +Send `!pm help` to the room to see the bridge's help menu for additional commands. You can also refer to the upstream [documentation](https://github.com/etkecc/postmoogle). diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index fa56b8c82..ab274afe4 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -1,6 +1,6 @@ # Setting up Email2Matrix (optional) -**Note**: email bridging can also happen via the [Postmoogle](configuring-playbook-bot-postmoogle.md) bot supported by the playbook. Postmoogle is much more powerful and easier to use, so we recommend that you use it, instead of Email2Matrix. +**Note**: email bridging can also happen via the [Postmoogle](configuring-playbook-bridge-postmoogle.md) bridge supported by the playbook. Postmoogle is much more powerful and easier to use, so we recommend that you use it, instead of Email2Matrix. The playbook can install and configure [email2matrix](https://github.com/devture/email2matrix) for you. diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index d83bdf58a..625b3116e 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -51,7 +51,7 @@ This section details what you can expect when switching to the Matrix Authentica - ❌ Certain **tools like [synapse-admin](./configuring-playbook-synapse-admin.md) do not have full compatibility with MAS yet**. synapse-admin already supports [login with access token](https://github.com/etkecc/synapse-admin/pull/58), browsing users (which Synapse will internally fetch from MAS) and updating user avatars. However, editing users (passwords, etc.) now needs to happen directly against MAS using the [MAS Admin API](https://element-hq.github.io/matrix-authentication-service/api/index.html), which synapse-admin cannot interact with yet. -- ❌ **Some services** (e.g. [Postmoogle](./configuring-playbook-bot-postmoogle.md), but possibly others - the list is yet to be determined) appear to **experience issues when authenticating via MAS**. We're still investigating what breaks and why. +- ❌ **Some services** (e.g. [Postmoogle](./configuring-playbook-bridge-postmoogle.md), but possibly others - the list is yet to be determined) appear to **experience issues when authenticating via MAS**. We're still investigating what breaks and why. - ❌ **Encrypted appservices** do not work yet (related to [MSC4190](https://github.com/matrix-org/matrix-spec-proposals/pull/4190) and [PR 17705 for Synapse](https://github.com/element-hq/synapse/pull/17705)), so all bridges/bots that rely on encryption will fail to start (see [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3658) for Hookshot). You can use these bridges/bots only if you **keep end-to-bridge encryption disabled** (which is the default setting). diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 22341ef84..38e7b0847 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -167,7 +167,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Email2Matrix](configuring-playbook-email2matrix.md) (optional) -- [Setting up Postmoogle email bridging](configuring-playbook-bot-postmoogle.md) (optional) +- [Setting up Postmoogle email bridging](configuring-playbook-bridge-postmoogle.md) (optional) - [Setting up Matrix SMS bridging](configuring-playbook-bridge-matrix-bridge-sms.md) (optional) diff --git a/roles/custom/matrix-bot-postmoogle/defaults/main.yml b/roles/custom/matrix-bot-postmoogle/defaults/main.yml index 19d1590c5..faade072c 100644 --- a/roles/custom/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/custom/matrix-bot-postmoogle/defaults/main.yml @@ -1,5 +1,5 @@ --- -# postmoogle is an email to Matrix bot +# postmoogle is an email to Matrix bridge using its bot user # Project source code URL: https://github.com/etkecc/postmoogle matrix_bot_postmoogle_enabled: true From efa17d837c646e5d8bd53b4ef6652677e0ac08de Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 18:03:20 +0900 Subject: [PATCH 213/404] Update README.md and container-images.md: replace links to the original synapse-admin with ones to its fork The original synapse-admin (Awesome-Technologies/synapse-admin) was replaced with etke.cc/synapse-admin with 73d338d9d1e5347f0f299ee67ede751bd37ddb4c on Sep 12, 2024. Signed-off-by: Suguru Hirahara --- README.md | 2 +- docs/container-images.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ef62d6e89..ca328fb74 100644 --- a/README.md +++ b/README.md @@ -152,7 +152,7 @@ Services that help you in administrating and monitoring your Matrix installation | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | -| [synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) | x | A web UI tool for administrating users and rooms on your Matrix server | [Link](docs/configuring-playbook-synapse-admin.md) | +| [synapse-admin](https://github.com/etkecc/synapse-admin) | x | A web UI tool for administrating users and rooms on your Matrix server | [Link](docs/configuring-playbook-synapse-admin.md) | | Metrics and Graphs | x | Consists of the [Prometheus](https://prometheus.io) time-series database server, the Prometheus [node-exporter](https://prometheus.io/docs/guides/node-exporter/) host metrics exporter, and the [Grafana](https://grafana.com/) web UI | [Link](docs/configuring-playbook-prometheus-grafana.md) | | [Borg](https://borgbackup.org) | x | Backups | [Link](docs/configuring-playbook-backup-borg.md) | | [rageshake](https://github.com/matrix-org/rageshake) | x | Bug report server | [Link](docs/configuring-playbook-rageshake.md) | diff --git a/docs/container-images.md b/docs/container-images.md index 5ee476e12..c34cdae56 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -110,7 +110,7 @@ These services are not part of our default installation, but can be enabled by [ - [gnuxie/draupnir](https://hub.docker.com/r/gnuxie/draupnir) - the [Draupnir](https://github.com/the-draupnir-project/Draupnir/) moderation bot (optional) -- [awesometechnologies/synapse-admin](https://hub.docker.com/r/awesometechnologies/synapse-admin) - the [synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) web UI tool for administrating users and rooms on your Matrix server (optional) +- [etke.cc/synapse-admin](https://ghcr.io/etkecc/synapse-admin) - the [etkecc/synapse-admin](https://github.com/etkecc/synapse-admin) (a [feature-rich](https://github.com/etkecc/synapse-admin#fork-differences) fork of [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) web UI tool for administrating users and rooms on your Matrix server (optional) - [prom/prometheus](https://hub.docker.com/r/prom/prometheus/) - [Prometheus](https://github.com/prometheus/prometheus/) is a systems and service monitoring system From 304016982e66c1665cf600826f9bb99607e8a74a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 29 Oct 2024 09:40:28 +0200 Subject: [PATCH 214/404] Set matrix_bot_matrix_reminder_bot_docker_repo_version correctly if matrix_bot_matrix_reminder_bot_version is latest --- roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml index 66ec34fbd..e6074f70a 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml +++ b/roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml @@ -6,7 +6,7 @@ matrix_bot_matrix_reminder_bot_enabled: true matrix_bot_matrix_reminder_bot_container_image_self_build: false matrix_bot_matrix_reminder_bot_docker_repo: "https://github.com/anoadragon453/matrix-reminder-bot.git" -matrix_bot_matrix_reminder_bot_docker_repo_version: "{{ matrix_bot_matrix_reminder_bot_version }}" +matrix_bot_matrix_reminder_bot_docker_repo_version: "{{ 'master' if matrix_bot_matrix_reminder_bot_version == 'latest' else matrix_bot_matrix_reminder_bot_version }}" matrix_bot_matrix_reminder_bot_docker_src_files_path: "{{ matrix_base_data_path }}/matrix-reminder-bot/docker-src" # renovate: datasource=docker depName=ghcr.io/anoadragon453/matrix-reminder-bot From 2cd79e785f10b50149112360d84cfd17909cee9f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 29 Oct 2024 09:41:21 +0200 Subject: [PATCH 215/404] Mention matrix-reminder-bot incompatibility with Matrix Authentication Service --- ...configuring-playbook-matrix-authentication-service.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index 625b3116e..9015da318 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -51,7 +51,14 @@ This section details what you can expect when switching to the Matrix Authentica - ❌ Certain **tools like [synapse-admin](./configuring-playbook-synapse-admin.md) do not have full compatibility with MAS yet**. synapse-admin already supports [login with access token](https://github.com/etkecc/synapse-admin/pull/58), browsing users (which Synapse will internally fetch from MAS) and updating user avatars. However, editing users (passwords, etc.) now needs to happen directly against MAS using the [MAS Admin API](https://element-hq.github.io/matrix-authentication-service/api/index.html), which synapse-admin cannot interact with yet. -- ❌ **Some services** (e.g. [Postmoogle](./configuring-playbook-bridge-postmoogle.md), but possibly others - the list is yet to be determined) appear to **experience issues when authenticating via MAS**. We're still investigating what breaks and why. +- ❌ **Some services experience issues when authenticating via MAS**: + + - [Postmoogle](./configuring-playbook-bridge-postmoogle.md) works the first time around, but it consistently fails after restarting: + + > cannot initialize matrix bot error="olm account is marked as shared, keys seem to have disappeared from the server" + + - [matrix-reminder-bot](./configuring-playbook-bot-matrix-reminder-bot.md) fails to start (see [element-hq/matrix-authentication-service#3439](https://github.com/element-hq/matrix-authentication-service/issues/3439)) + - Other services may be similarly affected. This list is not exhaustive. - ❌ **Encrypted appservices** do not work yet (related to [MSC4190](https://github.com/matrix-org/matrix-spec-proposals/pull/4190) and [PR 17705 for Synapse](https://github.com/element-hq/synapse/pull/17705)), so all bridges/bots that rely on encryption will fail to start (see [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3658) for Hookshot). You can use these bridges/bots only if you **keep end-to-bridge encryption disabled** (which is the default setting). From 059cf130218f1f3984ca1a3a6a81f8033630044a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 29 Oct 2024 09:59:01 +0200 Subject: [PATCH 216/404] Add note about syn2mas not migrating user admin status flag Related to https://github.com/element-hq/matrix-authentication-service/issues/3440 --- docs/configuring-playbook-matrix-authentication-service.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index 9015da318..570f316da 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -66,6 +66,8 @@ This section details what you can expect when switching to the Matrix Authentica - ⚠ [Migrating an existing Synapse homeserver to Matrix Authentication Service](#migrating-an-existing-synapse-homeserver-to-matrix-authentication-service) is **possible**, but requires **some playbook-assisted manual work**. Migration is **reversible with no or minor issues if done quickly enough**, but as users start logging in (creating new login sessions) via the new MAS setup, disabling MAS and reverting back to the Synapse user database will cause these new sessions to break. +- ⚠ [Migrating an existing Synapse homeserver to Matrix Authentication Service](#migrating-an-existing-synapse-homeserver-to-matrix-authentication-service) does not currently seem to preserve the "admin" flag for users (as found in the Synapse database). All users are imported as non-admin - see [element-hq/matrix-authentication-service#3440](https://github.com/element-hq/matrix-authentication-service/issues/3440). You may need update the Matrix Authentication Service's database manually and adjust the `can_request_admin` column in the `users` table to `true` for users that need to be administrators (e.g. `UPDATE users SET can_request_admin = true WHERE username = 'someone';`) + - ⚠ Delegating user authentication to MAS causes **your Synapse server to be completely dependant on one more service** for its operations. MAS is quick & lightweight and should be stable enough already, but this is something to keep in mind when making the switch. - ⚠ If you've got [OIDC configured in Synapse](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on), you will need to migrate your OIDC configuration to MAS by adding an [Upstream OAuth2 configuration](#upstream-oauth2-configuration). From 8e33aa63987e86730be273c075f9f7d0bf72d19f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 29 Oct 2024 10:22:35 +0000 Subject: [PATCH 217/404] Update dependency etherpad to v2.2.6-0 --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 8a4d68466..85290ebb5 100644 --- a/requirements.yml +++ b/requirements.yml @@ -16,7 +16,7 @@ version: 129c8590e106b83e6f4c259649a613c6279e937a name: docker_sdk_for_python - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-etherpad.git - version: v2.2.5-0 + version: v2.2.6-0 name: etherpad - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git version: v4.98-r0-1-1 From ad3f3597469916f66f0a8dcaca5002298227d562 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 29 Oct 2024 10:22:40 +0000 Subject: [PATCH 218/404] Update vectorim/element-web Docker tag to v1.11.83 --- roles/custom/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index f3f23ff44..e26c89393 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -11,7 +11,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" # renovate: datasource=docker depName=vectorim/element-web -matrix_client_element_version: v1.11.82 +matrix_client_element_version: v1.11.83 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" From e87e7e766d9152f3bc0cbe036c5b58aeebdb0d1b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 29 Oct 2024 17:02:57 +0000 Subject: [PATCH 219/404] Update ghcr.io/etkecc/postmoogle Docker tag to v0.9.23 --- roles/custom/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bot-postmoogle/defaults/main.yml b/roles/custom/matrix-bot-postmoogle/defaults/main.yml index faade072c..113e264e2 100644 --- a/roles/custom/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/custom/matrix-bot-postmoogle/defaults/main.yml @@ -10,7 +10,7 @@ matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_v matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" # renovate: datasource=docker depName=ghcr.io/etkecc/postmoogle -matrix_bot_postmoogle_version: v0.9.22 +matrix_bot_postmoogle_version: v0.9.23 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}etkecc/postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'ghcr.io/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From 997e093793957cca7b212d0b514c1c7b2aad9cfd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 29 Oct 2024 17:03:02 +0000 Subject: [PATCH 220/404] Update ghcr.io/element-hq/synapse Docker tag to v1.118.0 --- roles/custom/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 88ee9cf0a..d6527b7a8 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -16,7 +16,7 @@ matrix_synapse_enabled: true matrix_synapse_github_org_and_repo: element-hq/synapse # renovate: datasource=docker depName=ghcr.io/element-hq/synapse -matrix_synapse_version: v1.117.0 +matrix_synapse_version: v1.118.0 matrix_synapse_username: '' matrix_synapse_uid: '' From 81831b550d53e9b208d7d752eff9d9c6109577c6 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 30 Oct 2024 06:22:57 +0000 Subject: [PATCH 221/404] Update docker.io/metio/matrix-alertmanager-receiver Docker tag to v2024.10.30 --- roles/custom/matrix-alertmanager-receiver/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml index a78dfaf4b..2e24f2b7b 100644 --- a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml +++ b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml @@ -6,7 +6,7 @@ matrix_alertmanager_receiver_enabled: true # renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver -matrix_alertmanager_receiver_version: 2024.10.23 +matrix_alertmanager_receiver_version: 2024.10.30 matrix_alertmanager_receiver_scheme: https From 446e6564247a87ac5c39bb3fb3ed4a0fb554de53 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 30 Oct 2024 09:53:03 +0200 Subject: [PATCH 222/404] Mark matrix_client_cinny_path_prefix as not supported anymore Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3701 We can restore support for it by making a non-/ path prefix trigger a self-build with a modified build config, so that a Cinny version with path-prefix support would be produced. Traefik label changes may also be required. For now, we're not doing all that work, but simply dropping support for path prefixes for Cinny. --- docs/configuring-playbook-client-cinny.md | 18 ++++++++---------- .../tasks/validate_config.yml | 8 ++++++++ 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/docs/configuring-playbook-client-cinny.md b/docs/configuring-playbook-client-cinny.md index e3c9d2f14..b24c72474 100644 --- a/docs/configuring-playbook-client-cinny.md +++ b/docs/configuring-playbook-client-cinny.md @@ -16,27 +16,25 @@ matrix_client_cinny_enabled: true By default, this playbook installs Cinny on the `cinny.` subdomain (`cinny.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). -By tweaking the `matrix_client_cinny_hostname` and `matrix_client_cinny_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. +By tweaking the `matrix_client_cinny_hostname` variable, you can easily make the service available at a **different hostname** than the default one. + +While a `matrix_client_cinny_path_prefix` variable exists for tweaking the path-prefix, it's [not supported anymore](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3701), because Cinny requires an application rebuild (with a tweaked build config) to be functional under a custom path. Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml -# Switch to the domain used for Matrix services (`matrix.example.com`), -# so we won't need to add additional DNS records for Cinny. -matrix_client_cinny_hostname: "{{ matrix_server_fqn_matrix }}" - -# Expose under the /cinny subpath -matrix_client_cinny_path_prefix: /cinny +# Switch to a different domain (`app.example.com`) than the default one (`cinny.example.com`) +matrix_client_cinny_hostname: "app.{{ matrix_domain }}" ``` ## Adjusting DNS records -Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Cinny domain to the Matrix server. +Once you've decided on the domain, **you may need to adjust your DNS** records to point the Cinny domain to the Matrix server. By default, you will need to create a CNAME record for `cinny`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. -If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. +If you've adjusted `matrix_client_cinny_hostname`, you will need to adjust your DNS configuration accordingly. ## Installing -After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook and [adjusting your DNS records](#adjusting-dns-records), run the [installation](installing.md) command: `just install-all` or `just setup-all` diff --git a/roles/custom/matrix-client-cinny/tasks/validate_config.yml b/roles/custom/matrix-client-cinny/tasks/validate_config.yml index a6d7a9958..a7d4f70f2 100644 --- a/roles/custom/matrix-client-cinny/tasks/validate_config.yml +++ b/roles/custom/matrix-client-cinny/tasks/validate_config.yml @@ -8,6 +8,14 @@ - matrix_client_cinny_default_hs_url - matrix_client_cinny_container_network +- name: Fail if matrix_client_cinny_path_prefix is not / + ansible.builtin.fail: + msg: >- + `matrix_client_cinny_path_prefix` is set to `{{ matrix_client_cinny_path_prefix }}` in your configuration, but Cinny no longer supports hosting under a path prefix without an application rebuild. + Consider removing your `matrix_client_cinny_path_prefix` override and adjusting the Cinny hostname via `matrix_server_fqn_cinny` or `matrix_client_cinny_hostname`. + See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3701 + when: "matrix_client_cinny_path_prefix != '/'" + - when: matrix_client_cinny_container_labels_traefik_enabled | bool block: - name: Fail if required matrix-client-cinny Traefik settings not defined From 15ce9981469396434ab97703a308535157213d92 Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Thu, 31 Oct 2024 10:19:32 +0200 Subject: [PATCH 223/404] synapse-admin: v0.10.3-etke26 --- roles/custom/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index 347e83e39..bd033e259 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git" # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin -matrix_synapse_admin_version: v0.10.3-etke25 +matrix_synapse_admin_version: v0.10.3-etke26 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From 652feba9ccbcb775e8d9bc9d9a3711d5e4acfdd8 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 31 Oct 2024 17:33:46 +0900 Subject: [PATCH 224/404] Rename variables of Postmoogle to handle it as a bridge (#3698) * Rename variables matrix_bot_postmoogle_* with matrix_postmoogle_* Signed-off-by: Suguru Hirahara * Rename file names and references to those files Signed-off-by: Suguru Hirahara * Move variables block for /matrix-bridge-postmoogle Signed-off-by: Suguru Hirahara * Rename matrix_playbook_bot_postmoogle_ to matrix_playbook_bridge_postmoogle_ Signed-off-by: Suguru Hirahara * Add matrix_playbook_migration_matrix_postmoogle_migration_validation_enabled Signed-off-by: Suguru Hirahara * Replace an install tag example with "-bot" prefix The previous example seems to have been selected to show how components whose name contains "-bot-" needed to be specified. Signed-off-by: Suguru Hirahara --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara --- CHANGELOG.md | 8 +- .../configuring-playbook-bridge-postmoogle.md | 16 +- docs/installing.md | 4 +- group_vars/matrix_servers | 175 +++++++++-------- .../matrix-bot-postmoogle/defaults/main.yml | 179 ------------------ .../tasks/setup_install.yml | 94 --------- .../tasks/validate_config.yml | 12 -- .../matrix-bot-postmoogle/templates/env.j2 | 31 --- .../defaults/main.yml | 179 ++++++++++++++++++ .../tasks/main.yml | 12 +- .../tasks/setup_install.yml | 94 +++++++++ .../tasks/setup_uninstall.yml | 14 +- .../tasks/validate_config.yml | 12 ++ .../matrix-bridge-postmoogle/templates/env.j2 | 31 +++ .../matrix-bridge-postmoogle.service.j2} | 44 ++--- .../defaults/main.yml | 3 + .../tasks/validate_config.yml | 14 ++ setup.yml | 2 +- 18 files changed, 472 insertions(+), 452 deletions(-) delete mode 100644 roles/custom/matrix-bot-postmoogle/defaults/main.yml delete mode 100644 roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml delete mode 100644 roles/custom/matrix-bot-postmoogle/tasks/validate_config.yml delete mode 100644 roles/custom/matrix-bot-postmoogle/templates/env.j2 create mode 100644 roles/custom/matrix-bridge-postmoogle/defaults/main.yml rename roles/custom/{matrix-bot-postmoogle => matrix-bridge-postmoogle}/tasks/main.yml (58%) create mode 100644 roles/custom/matrix-bridge-postmoogle/tasks/setup_install.yml rename roles/custom/{matrix-bot-postmoogle => matrix-bridge-postmoogle}/tasks/setup_uninstall.yml (62%) create mode 100644 roles/custom/matrix-bridge-postmoogle/tasks/validate_config.yml create mode 100644 roles/custom/matrix-bridge-postmoogle/templates/env.j2 rename roles/custom/{matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 => matrix-bridge-postmoogle/templates/systemd/matrix-bridge-postmoogle.service.j2} (52%) diff --git a/CHANGELOG.md b/CHANGELOG.md index c56c2f4bb..6957616e0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,9 @@ +# 2024-10-28 + +## (BC Break) Postmoogle's variable names need adjustments + +Due to the recategorization of [Postmoogle](./docs/configuring-playbook-bridge-postmoogle.md) from the bot to the bridge, its variables were renamed (`matrix_bot_postmoogle_` -> `matrix_postmoogle_`). You need to adjust your `vars.yml` configuration accordingly. + # 2024-10-19 ## Support for Matrix Authentication Service @@ -1310,7 +1316,7 @@ Recently, a few large optimizations have been done to this playbook and its exte 1. Replacing Ansible `import_tasks` calls with `include_tasks`, which decreased runtime in half. Using `import_tasks` is slower and causes Ansible to go through and skip way too many tasks (tasks which could have been skipped altogether by not having Ansible include them in the first place). On an experimental VM, **deployment time was decreased from ~530 seconds to ~250 seconds**. -2. Introducing new `install-*` tags (`install-all` and `install-COMPONENT`, e.g. `install-synapse`, `install-bot-postmoogle`), which only run Ansible tasks pertaining to installation, while skipping uninstallation tasks. In most cases, people are maintaining the same setup or they're *adding* new components. Removing components is rare. Running thousands of uninstallation tasks each time is wasteful. On an experimental VM, **deployment time was decreased from ~250 seconds (`--tags=setup-all`) to ~100 seconds (`--tags=install-all`)**. +2. Introducing new `install-*` tags (`install-all` and `install-COMPONENT`, e.g. `install-synapse`, `install-bot-mjolnir`), which only run Ansible tasks pertaining to installation, while skipping uninstallation tasks. In most cases, people are maintaining the same setup or they're *adding* new components. Removing components is rare. Running thousands of uninstallation tasks each time is wasteful. On an experimental VM, **deployment time was decreased from ~250 seconds (`--tags=setup-all`) to ~100 seconds (`--tags=install-all`)**. You can still use `--tags=setup-all`. In fact, that's the best way to ensure your server is reconciled with the `vars.yml` configuration. diff --git a/docs/configuring-playbook-bridge-postmoogle.md b/docs/configuring-playbook-bridge-postmoogle.md index 4a7f31c26..799c0fd65 100644 --- a/docs/configuring-playbook-bridge-postmoogle.md +++ b/docs/configuring-playbook-bridge-postmoogle.md @@ -17,7 +17,7 @@ Open the following ports on your server to be able to receive incoming emails: If you don't open these ports, you will still be able to send emails, but not receive any. -These port numbers are configurable via the `matrix_bot_postmoogle_smtp_host_bind_port` and `matrix_bot_postmoogle_submission_host_bind_port` variables, but other email servers will try to deliver on these default (standard) ports, so changing them is of little use. +These port numbers are configurable via the `matrix_postmoogle_smtp_host_bind_port` and `matrix_postmoogle_submission_host_bind_port` variables, but other email servers will try to deliver on these default (standard) ports, so changing them is of little use. ## Adjusting the playbook configuration @@ -25,17 +25,17 @@ These port numbers are configurable via the `matrix_bot_postmoogle_smtp_host_bin Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml -matrix_bot_postmoogle_enabled: true +matrix_postmoogle_enabled: true # Uncomment and adjust this part if you'd like to use a username different than the default -# matrix_bot_postmoogle_login: postmoogle +# matrix_postmoogle_login: postmoogle # Generate a strong password here. Consider generating it with `pwgen -s 64 1` -matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT +matrix_postmoogle_password: PASSWORD_FOR_THE_BOT # Uncomment to add one or more admins to this bridge: # -# matrix_bot_postmoogle_admins: +# matrix_postmoogle_admins: # - '@yourAdminAccount:{{ matrix_domain }}' # # .. unless you've made yourself an admin of all bots/bridges like this: @@ -59,7 +59,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-use - the `ensure-matrix-users-created` playbook tag makes the playbook automatically create a user account of the bridge's bot -- if you change the bridge's bot password (`matrix_bot_postmoogle_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_postmoogle_password` to let the bot know its new password +- if you change the bridge's bot password (`matrix_postmoogle_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_postmoogle_password` to let the bot know its new password ## Usage @@ -74,10 +74,10 @@ You can also refer to the upstream [documentation](https://github.com/etkecc/pos ### Debug/Logs -As with all other services, you can find their logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by running something like `journalctl -fu matrix-bot-postmoogle` +As with all other services, you can find their logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by running something like `journalctl -fu matrix-postmoogle` The default logging level for this bridge is `INFO`, but you can increase it to `DEBUG` with the following additional configuration: ```yaml -matrix_bot_postmoogle_loglevel: 'DEBUG' +matrix_postmoogle_loglevel: 'DEBUG' ``` diff --git a/docs/installing.md b/docs/installing.md index 48103c2be..ef816aff8 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -19,9 +19,9 @@ Here are some playbook tags that you should be familiar with: - `install-all` - like `setup-all`, but skips uninstallation tasks. Useful for maintaining your setup quickly when its components remain unchanged. If you adjust your `vars.yml` to remove components, you'd need to run `setup-all` though, or these components will still remain installed -- `setup-SERVICE` (e.g. `setup-bot-postmoogle`) - runs the setup tasks only for a given role, but does not start/restart services. You can discover these additional tags in each role (`roles/**/tasks/main.yml`). Running per-component setup tasks is **not recommended**, as components sometimes depend on each other and running just the setup tasks for a given component may not be enough. For example, setting up the [mautrix-telegram bridge](configuring-playbook-bridge-mautrix-telegram.md), in addition to the `setup-mautrix-telegram` tag, requires database changes (the `setup-postgres` tag) as well as reverse-proxy changes (the `setup-nginx-proxy` tag). +- `setup-SERVICE` (e.g. `setup-postmoogle`) - runs the setup tasks only for a given role, but does not start/restart services. You can discover these additional tags in each role (`roles/**/tasks/main.yml`). Running per-component setup tasks is **not recommended**, as components sometimes depend on each other and running just the setup tasks for a given component may not be enough. For example, setting up the [mautrix-telegram bridge](configuring-playbook-bridge-mautrix-telegram.md), in addition to the `setup-mautrix-telegram` tag, requires database changes (the `setup-postgres` tag) as well as reverse-proxy changes (the `setup-nginx-proxy` tag). -- `install-SERVICE` (e.g. `install-bot-postmoogle`) - like `setup-SERVICE`, but skips uninstallation tasks. See `install-all` above for additional information. +- `install-SERVICE` (e.g. `install-postmoogle`) - like `setup-SERVICE`, but skips uninstallation tasks. See `install-all` above for additional information. - `start` - starts all systemd services and makes them start automatically in the future diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index eecdf9264..b274251b8 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -293,8 +293,6 @@ devture_systemd_service_manager_services_list_auto: | + ([{'name': 'matrix-bot-draupnir.service', 'priority': 4000, 'groups': ['matrix', 'bots', 'draupnir', 'bot-draupnir']}] if matrix_bot_draupnir_enabled else []) + - ([{'name': 'matrix-bot-postmoogle.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'postmoogle', 'bot-postmoogle']}] if matrix_bot_postmoogle_enabled else []) - + ([{'name': 'matrix-bot-chatgpt.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'chatgpt', 'bot-chatgpt']}] if matrix_bot_chatgpt_enabled else []) + ([{'name': 'matrix-appservice-discord.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'appservice-discord']}] if matrix_appservice_discord_enabled else []) @@ -365,6 +363,8 @@ devture_systemd_service_manager_services_list_auto: | + ([{'name': 'matrix-mx-puppet-twitter.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mx-puppet-twitter']}] if matrix_mx_puppet_twitter_enabled else []) + + ([{'name': 'matrix-postmoogle.service', 'priority': 2200, 'groups': ['matrix', 'bridges', 'postmoogle']}] if matrix_postmoogle_enabled else []) + + ([{'name': 'matrix-sms-bridge.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'sms']}] if matrix_sms_bridge_enabled else []) + ([{'name': 'matrix-cactus-comments.service', 'priority': 2000, 'groups': ['matrix', 'cactus-comments']}] if matrix_cactus_comments_enabled else []) @@ -2571,6 +2571,81 @@ matrix_mx_puppet_groupme_database_password: "{{ '%s' | format(matrix_homeserver_ # ###################################################################### +###################################################################### +# +# matrix-bridge-postmoogle +# +###################################################################### + +# We don't enable bridges by default. +matrix_postmoogle_enabled: false + +matrix_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" + +matrix_postmoogle_ssl_path: |- + {{ + { + 'playbook-managed-traefik': (traefik_certs_dumper_dumped_certificates_dir_path if traefik_certs_dumper_enabled else ''), + 'other-traefik-container': (traefik_certs_dumper_dumped_certificates_dir_path if traefik_certs_dumper_enabled else ''), + 'none': '', + }[matrix_playbook_reverse_proxy_type] + }} + +matrix_playbook_bridge_postmoogle_traefik_tls_cert: "{% for domain in matrix_postmoogle_domains %}/ssl/{{ domain }}/certificate.crt {% endfor %}" +matrix_playbook_bridge_postmoogle_traefik_key: "{% for domain in matrix_postmoogle_domains %}/ssl/{{ domain }}/privatekey.key {% endfor %}" + +matrix_postmoogle_tls_cert: |- + {{ + { + 'playbook-managed-traefik': (matrix_playbook_bridge_postmoogle_traefik_tls_cert if traefik_certs_dumper_enabled else ''), + 'other-traefik-container': (matrix_playbook_bridge_postmoogle_traefik_tls_cert if traefik_certs_dumper_enabled else ''), + 'none': '', + }[matrix_playbook_reverse_proxy_type] + }} + +matrix_postmoogle_tls_key: |- + {{ + { + 'playbook-managed-traefik': (matrix_playbook_bridge_postmoogle_traefik_key if traefik_certs_dumper_enabled else ''), + 'other-traefik-container': (matrix_playbook_bridge_postmoogle_traefik_key if traefik_certs_dumper_enabled else ''), + 'none': '', + }[matrix_playbook_reverse_proxy_type] + }} + +matrix_playbook_bridge_postmoogle_traefik_certs_dumper_waiter_services: "{% for domain in matrix_postmoogle_domains %}{{ traefik_certs_dumper_identifier }}-wait-for-domain@{{ domain }}.service {% endfor %}" + +matrix_postmoogle_systemd_required_services_list_auto: | + {{ + matrix_addons_homeserver_systemd_services_list + + + ([postgres_identifier ~ '.service'] if postgres_enabled and matrix_postmoogle_database_hostname == matrix_postmoogle_database_hostname else []) + + + (matrix_playbook_bridge_postmoogle_traefik_certs_dumper_waiter_services | trim | split(' ') if matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] and traefik_certs_dumper_enabled else []) + }} + +# Postgres is the default, except if not using internal Postgres server +matrix_postmoogle_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}" +matrix_postmoogle_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}" +matrix_postmoogle_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'postmoogle.db', rounds=655555) | to_uuid }}" + +matrix_postmoogle_homeserver: "{{ matrix_addons_homeserver_client_api_url }}" + +matrix_postmoogle_container_network: "{{ matrix_addons_container_network }}" + +matrix_postmoogle_container_additional_networks_auto: |- + {{ + ( + ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) + + + ([postgres_container_network] if postgres_enabled and matrix_bot_matrix_reminder_bot_database_hostname == postgres_connection_hostname else []) + ) | unique + }} + +###################################################################### +# +# /matrix-bridge-postmoogle +# +###################################################################### ###################################################################### # @@ -2855,84 +2930,6 @@ matrix_bot_baibot_container_additional_networks_auto: |- # ###################################################################### - -###################################################################### -# -# matrix-bot-postmoogle -# -###################################################################### - -# We don't enable bots by default. -matrix_bot_postmoogle_enabled: false - -matrix_bot_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" - -matrix_bot_postmoogle_ssl_path: |- - {{ - { - 'playbook-managed-traefik': (traefik_certs_dumper_dumped_certificates_dir_path if traefik_certs_dumper_enabled else ''), - 'other-traefik-container': (traefik_certs_dumper_dumped_certificates_dir_path if traefik_certs_dumper_enabled else ''), - 'none': '', - }[matrix_playbook_reverse_proxy_type] - }} - -matrix_playbook_bot_postmoogle_traefik_tls_cert: "{% for domain in matrix_bot_postmoogle_domains %}/ssl/{{ domain }}/certificate.crt {% endfor %}" -matrix_playbook_bot_postmoogle_traefik_key: "{% for domain in matrix_bot_postmoogle_domains %}/ssl/{{ domain }}/privatekey.key {% endfor %}" - -matrix_bot_postmoogle_tls_cert: |- - {{ - { - 'playbook-managed-traefik': (matrix_playbook_bot_postmoogle_traefik_tls_cert if traefik_certs_dumper_enabled else ''), - 'other-traefik-container': (matrix_playbook_bot_postmoogle_traefik_tls_cert if traefik_certs_dumper_enabled else ''), - 'none': '', - }[matrix_playbook_reverse_proxy_type] - }} - -matrix_bot_postmoogle_tls_key: |- - {{ - { - 'playbook-managed-traefik': (matrix_playbook_bot_postmoogle_traefik_key if traefik_certs_dumper_enabled else ''), - 'other-traefik-container': (matrix_playbook_bot_postmoogle_traefik_key if traefik_certs_dumper_enabled else ''), - 'none': '', - }[matrix_playbook_reverse_proxy_type] - }} - -matrix_playbook_bot_postmoogle_traefik_certs_dumper_waiter_services: "{% for domain in matrix_bot_postmoogle_domains %}{{ traefik_certs_dumper_identifier }}-wait-for-domain@{{ domain }}.service {% endfor %}" - -matrix_bot_postmoogle_systemd_required_services_list_auto: | - {{ - matrix_addons_homeserver_systemd_services_list - + - ([postgres_identifier ~ '.service'] if postgres_enabled and matrix_bot_postmoogle_database_hostname == matrix_bot_postmoogle_database_hostname else []) - + - (matrix_playbook_bot_postmoogle_traefik_certs_dumper_waiter_services | trim | split(' ') if matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] and traefik_certs_dumper_enabled else []) - }} - -# Postgres is the default, except if not using internal Postgres server -matrix_bot_postmoogle_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}" -matrix_bot_postmoogle_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}" -matrix_bot_postmoogle_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'postmoogle.db', rounds=655555) | to_uuid }}" - -matrix_bot_postmoogle_homeserver: "{{ matrix_addons_homeserver_client_api_url }}" - -matrix_bot_postmoogle_container_network: "{{ matrix_addons_container_network }}" - -matrix_bot_postmoogle_container_additional_networks_auto: |- - {{ - ( - ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) - + - ([postgres_container_network] if postgres_enabled and matrix_bot_matrix_reminder_bot_database_hostname == postgres_connection_hostname else []) - ) | unique - }} - -###################################################################### -# -# /matrix-bot-postmoogle -# -###################################################################### - - ###################################################################### # # matrix-bot-chatgpt @@ -4054,10 +4051,10 @@ postgres_managed_databases_auto: | }] if (matrix_bot_honoroit_enabled and matrix_bot_honoroit_database_engine == 'postgres' and matrix_bot_honoroit_database_hostname == postgres_connection_hostname) else []) + ([{ - 'name': matrix_bot_postmoogle_database_name, - 'username': matrix_bot_postmoogle_database_username, - 'password': matrix_bot_postmoogle_database_password, - }] if (matrix_bot_postmoogle_enabled and matrix_bot_postmoogle_database_engine == 'postgres' and matrix_bot_postmoogle_database_hostname == postgres_connection_hostname) else []) + 'name': matrix_postmoogle_database_name, + 'username': matrix_postmoogle_database_username, + 'password': matrix_postmoogle_database_password, + }] if (matrix_postmoogle_enabled and matrix_postmoogle_database_engine == 'postgres' and matrix_postmoogle_database_hostname == postgres_connection_hostname) else []) + ([{ 'name': matrix_bot_maubot_database_name, @@ -4950,8 +4947,8 @@ matrix_synapse_admin_config_asManagedUsers_auto: | ] if matrix_bot_maubot_enabled else []) + ([ - '^@'+(matrix_bot_postmoogle_login | default('') | regex_escape) +':'+(matrix_domain | regex_escape)+'$', - ] if matrix_bot_postmoogle_enabled else []) + '^@'+(matrix_postmoogle_login | default('') | regex_escape) +':'+(matrix_domain | regex_escape)+'$', + ] if matrix_postmoogle_enabled else []) + ([ '^@_discord_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$', @@ -5775,10 +5772,10 @@ matrix_user_creator_users_auto: | }] if matrix_bot_honoroit_enabled else []) + ([{ - 'username': matrix_bot_postmoogle_login, - 'initial_password': matrix_bot_postmoogle_password, + 'username': matrix_postmoogle_login, + 'initial_password': matrix_postmoogle_password, 'initial_type': 'bot', - }] if matrix_bot_postmoogle_enabled else []) + }] if matrix_postmoogle_enabled else []) + ([{ 'username': matrix_bot_buscarron_login, diff --git a/roles/custom/matrix-bot-postmoogle/defaults/main.yml b/roles/custom/matrix-bot-postmoogle/defaults/main.yml deleted file mode 100644 index 113e264e2..000000000 --- a/roles/custom/matrix-bot-postmoogle/defaults/main.yml +++ /dev/null @@ -1,179 +0,0 @@ ---- -# postmoogle is an email to Matrix bridge using its bot user -# Project source code URL: https://github.com/etkecc/postmoogle - -matrix_bot_postmoogle_enabled: true - -matrix_bot_postmoogle_container_image_self_build: false -matrix_bot_postmoogle_docker_repo: "https://github.com/etkecc/postmoogle.git" -matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" -matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" - -# renovate: datasource=docker depName=ghcr.io/etkecc/postmoogle -matrix_bot_postmoogle_version: v0.9.23 -matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}etkecc/postmoogle:{{ matrix_bot_postmoogle_version }}" -matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'ghcr.io/' }}" -matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" - -matrix_bot_postmoogle_base_path: "{{ matrix_base_data_path }}/postmoogle" -matrix_bot_postmoogle_config_path: "{{ matrix_bot_postmoogle_base_path }}/config" -matrix_bot_postmoogle_data_path: "{{ matrix_bot_postmoogle_base_path }}/data" - -matrix_bot_postmoogle_container_network: "" - -matrix_bot_postmoogle_container_additional_networks: "{{ matrix_bot_postmoogle_container_additional_networks_auto + matrix_bot_postmoogle_container_additional_networks_custom }}" -matrix_bot_postmoogle_container_additional_networks_auto: [] -matrix_bot_postmoogle_container_additional_networks_custom: [] - -# A list of extra arguments to pass to the container -matrix_bot_postmoogle_container_extra_arguments: [] - -# List of systemd services that matrix-bot-postmoogle.service depends on -matrix_bot_postmoogle_systemd_required_services_list: "{{ matrix_bot_postmoogle_systemd_required_services_list_default + matrix_bot_postmoogle_systemd_required_services_list_auto + matrix_bot_postmoogle_systemd_required_services_list_custom }}" -matrix_bot_postmoogle_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" -matrix_bot_postmoogle_systemd_required_services_list_auto: [] -matrix_bot_postmoogle_systemd_required_services_list_custom: [] - -# List of systemd services that matrix-bot-postmoogle.service wants -matrix_bot_postmoogle_systemd_wanted_services_list: [] - -# Database-related configuration fields. -# -# To use SQLite, stick to these defaults. -# -# To use Postgres: -# - change the engine (`matrix_bot_postmoogle_database_engine: 'postgres'`) -# - adjust your database credentials via the `matrix_bot_postmoogle_database_*` variables -matrix_bot_postmoogle_database_engine: 'sqlite' - -matrix_bot_postmoogle_sqlite_database_path_local: "{{ matrix_bot_postmoogle_data_path }}/bot.db" -matrix_bot_postmoogle_sqlite_database_path_in_container: "/data/bot.db" - -matrix_bot_postmoogle_database_username: 'postmoogle' -matrix_bot_postmoogle_database_password: 'some-password' -matrix_bot_postmoogle_database_hostname: '' -matrix_bot_postmoogle_database_port: 5432 -matrix_bot_postmoogle_database_name: 'postmoogle' -matrix_bot_postmoogle_database_sslmode: disable - -matrix_bot_postmoogle_database_connection_string: 'postgres://{{ matrix_bot_postmoogle_database_username }}:{{ matrix_bot_postmoogle_database_password }}@{{ matrix_bot_postmoogle_database_hostname }}:{{ matrix_bot_postmoogle_database_port }}/{{ matrix_bot_postmoogle_database_name }}?sslmode={{ matrix_bot_postmoogle_database_sslmode }}' - -matrix_bot_postmoogle_storage_database: "{{ - { - 'sqlite': matrix_bot_postmoogle_sqlite_database_path_in_container, - 'postgres': matrix_bot_postmoogle_database_connection_string, - }[matrix_bot_postmoogle_database_engine] -}}" - -matrix_bot_postmoogle_database_dialect: "{{ - { - 'sqlite': 'sqlite3', - 'postgres': 'postgres', - }[matrix_bot_postmoogle_database_engine] -}}" - - -# The bot's username. This user needs to be created manually beforehand. -# Also see `matrix_bot_postmoogle_password` or `matrix_bot_postmoogle_sharedsecret` -matrix_bot_postmoogle_login: "postmoogle" - -# The password that the bot uses to authenticate. -matrix_bot_postmoogle_password: '' - -# Alternative to password - shared secret requires matrix_bot_postmoogle_login to be MXID -matrix_bot_postmoogle_sharedsecret: '' - -matrix_bot_postmoogle_homeserver: "" - -# Command prefix -matrix_bot_postmoogle_prefix: '!pm' - -# Max email size in megabytes, including attachments -matrix_bot_postmoogle_maxsize: '1024' - -# Optional SMTP relay mode -matrix_bot_postmoogle_relay_host: '' -matrix_bot_postmoogle_relay_port: '' -matrix_bot_postmoogle_relay_username: '' -matrix_bot_postmoogle_relay_password: '' - -# A list of admins -# Example set of rules: -# matrix_bot_postmoogle_admins: -# - '@someone:example.com' -# - '@another:example.com' -# - '@bot.*:example.com' -# - '@*:example.net' -matrix_bot_postmoogle_admins: "{{ [matrix_admin] if matrix_admin else [] }}" - -# Sentry DSN. Deprecated, use matrix_bot_postmoogle_monitoring_sentry_dsn -matrix_bot_postmoogle_sentry: '' - -# Sentry integration -matrix_bot_postmoogle_monitoring_sentry_dsn: "{{ matrix_bot_postmoogle_sentry }}" -matrix_bot_postmoogle_monitoring_sentry_rate: 20 - -# healthchecks.io integration -matrix_bot_postmoogle_monitoring_healthchecks_uuid: '' -matrix_bot_postmoogle_monitoring_healthchecks_duration: 60 - -# Log level -matrix_bot_postmoogle_loglevel: 'INFO' - -# deprecated, use matrix_bot_postmoogle_domains -matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}" - -matrix_bot_postmoogle_domains: - - "{{ matrix_bot_postmoogle_domain }}" # backward compatibility - -# Password (passphrase) to encrypt account data -matrix_bot_postmoogle_data_secret: "" - -# in-container ports -matrix_bot_postmoogle_port: '2525' -matrix_bot_postmoogle_tls_port: '25587' - -# on-host ports -matrix_bot_postmoogle_smtp_host_bind_port: '25' -matrix_bot_postmoogle_submission_host_bind_port: '587' - -### SSL -## on-host SSL dir -matrix_bot_postmoogle_ssl_path: "" - -## in-container SSL paths -# matrix_bot_postmoogle_tls_cert is the SSL certificates' certificates. -# This var is likely set via group_vars/matrix_servers, so you don't need to set certs manually. -# If you do need to set it manually, note that this is an in-container path. -# To mount a certificates volumes into the container, use matrix_bot_postmoogle_ssl_path -# Example value: /ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem -matrix_bot_postmoogle_tls_cert: "" - -# matrix_bot_postmoogle_tls_key is the SSL certificates' keys. -# This var is likely set via group_vars/matrix_servers, so you don't need to set keys manually. -# If you do need to set it manually, note that this is an in-container path. -# To mount a certificates volumes into the container, use matrix_bot_postmoogle_ssl_path -# Example value: /ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem -matrix_bot_postmoogle_tls_key: "" - -# Mandatory TLS, even on plain SMTP port -matrix_bot_postmoogle_tls_required: false - -# trusted proxies -matrix_bot_postmoogle_proxies: [] - -# known forwarders -matrix_bot_postmoogle_mailboxes_forwarded: [] - -# reserved mailboxes -matrix_bot_postmoogle_mailboxes_reserved: [] - -# mailbox activation flow -matrix_bot_postmoogle_mailboxes_activation: none - -# Additional environment variables to pass to the postmoogle container -# -# Example: -# matrix_bot_postmoogle_environment_variables_extension: | -# postmoogle_TEXT_DONE=Done -matrix_bot_postmoogle_environment_variables_extension: '' diff --git a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml deleted file mode 100644 index 1ef5b22d7..000000000 --- a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml +++ /dev/null @@ -1,94 +0,0 @@ ---- -- when: "matrix_bot_postmoogle_database_engine == 'postgres'" - block: - - name: Check if an SQLite database already exists - ansible.builtin.stat: - path: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}" - register: matrix_bot_postmoogle_sqlite_database_path_local_stat_result - - - when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool" - block: - - ansible.builtin.include_role: - name: galaxy/postgres - tasks_from: migrate_db_to_postgres - vars: - postgres_db_migration_request: - src: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}" - dst: "{{ matrix_bot_postmoogle_database_connection_string }}" - caller: "{{ role_path | basename }}" - engine_variable_name: 'matrix_bot_postmoogle_database_engine' - engine_old: 'sqlite' - systemd_services_to_stop: ['matrix-bot-postmoogle.service'] - - - ansible.builtin.set_fact: - matrix_bot_postmoogle_requires_restart: true - -- name: Ensure postmoogle paths exist - ansible.builtin.file: - path: "{{ item.path }}" - state: directory - mode: 0750 - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - with_items: - - {path: "{{ matrix_bot_postmoogle_config_path }}", when: true} - - {path: "{{ matrix_bot_postmoogle_data_path }}", when: true} - - {path: "{{ matrix_bot_postmoogle_docker_src_files_path }}", when: matrix_bot_postmoogle_container_image_self_build} - when: "item.when | bool" - -- name: Ensure postmoogle environment variables file created - ansible.builtin.template: - src: "{{ role_path }}/templates/env.j2" - dest: "{{ matrix_bot_postmoogle_config_path }}/env" - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - mode: 0640 - -- name: Ensure postmoogle image is pulled - community.docker.docker_image: - name: "{{ matrix_bot_postmoogle_docker_image }}" - source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - force_source: "{{ matrix_bot_postmoogle_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" - force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_postmoogle_docker_image_force_pull }}" - when: "not matrix_bot_postmoogle_container_image_self_build | bool" - register: result - retries: "{{ devture_playbook_help_container_retries_count }}" - delay: "{{ devture_playbook_help_container_retries_delay }}" - until: result is not failed - -- name: Ensure postmoogle repository is present on self-build - ansible.builtin.git: - repo: "{{ matrix_bot_postmoogle_docker_repo }}" - version: "{{ matrix_bot_postmoogle_docker_repo_version }}" - dest: "{{ matrix_bot_postmoogle_docker_src_files_path }}" - force: "yes" - become: true - become_user: "{{ matrix_user_username }}" - register: matrix_bot_postmoogle_git_pull_results - when: "matrix_bot_postmoogle_container_image_self_build | bool" - -- name: Ensure postmoogle image is built - community.docker.docker_image: - name: "{{ matrix_bot_postmoogle_docker_image }}" - source: build - force_source: "{{ matrix_bot_postmoogle_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" - force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_postmoogle_git_pull_results.changed }}" - build: - dockerfile: Dockerfile - path: "{{ matrix_bot_postmoogle_docker_src_files_path }}" - pull: true - when: "matrix_bot_postmoogle_container_image_self_build | bool" - -- name: Ensure postmoogle container network is created - community.general.docker_network: - enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}" - name: "{{ matrix_bot_postmoogle_container_network }}" - driver: bridge - driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}" - -- name: Ensure matrix-bot-postmoogle.service installed - ansible.builtin.template: - src: "{{ role_path }}/templates/systemd/matrix-bot-postmoogle.service.j2" - dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-postmoogle.service" - mode: 0644 - register: matrix_bot_postmoogle_systemd_service_result diff --git a/roles/custom/matrix-bot-postmoogle/tasks/validate_config.yml b/roles/custom/matrix-bot-postmoogle/tasks/validate_config.yml deleted file mode 100644 index 77f03356a..000000000 --- a/roles/custom/matrix-bot-postmoogle/tasks/validate_config.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- - -- name: Fail if required Postmoogle settings not defined - ansible.builtin.fail: - msg: >- - You need to define a required configuration setting (`{{ item.name }}`). - when: "item.when | bool and vars[item.name] == ''" - with_items: - - {'name': 'matrix_bot_postmoogle_password', when: true} - - {'name': 'matrix_bot_postmoogle_container_network', when: true} - - {'name': 'matrix_bot_postmoogle_homeserver', when: true} - - {'name': 'matrix_bot_postmoogle_database_hostname', when: "{{ matrix_bot_postmoogle_database_engine == 'postgres' }}"} diff --git a/roles/custom/matrix-bot-postmoogle/templates/env.j2 b/roles/custom/matrix-bot-postmoogle/templates/env.j2 deleted file mode 100644 index 8a3eb71b2..000000000 --- a/roles/custom/matrix-bot-postmoogle/templates/env.j2 +++ /dev/null @@ -1,31 +0,0 @@ -POSTMOOGLE_LOGIN={{ matrix_bot_postmoogle_login }} -POSTMOOGLE_PASSWORD={{ matrix_bot_postmoogle_password }} -POSTMOOGLE_SHAREDSECRET={{ matrix_bot_postmoogle_sharedsecret }} -POSTMOOGLE_HOMESERVER={{ matrix_bot_postmoogle_homeserver }} -POSTMOOGLE_DOMAINS={{ matrix_bot_postmoogle_domains | join(' ') }} -POSTMOOGLE_PORT={{ matrix_bot_postmoogle_port }} -POSTMOOGLE_DB_DSN={{ matrix_bot_postmoogle_database_connection_string }} -POSTMOOGLE_DB_DIALECT={{ matrix_bot_postmoogle_database_dialect }} -POSTMOOGLE_PREFIX={{ matrix_bot_postmoogle_prefix }} -POSTMOOGLE_MAXSIZE={{ matrix_bot_postmoogle_maxsize }} -POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} -POSTMOOGLE_ADMINS={{ matrix_bot_postmoogle_admins | join(' ') }} -POSTMOOGLE_TLS_PORT={{ matrix_bot_postmoogle_tls_port }} -POSTMOOGLE_TLS_CERT={{ matrix_bot_postmoogle_tls_cert }} -POSTMOOGLE_TLS_KEY={{ matrix_bot_postmoogle_tls_key }} -POSTMOOGLE_TLS_REQUIRED={{ matrix_bot_postmoogle_tls_required }} -POSTMOOGLE_DATA_SECRET={{ matrix_bot_postmoogle_data_secret }} -POSTMOOGLE_PROXIES={{ matrix_bot_postmoogle_proxies | join(' ') }} -POSTMOOGLE_RELAY_HOST={{ matrix_bot_postmoogle_relay_host }} -POSTMOOGLE_RELAY_PORT={{ matrix_bot_postmoogle_relay_port }} -POSTMOOGLE_RELAY_USERNAME={{ matrix_bot_postmoogle_relay_username }} -POSTMOOGLE_RELAY_PASSWORD={{ matrix_bot_postmoogle_relay_password }} -POSTMOOGLE_MONITORING_SENTRY_DSN={{ matrix_bot_postmoogle_monitoring_sentry_dsn }} -POSTMOOGLE_MONITORING_SENTRY_RATE={{ matrix_bot_postmoogle_monitoring_sentry_rate }} -POSTMOOGLE_MONITORING_HEALTHCHECKS_UUID={{ matrix_bot_postmoogle_monitoring_healthchecks_uuid }} -POSTMOOGLE_MONITORING_HEALTHCHECKS_DURATION={{ matrix_bot_postmoogle_monitoring_healthchecks_duration }} -POSTMOOGLE_MAILBOXES_FORWARDED={{ matrix_bot_postmoogle_mailboxes_forwarded | join(' ') }} -POSTMOOGLE_MAILBOXES_RESERVED={{ matrix_bot_postmoogle_mailboxes_reserved | join(' ') }} -POSTMOOGLE_MAILBOXES_ACTIVATION={{ matrix_bot_postmoogle_mailboxes_activation }} - -{{ matrix_bot_postmoogle_environment_variables_extension }} diff --git a/roles/custom/matrix-bridge-postmoogle/defaults/main.yml b/roles/custom/matrix-bridge-postmoogle/defaults/main.yml new file mode 100644 index 000000000..fb18e21f6 --- /dev/null +++ b/roles/custom/matrix-bridge-postmoogle/defaults/main.yml @@ -0,0 +1,179 @@ +--- +# postmoogle is an email to Matrix bridge using its bot user +# Project source code URL: https://github.com/etkecc/postmoogle + +matrix_postmoogle_enabled: true + +matrix_postmoogle_container_image_self_build: false +matrix_postmoogle_docker_repo: "https://github.com/etkecc/postmoogle.git" +matrix_postmoogle_docker_repo_version: "{{ 'main' if matrix_postmoogle_version == 'latest' else matrix_postmoogle_version }}" +matrix_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" + +# renovate: datasource=docker depName=ghcr.io/etkecc/postmoogle +matrix_postmoogle_version: v0.9.23 +matrix_postmoogle_docker_image: "{{ matrix_postmoogle_docker_image_name_prefix }}etkecc/postmoogle:{{ matrix_postmoogle_version }}" +matrix_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_postmoogle_container_image_self_build else 'ghcr.io/' }}" +matrix_postmoogle_docker_image_force_pull: "{{ matrix_postmoogle_docker_image.endswith(':latest') }}" + +matrix_postmoogle_base_path: "{{ matrix_base_data_path }}/postmoogle" +matrix_postmoogle_config_path: "{{ matrix_postmoogle_base_path }}/config" +matrix_postmoogle_data_path: "{{ matrix_postmoogle_base_path }}/data" + +matrix_postmoogle_container_network: "" + +matrix_postmoogle_container_additional_networks: "{{ matrix_postmoogle_container_additional_networks_auto + matrix_postmoogle_container_additional_networks_custom }}" +matrix_postmoogle_container_additional_networks_auto: [] +matrix_postmoogle_container_additional_networks_custom: [] + +# A list of extra arguments to pass to the container +matrix_postmoogle_container_extra_arguments: [] + +# List of systemd services that matrix-postmoogle.service depends on +matrix_postmoogle_systemd_required_services_list: "{{ matrix_postmoogle_systemd_required_services_list_default + matrix_postmoogle_systemd_required_services_list_auto + matrix_postmoogle_systemd_required_services_list_custom }}" +matrix_postmoogle_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" +matrix_postmoogle_systemd_required_services_list_auto: [] +matrix_postmoogle_systemd_required_services_list_custom: [] + +# List of systemd services that matrix-postmoogle.service wants +matrix_postmoogle_systemd_wanted_services_list: [] + +# Database-related configuration fields. +# +# To use SQLite, stick to these defaults. +# +# To use Postgres: +# - change the engine (`matrix_postmoogle_database_engine: 'postgres'`) +# - adjust your database credentials via the `matrix_postmoogle_database_*` variables +matrix_postmoogle_database_engine: 'sqlite' + +matrix_postmoogle_sqlite_database_path_local: "{{ matrix_postmoogle_data_path }}/bot.db" +matrix_postmoogle_sqlite_database_path_in_container: "/data/bot.db" + +matrix_postmoogle_database_username: 'postmoogle' +matrix_postmoogle_database_password: 'some-password' +matrix_postmoogle_database_hostname: '' +matrix_postmoogle_database_port: 5432 +matrix_postmoogle_database_name: 'postmoogle' +matrix_postmoogle_database_sslmode: disable + +matrix_postmoogle_database_connection_string: 'postgres://{{ matrix_postmoogle_database_username }}:{{ matrix_postmoogle_database_password }}@{{ matrix_postmoogle_database_hostname }}:{{ matrix_postmoogle_database_port }}/{{ matrix_postmoogle_database_name }}?sslmode={{ matrix_postmoogle_database_sslmode }}' + +matrix_postmoogle_storage_database: "{{ + { + 'sqlite': matrix_postmoogle_sqlite_database_path_in_container, + 'postgres': matrix_postmoogle_database_connection_string, + }[matrix_postmoogle_database_engine] +}}" + +matrix_postmoogle_database_dialect: "{{ + { + 'sqlite': 'sqlite3', + 'postgres': 'postgres', + }[matrix_postmoogle_database_engine] +}}" + + +# The bot's username. This user needs to be created manually beforehand. +# Also see `matrix_postmoogle_password` or `matrix_postmoogle_sharedsecret` +matrix_postmoogle_login: "postmoogle" + +# The password that the bot uses to authenticate. +matrix_postmoogle_password: '' + +# Alternative to password - shared secret requires matrix_postmoogle_login to be MXID +matrix_postmoogle_sharedsecret: '' + +matrix_postmoogle_homeserver: "" + +# Command prefix +matrix_postmoogle_prefix: '!pm' + +# Max email size in megabytes, including attachments +matrix_postmoogle_maxsize: '1024' + +# Optional SMTP relay mode +matrix_postmoogle_relay_host: '' +matrix_postmoogle_relay_port: '' +matrix_postmoogle_relay_username: '' +matrix_postmoogle_relay_password: '' + +# A list of admins +# Example set of rules: +# matrix_postmoogle_admins: +# - '@someone:example.com' +# - '@another:example.com' +# - '@bot.*:example.com' +# - '@*:example.net' +matrix_postmoogle_admins: "{{ [matrix_admin] if matrix_admin else [] }}" + +# Sentry DSN. Deprecated, use matrix_postmoogle_monitoring_sentry_dsn +matrix_postmoogle_sentry: '' + +# Sentry integration +matrix_postmoogle_monitoring_sentry_dsn: "{{ matrix_postmoogle_sentry }}" +matrix_postmoogle_monitoring_sentry_rate: 20 + +# healthchecks.io integration +matrix_postmoogle_monitoring_healthchecks_uuid: '' +matrix_postmoogle_monitoring_healthchecks_duration: 60 + +# Log level +matrix_postmoogle_loglevel: 'INFO' + +# deprecated, use matrix_postmoogle_domains +matrix_postmoogle_domain: "{{ matrix_server_fqn_matrix }}" + +matrix_postmoogle_domains: + - "{{ matrix_postmoogle_domain }}" # backward compatibility + +# Password (passphrase) to encrypt account data +matrix_postmoogle_data_secret: "" + +# in-container ports +matrix_postmoogle_port: '2525' +matrix_postmoogle_tls_port: '25587' + +# on-host ports +matrix_postmoogle_smtp_host_bind_port: '25' +matrix_postmoogle_submission_host_bind_port: '587' + +### SSL +## on-host SSL dir +matrix_postmoogle_ssl_path: "" + +## in-container SSL paths +# matrix_postmoogle_tls_cert is the SSL certificates' certificates. +# This var is likely set via group_vars/matrix_servers, so you don't need to set certs manually. +# If you do need to set it manually, note that this is an in-container path. +# To mount a certificates volumes into the container, use matrix_postmoogle_ssl_path +# Example value: /ssl/live/{{ matrix_postmoogle_domain }}/fullchain.pem +matrix_postmoogle_tls_cert: "" + +# matrix_postmoogle_tls_key is the SSL certificates' keys. +# This var is likely set via group_vars/matrix_servers, so you don't need to set keys manually. +# If you do need to set it manually, note that this is an in-container path. +# To mount a certificates volumes into the container, use matrix_postmoogle_ssl_path +# Example value: /ssl/live/{{ matrix_postmoogle_domain }}/privkey.pem +matrix_postmoogle_tls_key: "" + +# Mandatory TLS, even on plain SMTP port +matrix_postmoogle_tls_required: false + +# trusted proxies +matrix_postmoogle_proxies: [] + +# known forwarders +matrix_postmoogle_mailboxes_forwarded: [] + +# reserved mailboxes +matrix_postmoogle_mailboxes_reserved: [] + +# mailbox activation flow +matrix_postmoogle_mailboxes_activation: none + +# Additional environment variables to pass to the postmoogle container +# +# Example: +# matrix_postmoogle_environment_variables_extension: | +# postmoogle_TEXT_DONE=Done +matrix_postmoogle_environment_variables_extension: '' diff --git a/roles/custom/matrix-bot-postmoogle/tasks/main.yml b/roles/custom/matrix-bridge-postmoogle/tasks/main.yml similarity index 58% rename from roles/custom/matrix-bot-postmoogle/tasks/main.yml rename to roles/custom/matrix-bridge-postmoogle/tasks/main.yml index b77040392..0b4dbc60b 100644 --- a/roles/custom/matrix-bot-postmoogle/tasks/main.yml +++ b/roles/custom/matrix-bridge-postmoogle/tasks/main.yml @@ -2,19 +2,19 @@ - tags: - setup-all - - setup-bot-postmoogle + - setup-postmoogle - install-all - - install-bot-postmoogle + - install-postmoogle block: - - when: matrix_bot_postmoogle_enabled | bool + - when: matrix_postmoogle_enabled | bool ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml" - - when: matrix_bot_postmoogle_enabled | bool + - when: matrix_postmoogle_enabled | bool ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml" - tags: - setup-all - - setup-bot-postmoogle + - setup-postmoogle block: - - when: not matrix_bot_postmoogle_enabled | bool + - when: not matrix_postmoogle_enabled | bool ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" diff --git a/roles/custom/matrix-bridge-postmoogle/tasks/setup_install.yml b/roles/custom/matrix-bridge-postmoogle/tasks/setup_install.yml new file mode 100644 index 000000000..e9cabd37e --- /dev/null +++ b/roles/custom/matrix-bridge-postmoogle/tasks/setup_install.yml @@ -0,0 +1,94 @@ +--- +- when: "matrix_postmoogle_database_engine == 'postgres'" + block: + - name: Check if an SQLite database already exists + ansible.builtin.stat: + path: "{{ matrix_postmoogle_sqlite_database_path_local }}" + register: matrix_postmoogle_sqlite_database_path_local_stat_result + + - when: "matrix_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool" + block: + - ansible.builtin.include_role: + name: galaxy/postgres + tasks_from: migrate_db_to_postgres + vars: + postgres_db_migration_request: + src: "{{ matrix_postmoogle_sqlite_database_path_local }}" + dst: "{{ matrix_postmoogle_database_connection_string }}" + caller: "{{ role_path | basename }}" + engine_variable_name: 'matrix_postmoogle_database_engine' + engine_old: 'sqlite' + systemd_services_to_stop: ['matrix-postmoogle.service'] + + - ansible.builtin.set_fact: + matrix_postmoogle_requires_restart: true + +- name: Ensure postmoogle paths exist + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_postmoogle_config_path }}", when: true} + - {path: "{{ matrix_postmoogle_data_path }}", when: true} + - {path: "{{ matrix_postmoogle_docker_src_files_path }}", when: matrix_postmoogle_container_image_self_build} + when: "item.when | bool" + +- name: Ensure postmoogle environment variables file created + ansible.builtin.template: + src: "{{ role_path }}/templates/env.j2" + dest: "{{ matrix_postmoogle_config_path }}/env" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0640 + +- name: Ensure postmoogle image is pulled + community.docker.docker_image: + name: "{{ matrix_postmoogle_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_postmoogle_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_postmoogle_docker_image_force_pull }}" + when: "not matrix_postmoogle_container_image_self_build | bool" + register: result + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" + until: result is not failed + +- name: Ensure postmoogle repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_postmoogle_docker_repo }}" + version: "{{ matrix_postmoogle_docker_repo_version }}" + dest: "{{ matrix_postmoogle_docker_src_files_path }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_postmoogle_git_pull_results + when: "matrix_postmoogle_container_image_self_build | bool" + +- name: Ensure postmoogle image is built + community.docker.docker_image: + name: "{{ matrix_postmoogle_docker_image }}" + source: build + force_source: "{{ matrix_postmoogle_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_postmoogle_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_postmoogle_docker_src_files_path }}" + pull: true + when: "matrix_postmoogle_container_image_self_build | bool" + +- name: Ensure postmoogle container network is created + community.general.docker_network: + enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}" + name: "{{ matrix_postmoogle_container_network }}" + driver: bridge + driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}" + +- name: Ensure matrix-postmoogle.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-postmoogle.service.j2" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postmoogle.service" + mode: 0644 + register: matrix_postmoogle_systemd_service_result diff --git a/roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-postmoogle/tasks/setup_uninstall.yml similarity index 62% rename from roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-postmoogle/tasks/setup_uninstall.yml index 93e00dda2..28b243429 100644 --- a/roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-postmoogle/tasks/setup_uninstall.yml @@ -2,24 +2,24 @@ - name: Check existence of matrix-postmoogle service ansible.builtin.stat: - path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-postmoogle.service" - register: matrix_bot_postmoogle_service_stat + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postmoogle.service" + register: matrix_postmoogle_service_stat -- when: matrix_bot_postmoogle_service_stat.stat.exists | bool +- when: matrix_postmoogle_service_stat.stat.exists | bool block: - name: Ensure matrix-postmoogle is stopped ansible.builtin.service: - name: matrix-bot-postmoogle + name: matrix-postmoogle state: stopped enabled: false daemon_reload: true - - name: Ensure matrix-bot-postmoogle.service doesn't exist + - name: Ensure matrix-postmoogle.service doesn't exist ansible.builtin.file: - path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-postmoogle.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postmoogle.service" state: absent - name: Ensure Matrix postmoogle paths don't exist ansible.builtin.file: - path: "{{ matrix_bot_postmoogle_base_path }}" + path: "{{ matrix_postmoogle_base_path }}" state: absent diff --git a/roles/custom/matrix-bridge-postmoogle/tasks/validate_config.yml b/roles/custom/matrix-bridge-postmoogle/tasks/validate_config.yml new file mode 100644 index 000000000..d486923d3 --- /dev/null +++ b/roles/custom/matrix-bridge-postmoogle/tasks/validate_config.yml @@ -0,0 +1,12 @@ +--- + +- name: Fail if required Postmoogle settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item.name }}`). + when: "item.when | bool and vars[item.name] == ''" + with_items: + - {'name': 'matrix_postmoogle_password', when: true} + - {'name': 'matrix_postmoogle_container_network', when: true} + - {'name': 'matrix_postmoogle_homeserver', when: true} + - {'name': 'matrix_postmoogle_database_hostname', when: "{{ matrix_postmoogle_database_engine == 'postgres' }}"} diff --git a/roles/custom/matrix-bridge-postmoogle/templates/env.j2 b/roles/custom/matrix-bridge-postmoogle/templates/env.j2 new file mode 100644 index 000000000..b56f88ae2 --- /dev/null +++ b/roles/custom/matrix-bridge-postmoogle/templates/env.j2 @@ -0,0 +1,31 @@ +POSTMOOGLE_LOGIN={{ matrix_postmoogle_login }} +POSTMOOGLE_PASSWORD={{ matrix_postmoogle_password }} +POSTMOOGLE_SHAREDSECRET={{ matrix_postmoogle_sharedsecret }} +POSTMOOGLE_HOMESERVER={{ matrix_postmoogle_homeserver }} +POSTMOOGLE_DOMAINS={{ matrix_postmoogle_domains | join(' ') }} +POSTMOOGLE_PORT={{ matrix_postmoogle_port }} +POSTMOOGLE_DB_DSN={{ matrix_postmoogle_database_connection_string }} +POSTMOOGLE_DB_DIALECT={{ matrix_postmoogle_database_dialect }} +POSTMOOGLE_PREFIX={{ matrix_postmoogle_prefix }} +POSTMOOGLE_MAXSIZE={{ matrix_postmoogle_maxsize }} +POSTMOOGLE_LOGLEVEL={{ matrix_postmoogle_loglevel }} +POSTMOOGLE_ADMINS={{ matrix_postmoogle_admins | join(' ') }} +POSTMOOGLE_TLS_PORT={{ matrix_postmoogle_tls_port }} +POSTMOOGLE_TLS_CERT={{ matrix_postmoogle_tls_cert }} +POSTMOOGLE_TLS_KEY={{ matrix_postmoogle_tls_key }} +POSTMOOGLE_TLS_REQUIRED={{ matrix_postmoogle_tls_required }} +POSTMOOGLE_DATA_SECRET={{ matrix_postmoogle_data_secret }} +POSTMOOGLE_PROXIES={{ matrix_postmoogle_proxies | join(' ') }} +POSTMOOGLE_RELAY_HOST={{ matrix_postmoogle_relay_host }} +POSTMOOGLE_RELAY_PORT={{ matrix_postmoogle_relay_port }} +POSTMOOGLE_RELAY_USERNAME={{ matrix_postmoogle_relay_username }} +POSTMOOGLE_RELAY_PASSWORD={{ matrix_postmoogle_relay_password }} +POSTMOOGLE_MONITORING_SENTRY_DSN={{ matrix_postmoogle_monitoring_sentry_dsn }} +POSTMOOGLE_MONITORING_SENTRY_RATE={{ matrix_postmoogle_monitoring_sentry_rate }} +POSTMOOGLE_MONITORING_HEALTHCHECKS_UUID={{ matrix_postmoogle_monitoring_healthchecks_uuid }} +POSTMOOGLE_MONITORING_HEALTHCHECKS_DURATION={{ matrix_postmoogle_monitoring_healthchecks_duration }} +POSTMOOGLE_MAILBOXES_FORWARDED={{ matrix_postmoogle_mailboxes_forwarded | join(' ') }} +POSTMOOGLE_MAILBOXES_RESERVED={{ matrix_postmoogle_mailboxes_reserved | join(' ') }} +POSTMOOGLE_MAILBOXES_ACTIVATION={{ matrix_postmoogle_mailboxes_activation }} + +{{ matrix_postmoogle_environment_variables_extension }} diff --git a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/custom/matrix-bridge-postmoogle/templates/systemd/matrix-bridge-postmoogle.service.j2 similarity index 52% rename from roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 rename to roles/custom/matrix-bridge-postmoogle/templates/systemd/matrix-bridge-postmoogle.service.j2 index 4f6d0ced2..fa4c1bf36 100644 --- a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/custom/matrix-bridge-postmoogle/templates/systemd/matrix-bridge-postmoogle.service.j2 @@ -1,11 +1,11 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Postmoogle bot -{% for service in matrix_bot_postmoogle_systemd_required_services_list %} +Description=Matrix Postmoogle bridge +{% for service in matrix_postmoogle_systemd_required_services_list %} Requires={{ service }} After={{ service }} {% endfor %} -{% for service in matrix_bot_postmoogle_systemd_wanted_services_list %} +{% for service in matrix_postmoogle_systemd_wanted_services_list %} Wants={{ service }} {% endfor %} DefaultDependencies=no @@ -13,42 +13,42 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-bot-postmoogle 2>/dev/null || true' -ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-postmoogle 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postmoogle 2>/dev/null || true' ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \ --rm \ - --name=matrix-bot-postmoogle \ + --name=matrix-postmoogle \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ --read-only \ - --network={{ matrix_bot_postmoogle_container_network }} \ - --env-file={{ matrix_bot_postmoogle_config_path }}/env \ - -p {{ matrix_bot_postmoogle_smtp_host_bind_port }}:{{ matrix_bot_postmoogle_port }} \ - {% if matrix_bot_postmoogle_ssl_path %} - -p {{ matrix_bot_postmoogle_submission_host_bind_port }}:{{ matrix_bot_postmoogle_tls_port }} \ + --network={{ matrix_postmoogle_container_network }} \ + --env-file={{ matrix_postmoogle_config_path }}/env \ + -p {{ matrix_postmoogle_smtp_host_bind_port }}:{{ matrix_postmoogle_port }} \ + {% if matrix_postmoogle_ssl_path %} + -p {{ matrix_postmoogle_submission_host_bind_port }}:{{ matrix_postmoogle_tls_port }} \ {% endif %} - --mount type=bind,src={{ matrix_bot_postmoogle_data_path }},dst=/data \ - {% if matrix_bot_postmoogle_ssl_path %} - --mount type=bind,src={{ matrix_bot_postmoogle_ssl_path }},dst=/ssl \ + --mount type=bind,src={{ matrix_postmoogle_data_path }},dst=/data \ + {% if matrix_postmoogle_ssl_path %} + --mount type=bind,src={{ matrix_postmoogle_ssl_path }},dst=/ssl \ {% endif %} - {% for arg in matrix_bot_postmoogle_container_extra_arguments %} + {% for arg in matrix_postmoogle_container_extra_arguments %} {{ arg }} \ {% endfor %} - {{ matrix_bot_postmoogle_docker_image }} + {{ matrix_postmoogle_docker_image }} -{% for network in matrix_bot_postmoogle_container_additional_networks %} -ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-postmoogle +{% for network in matrix_postmoogle_container_additional_networks %} +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-postmoogle {% endfor %} -ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-postmoogle +ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-postmoogle -ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-bot-postmoogle 2>/dev/null || true' -ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-postmoogle 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postmoogle 2>/dev/null || true' Restart=always RestartSec=30 -SyslogIdentifier=matrix-bot-postmoogle +SyslogIdentifier=matrix-postmoogle [Install] WantedBy=multi-user.target diff --git a/roles/custom/matrix_playbook_migration/defaults/main.yml b/roles/custom/matrix_playbook_migration/defaults/main.yml index b8b13a9e0..ba672d092 100644 --- a/roles/custom/matrix_playbook_migration/defaults/main.yml +++ b/roles/custom/matrix_playbook_migration/defaults/main.yml @@ -27,6 +27,9 @@ matrix_playbook_migration_matrix_aux_migration_validation_enabled: true # Controls if (`matrix_jitsi` -> `jitsi`) validation will run. matrix_playbook_migration_matrix_jitsi_migration_validation_enabled: true +# Controls if (`matrix_bot_postmoogle_` -> `matrix_postmoogle_`) validation will run. +matrix_playbook_migration_matrix_postmoogle_migration_validation_enabled: true + # Controls if the old apt repository (likely without a `signed-by` option) on Debian-based systems will be removed. # # Older versions of the Docker role (5.x, 6.x) used to install a repository at a path like: `/etc/apt/sources.list.d/download_docker_com_linux_*` diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index dccc83816..4c391ed6e 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -223,6 +223,20 @@ We found usage of the following variables: {{ matrix_playbook_migration_jitsi_migration_vars.keys() | join(', ') }} when: "matrix_playbook_migration_jitsi_migration_vars | length > 0" +- when: matrix_playbook_migration_matrix_postmoogle_migration_validation_enabled | bool + block: + - ansible.builtin.set_fact: + matrix_playbook_migration_postmoogle_migration_vars: |- + {{ vars | dict2items | selectattr('key', 'match', 'matrix_postmoogle_.*') | list | items2dict }} + + - name: (Deprecation) Catch and report matrix_bot_postmoogle variables + ansible.builtin.fail: + msg: >- + Your configuration contains a variable, which now has a different name. + Please change your configuration (vars.yml) to rename all variables (`matrix_bot_postmoogle_` -> `matrix_postmoogle_`). + We found usage of the following variables: {{ matrix_playbook_migration_postmoogle_migration_vars.keys() | join(', ') }} + when: "matrix_playbook_migration_postmoogle_migration_vars | length > 0" + - when: matrix_playbook_migration_matrix_nginx_proxy_elimination_variable_transition_checks_enabled | bool block: - name: (Deprecation) Catch and report transitioned playbook settings during the matrix-nginx-proxy elimination diff --git a/setup.yml b/setup.yml index b9eb5b8d6..51c5589b4 100644 --- a/setup.yml +++ b/setup.yml @@ -82,6 +82,7 @@ - custom/matrix-bridge-mx-puppet-slack - custom/matrix-bridge-mx-puppet-twitter - custom/matrix-bridge-mx-puppet-instagram + - custom/matrix-bridge-postmoogle - custom/matrix-bridge-sms - custom/matrix-bridge-heisenbridge - custom/matrix-bridge-hookshot @@ -91,7 +92,6 @@ - custom/matrix-bot-buscarron - custom/matrix-bot-baibot - custom/matrix-bot-honoroit - - custom/matrix-bot-postmoogle - custom/matrix-bot-go-neb - custom/matrix-bot-mjolnir - custom/matrix-bot-draupnir From 2234fbbb8a6ecf3b6d52cf5aebdec07c00879133 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 31 Oct 2024 10:36:04 +0200 Subject: [PATCH 225/404] Fix Postmoogle service name file to match what is being deployed Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3698 --- ...-bridge-postmoogle.service.j2 => matrix-postmoogle.service.j2} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/custom/matrix-bridge-postmoogle/templates/systemd/{matrix-bridge-postmoogle.service.j2 => matrix-postmoogle.service.j2} (100%) diff --git a/roles/custom/matrix-bridge-postmoogle/templates/systemd/matrix-bridge-postmoogle.service.j2 b/roles/custom/matrix-bridge-postmoogle/templates/systemd/matrix-postmoogle.service.j2 similarity index 100% rename from roles/custom/matrix-bridge-postmoogle/templates/systemd/matrix-bridge-postmoogle.service.j2 rename to roles/custom/matrix-bridge-postmoogle/templates/systemd/matrix-postmoogle.service.j2 From e26fea02896c2a4bec90ae529683c2b36dfe2dc3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 31 Oct 2024 10:44:35 +0200 Subject: [PATCH 226/404] Fix validation task (matrix_postmoogle_ -> matrix_bot_postmoogle_) Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3698 --- .../custom/matrix_playbook_migration/tasks/validate_config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index 4c391ed6e..7d680d529 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -227,7 +227,7 @@ block: - ansible.builtin.set_fact: matrix_playbook_migration_postmoogle_migration_vars: |- - {{ vars | dict2items | selectattr('key', 'match', 'matrix_postmoogle_.*') | list | items2dict }} + {{ vars | dict2items | selectattr('key', 'match', 'matrix_bot_postmoogle_.*') | list | items2dict }} - name: (Deprecation) Catch and report matrix_bot_postmoogle variables ansible.builtin.fail: From c20fcedd2c264bff2755bbc68bf4b292e9a906ae Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 31 Oct 2024 10:55:32 +0200 Subject: [PATCH 227/404] Detect and remove legacy Postmoogle service (matrix-bot-postmoogle.service) Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3698 --- .../tasks/setup_install.yml | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/roles/custom/matrix-bridge-postmoogle/tasks/setup_install.yml b/roles/custom/matrix-bridge-postmoogle/tasks/setup_install.yml index e9cabd37e..61a8e7873 100644 --- a/roles/custom/matrix-bridge-postmoogle/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-postmoogle/tasks/setup_install.yml @@ -1,4 +1,29 @@ --- + +# Check and remove the legacy systemd service (`matrix-bot-postmoogle.service`). +# This role uses `matrix-postmoogle.service` now. +# Related to: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3698 + +- name: Check if matrix-bot-postmoogle.service exists + ansible.builtin.stat: + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-postmoogle.service" + register: matrix_bot_postmoogle_service_stat + +- name: Stop and remove legacy matrix-bot-postmoogle systemd service + when: matrix_bot_postmoogle_service_stat.stat.exists | bool + block: + - name: Ensure legacy matrix-bot-postmoogle service is stopped + ansible.builtin.service: + name: matrix-bot-postmoogle + state: stopped + enabled: false + failed_when: false + + - name: Remove legacy matrix-bot-postmoogle service file + ansible.builtin.file: + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-postmoogle.service" + state: absent + - when: "matrix_postmoogle_database_engine == 'postgres'" block: - name: Check if an SQLite database already exists From 0b09ad3d76bbb05a0a80a02c63ce85d4dbfbc8e4 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 31 Oct 2024 18:58:04 +0900 Subject: [PATCH 228/404] Update documentation about Slack bridges (#3706) * Update docs/configuring-playbook-bridge-hookshot.md: matrix-appservice-webhooks has been deprecated Signed-off-by: Suguru Hirahara * Add notes that matrix-appservice-slack is not available for new installation The bridge uses a classic Slack application, but its creation has been discontinued since June 4, 2024. Signed-off-by: Suguru Hirahara * Remove reference to matrix-hookshot and matrix-appservice-webhooks Signed-off-by: Suguru Hirahara --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-slack.md | 4 +++- docs/configuring-playbook-bridge-hookshot.md | 2 +- docs/configuring-playbook-bridge-mautrix-slack.md | 2 +- docs/configuring-playbook-bridge-mx-puppet-slack.md | 3 +-- 4 files changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index c0c81c66e..30bdedf1d 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -1,6 +1,8 @@ # Setting up Appservice Slack bridging (optional) -**Note**: bridging to [Slack](https://slack.com) can also happen via the [mx-puppet-slack](configuring-playbook-bridge-mx-puppet-slack.md) and [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) bridges supported by the playbook. +**Notes**: +- Bridging to [Slack](https://slack.com) can also happen via the [mx-puppet-slack](configuring-playbook-bridge-mx-puppet-slack.md) and [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) bridges supported by the playbook. +- Currently (as of November, 2024) this component is not available for new installation unless you have already created a classic Slack application (which the bridge makes use of in order to enable bridging between Slack and Matrix), because the creation of classic Slack applications has been discontinued since June 4 2024. The author of the bridge claims [here](https://github.com/matrix-org/matrix-appservice-slack/issues/789#issuecomment-2172947787) that he plans to support the modern Slack application and until then "the best (and only) option for new installations is to use the webhook bridging". The playbook can install and configure [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) for you. diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 465765cb9..f8f54b79c 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -6,7 +6,7 @@ Hookshot can bridge [Webhooks](https://en.wikipedia.org/wiki/Webhook) from softw See the project's [documentation](https://matrix-org.github.io/matrix-hookshot/latest/hookshot.html) to learn what it does in detail and why it might be useful to you. -**Note**: the playbook also supports [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), which however is soon to be archived by its author and to be replaced by hookshot. +**Note**: the playbook also supports [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), which however was deprecated by its author. ## Setup Instructions diff --git a/docs/configuring-playbook-bridge-mautrix-slack.md b/docs/configuring-playbook-bridge-mautrix-slack.md index 18d9ba76f..9b5aab6de 100644 --- a/docs/configuring-playbook-bridge-mautrix-slack.md +++ b/docs/configuring-playbook-bridge-mautrix-slack.md @@ -1,7 +1,7 @@ # Setting up Mautrix Slack bridging (optional) **Note**: bridging to [Slack](https://slack.com/) can also happen via the [mx-puppet-slack](configuring-playbook-bridge-mx-puppet-slack.md) and [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) bridges supported by the playbook. -- For using as a Bot we recommend the [Appservice Slack](configuring-playbook-bridge-appservice-slack.md), because it supports plumbing. +- For using as a Bot we recommend the [Appservice Slack](configuring-playbook-bridge-appservice-slack.md), because it supports plumbing. Note that it is not available for new installation unless you have already created a classic Slack application, because the creation of classic Slack applications, which this bridge makes use of, has been discontinued. - For personal use with a slack account we recommend the `mautrix-slack` bridge (the one being discussed here), because it is the most fully-featured and stable of the 3 Slack bridges supported by the playbook. The playbook can install and configure [mautrix-slack](https://github.com/mautrix/slack) for you. diff --git a/docs/configuring-playbook-bridge-mx-puppet-slack.md b/docs/configuring-playbook-bridge-mx-puppet-slack.md index a04fc2feb..18a8dff69 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-slack.md +++ b/docs/configuring-playbook-bridge-mx-puppet-slack.md @@ -1,7 +1,6 @@ # Setting up MX Puppet Slack bridging (optional) -**Note**: bridging to [Slack](https://slack.com) can also happen via the -[matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) and [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) bridges supported by the playbook. +**Note**: bridging to [Slack](https://slack.com) can also happen via the [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) and [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) bridges supported by the playbook. Note that `matrix-appservice-slack` is not available for new installation unless you have already created a classic Slack application, because the creation of classic Slack applications, which this bridge makes use of, has been discontinued. The playbook can install and configure [mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) for you. From f6991b2db9b9865b6264de887f14e61f35849787 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 15:14:07 +0900 Subject: [PATCH 229/404] Update README.md and docs/container-images.md: add matrix-alertmanager-receiver Signed-off-by: Suguru Hirahara --- README.md | 1 + docs/container-images.md | 2 ++ 2 files changed, 3 insertions(+) diff --git a/README.md b/README.md index ca328fb74..cab259df9 100644 --- a/README.md +++ b/README.md @@ -152,6 +152,7 @@ Services that help you in administrating and monitoring your Matrix installation | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | +| [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) | x | Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) client | [Link](docs/configuring-playbook-alertmanager-receiver.md) | | [synapse-admin](https://github.com/etkecc/synapse-admin) | x | A web UI tool for administrating users and rooms on your Matrix server | [Link](docs/configuring-playbook-synapse-admin.md) | | Metrics and Graphs | x | Consists of the [Prometheus](https://prometheus.io) time-series database server, the Prometheus [node-exporter](https://prometheus.io/docs/guides/node-exporter/) host metrics exporter, and the [Grafana](https://grafana.com/) web UI | [Link](docs/configuring-playbook-prometheus-grafana.md) | | [Borg](https://borgbackup.org) | x | Backups | [Link](docs/configuring-playbook-backup-borg.md) | diff --git a/docs/container-images.md b/docs/container-images.md index c34cdae56..ced2dc3c0 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -110,6 +110,8 @@ These services are not part of our default installation, but can be enabled by [ - [gnuxie/draupnir](https://hub.docker.com/r/gnuxie/draupnir) - the [Draupnir](https://github.com/the-draupnir-project/Draupnir/) moderation bot (optional) +- [metio/matrix-alertmanager-receiver](https://hub.docker.com/r/metio/matrix-alertmanager-receiver) - the [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) client for Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) (optional) + - [etke.cc/synapse-admin](https://ghcr.io/etkecc/synapse-admin) - the [etkecc/synapse-admin](https://github.com/etkecc/synapse-admin) (a [feature-rich](https://github.com/etkecc/synapse-admin#fork-differences) fork of [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) web UI tool for administrating users and rooms on your Matrix server (optional) - [prom/prometheus](https://hub.docker.com/r/prom/prometheus/) - [Prometheus](https://github.com/prometheus/prometheus/) is a systems and service monitoring system From bff4321fb12e723258411d223ceff1ec23e7198d Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 15:25:23 +0900 Subject: [PATCH 230/404] Update README.md and docs/container-images.md: add Matrix Authentication Service Signed-off-by: Suguru Hirahara --- README.md | 1 + docs/container-images.md | 2 ++ 2 files changed, 3 insertions(+) diff --git a/README.md b/README.md index cab259df9..9396615bd 100644 --- a/README.md +++ b/README.md @@ -153,6 +153,7 @@ Services that help you in administrating and monitoring your Matrix installation | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | | [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) | x | Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) client | [Link](docs/configuring-playbook-alertmanager-receiver.md) | +| [Matrix Authentication Service](https://github.com/element-hq/matrix-authentication-service/) | x | OAuth 2.0 and OpenID Provider server | [Link](docs/configuring-playbook-matrix-authentication-service.md) | | [synapse-admin](https://github.com/etkecc/synapse-admin) | x | A web UI tool for administrating users and rooms on your Matrix server | [Link](docs/configuring-playbook-synapse-admin.md) | | Metrics and Graphs | x | Consists of the [Prometheus](https://prometheus.io) time-series database server, the Prometheus [node-exporter](https://prometheus.io/docs/guides/node-exporter/) host metrics exporter, and the [Grafana](https://grafana.com/) web UI | [Link](docs/configuring-playbook-prometheus-grafana.md) | | [Borg](https://borgbackup.org) | x | Backups | [Link](docs/configuring-playbook-backup-borg.md) | diff --git a/docs/container-images.md b/docs/container-images.md index ced2dc3c0..95b188859 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -112,6 +112,8 @@ These services are not part of our default installation, but can be enabled by [ - [metio/matrix-alertmanager-receiver](https://hub.docker.com/r/metio/matrix-alertmanager-receiver) - the [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) client for Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) (optional) +- [element-hq/matrix-authentication-service](https://ghcr.io/element-hq/matrix-authentication-service) - [matrix-authentication-service](https://github.com/element-hq/matrix-authentication-service) (MAS) OAuth 2.0 and OpenID Provider server (optional) + - [etke.cc/synapse-admin](https://ghcr.io/etkecc/synapse-admin) - the [etkecc/synapse-admin](https://github.com/etkecc/synapse-admin) (a [feature-rich](https://github.com/etkecc/synapse-admin#fork-differences) fork of [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) web UI tool for administrating users and rooms on your Matrix server (optional) - [prom/prometheus](https://hub.docker.com/r/prom/prometheus/) - [Prometheus](https://github.com/prometheus/prometheus/) is a systems and service monitoring system From f41d432ab22f9796a0be789e4180a2dd2c163d87 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 16:15:55 +0900 Subject: [PATCH 231/404] Update README.md and docs/container-images.md: add mautrix-meta Signed-off-by: Suguru Hirahara --- README.md | 1 + docs/container-images.md | 2 ++ 2 files changed, 3 insertions(+) diff --git a/README.md b/README.md index 9396615bd..58280c703 100644 --- a/README.md +++ b/README.md @@ -108,6 +108,7 @@ Bridges can be used to connect your Matrix installation with third-party communi | [mautrix-hangouts](https://github.com/mautrix/hangouts) | x | Bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) | [Link](docs/configuring-playbook-bridge-mautrix-hangouts.md) | | [mautrix-googlechat](https://github.com/mautrix/googlechat) | x | Bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) | [Link](docs/configuring-playbook-bridge-mautrix-googlechat.md) | | [mautrix-instagram](https://github.com/mautrix/instagram) | x | Bridge to [Instagram](https://instagram.com/) | [Link](docs/configuring-playbook-bridge-mautrix-instagram.md) | +| [mautrix-meta](https://github.com/mautrix/instagram) | x | Bridge to [Messenger](https://messenger.com/) and [Instagram](https://instagram.com/) | Link for [Messenger](docs/configuring-playbook-bridge-mautrix-meta-messenger.md) / [Instagram](docs/configuring-playbook-bridge-mautrix-meta-instagram.md) | | [mautrix-signal](https://github.com/mautrix/signal) | x | Bridge to [Signal](https://www.signal.org/) | [Link](docs/configuring-playbook-bridge-mautrix-signal.md) | | [beeper-linkedin](https://github.com/beeper/linkedin) | x | Bridge to [LinkedIn](https://www.linkedin.com/) | [Link](docs/configuring-playbook-bridge-beeper-linkedin.md) | | [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) | x | Bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-appservice-irc.md) | diff --git a/docs/container-images.md b/docs/container-images.md index 95b188859..c48b08505 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -60,6 +60,8 @@ These services are not part of our default installation, but can be enabled by [ - [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) - the [mautrix-instagram](https://github.com/mautrix/instagram) bridge to [Instagram](https://instagram.com/) (optional) +- [mautrix/meta](https://mau.dev/mautrix/meta/container_registry) - the [mautrix-meta](https://github.com/mautrix/meta) bridge to [Messenger](https://messenger.com/) and [Instagram](https://instagram.com/) (optional) + - [mautrix/signal](https://mau.dev/mautrix/signal/container_registry) - the [mautrix-signal](https://github.com/mautrix/signal) bridge to [Signal](https://www.signal.org/) (optional) - [matrixdotorg/matrix-appservice-irc](https://hub.docker.com/r/matrixdotorg/matrix-appservice-irc) - the [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) (optional) From 748c38de30e39f06b37a87f08277d3984010a8f7 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 16:22:07 +0900 Subject: [PATCH 232/404] Update README.md and docs/container-images.md: add mautrix-wsproxy Signed-off-by: Suguru Hirahara --- README.md | 1 + docs/container-images.md | 2 ++ 2 files changed, 3 insertions(+) diff --git a/README.md b/README.md index 58280c703..d761cf9b8 100644 --- a/README.md +++ b/README.md @@ -103,6 +103,7 @@ Bridges can be used to connect your Matrix installation with third-party communi | [mautrix-telegram](https://github.com/mautrix/telegram) | x | Bridge to [Telegram](https://telegram.org/) | [Link](docs/configuring-playbook-bridge-mautrix-telegram.md) | | [mautrix-gmessages](https://github.com/mautrix/gmessages) | x | Bridge to [Google Messages](https://messages.google.com/) | [Link](docs/configuring-playbook-bridge-mautrix-gmessages.md) | | [mautrix-whatsapp](https://github.com/mautrix/whatsapp) | x | Bridge to [WhatsApp](https://www.whatsapp.com/) | [Link](docs/configuring-playbook-bridge-mautrix-whatsapp.md) | +| [mautrix-wsproxy](https://github.com/mautrix/wsproxy) | x | Bridge to Android SMS or Apple iMessage | [Link](docs/configuring-playbook-bridge-mautrix-wsproxy.md) | | [mautrix-facebook](https://github.com/mautrix/facebook) | x | Bridge to [Facebook](https://facebook.com/) | [Link](docs/configuring-playbook-bridge-mautrix-facebook.md) | | [mautrix-twitter](https://github.com/mautrix/twitter) | x | Bridge to [Twitter](https://twitter.com/) | [Link](docs/configuring-playbook-bridge-mautrix-twitter.md) | | [mautrix-hangouts](https://github.com/mautrix/hangouts) | x | Bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) | [Link](docs/configuring-playbook-bridge-mautrix-hangouts.md) | diff --git a/docs/container-images.md b/docs/container-images.md index c48b08505..ba6e51a6a 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -50,6 +50,8 @@ These services are not part of our default installation, but can be enabled by [ - [mautrix/whatsapp](https://mau.dev/mautrix/whatsapp/container_registry) - the [mautrix-whatsapp](https://github.com/mautrix/whatsapp) bridge to [Whatsapp](https://www.whatsapp.com/) (optional) +- [mautrix/wsproxy](https://mau.dev/mautrix/wsproxy/container_registry) - the [mautrix-wsproxy](https://github.com/mautrix/wsproxy) bridge to Android SMS or Apple iMessage (optional) + - [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) - the [mautrix-facebook](https://github.com/mautrix/facebook) bridge to [Facebook](https://facebook.com/) (optional) - [mautrix/twitter](https://mau.dev/mautrix/twitter/container_registry) - the [mautrix-twitter](https://github.com/mautrix/twitter) bridge to [Twitter](https://twitter.com/) (optional) From 950147bc99666e3e88350aaff5107af74c02fb55 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 16:28:30 +0900 Subject: [PATCH 233/404] Update README.md and docs/container-images.md: add matrix-wechat Signed-off-by: Suguru Hirahara --- README.md | 1 + docs/container-images.md | 2 ++ 2 files changed, 3 insertions(+) diff --git a/README.md b/README.md index d761cf9b8..081f86edc 100644 --- a/README.md +++ b/README.md @@ -118,6 +118,7 @@ Bridges can be used to connect your Matrix installation with third-party communi | [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) | x | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) | [Link](docs/configuring-playbook-bridge-appservice-webhooks.md) | | [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) | x | Bridge for generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular | [Link](docs/configuring-playbook-bridge-hookshot.md) | | [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) | x | Bridge to SMS | [Link](docs/configuring-playbook-bridge-matrix-bridge-sms.md) | +| [matrix-wechat](https://github.com/duo/matrix-wechat) | x | Bridge to [WeChat](https://www.wechat.com/) | [Link](docs/configuring-playbook-bridge-wechat.md) | | [Heisenbridge](https://github.com/hifi/heisenbridge) | x | Bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-heisenbridge.md) | | [go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) | x | Bridge to [Skype](https://www.skype.com) | [Link](docs/configuring-playbook-bridge-go-skype-bridge.md) | | [mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) | x | Bridge to [Slack](https://slack.com) | [Link](docs/configuring-playbook-bridge-mx-puppet-slack.md) | diff --git a/docs/container-images.md b/docs/container-images.md index ba6e51a6a..04fc78d5e 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -76,6 +76,8 @@ These services are not part of our default installation, but can be enabled by [ - [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) - the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) (optional) +- [lxduo/matrix-wechat](https://hub.docker.com/r/lxduo/matrix-wechat) - the [matrix-wechat](https://github.com/duo/matrix-wechat) bridge to WeChat (optional) + - [mx-puppet/discord/mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord/container_registry) - the [mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord) bridge to [Discord](https://discordapp.com) (optional) - [mx-puppet/slack/mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack/container_registry) - the [mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) bridge to [Slack](https://slack.com) (optional) From 0a8dd90b5e0ef2b4ef5db99c691e5dfb30891c95 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 28 Oct 2024 02:13:46 +0900 Subject: [PATCH 234/404] Update README.md: add matrix-appservice-kakaotalk matrix-appservice-kakaotalk itself was added to the playbook with e46ba5debaf34ee6abc5e09c0e19ff5c666edc85. It also does not provide its container image. Signed-off-by: Suguru Hirahara --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 081f86edc..5c939c63c 100644 --- a/README.md +++ b/README.md @@ -113,6 +113,7 @@ Bridges can be used to connect your Matrix installation with third-party communi | [mautrix-signal](https://github.com/mautrix/signal) | x | Bridge to [Signal](https://www.signal.org/) | [Link](docs/configuring-playbook-bridge-mautrix-signal.md) | | [beeper-linkedin](https://github.com/beeper/linkedin) | x | Bridge to [LinkedIn](https://www.linkedin.com/) | [Link](docs/configuring-playbook-bridge-beeper-linkedin.md) | | [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) | x | Bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-appservice-irc.md) | +| [matrix-appservice-kakaotalk](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) | x | Bridge to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) | [Link](docs/configuring-playbook-bridge-appservice-kakaotalk.md) | | [matrix-appservice-discord](https://github.com/matrix-org/matrix-appservice-discord) | x | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-appservice-discord.md) | | [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) | x | Bridge to [Slack](https://slack.com/) | [Link](docs/configuring-playbook-bridge-appservice-slack.md) | | [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) | x | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) | [Link](docs/configuring-playbook-bridge-appservice-webhooks.md) | From d200e8d08457240c3f7e253de68f0e362a240c7c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 17:53:12 +0900 Subject: [PATCH 235/404] Update README.md and docs/configuring-playbook.md: add configuring-playbook-prometheus-nginxlog.md Since nginx has been replaced with traefik, the documentation is getting irrelevant anyway. Signed-off-by: Suguru Hirahara --- README.md | 2 +- docs/configuring-playbook.md | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 5c939c63c..04a1ce7a0 100644 --- a/README.md +++ b/README.md @@ -159,7 +159,7 @@ Services that help you in administrating and monitoring your Matrix installation | [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) | x | Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) client | [Link](docs/configuring-playbook-alertmanager-receiver.md) | | [Matrix Authentication Service](https://github.com/element-hq/matrix-authentication-service/) | x | OAuth 2.0 and OpenID Provider server | [Link](docs/configuring-playbook-matrix-authentication-service.md) | | [synapse-admin](https://github.com/etkecc/synapse-admin) | x | A web UI tool for administrating users and rooms on your Matrix server | [Link](docs/configuring-playbook-synapse-admin.md) | -| Metrics and Graphs | x | Consists of the [Prometheus](https://prometheus.io) time-series database server, the Prometheus [node-exporter](https://prometheus.io/docs/guides/node-exporter/) host metrics exporter, and the [Grafana](https://grafana.com/) web UI | [Link](docs/configuring-playbook-prometheus-grafana.md) | +| Metrics and Graphs | x | Consists of the [Prometheus](https://prometheus.io) time-series database server, the Prometheus [node-exporter](https://prometheus.io/docs/guides/node-exporter/) host metrics exporter, and the [Grafana](https://grafana.com/) web UI, with [prometheus-nginxlog-exporter](https://github.com/martin-helmich/prometheus-nginxlog-exporter/) being available too | [Link](docs/configuring-playbook-prometheus-grafana.md) (for [prometheus-nginxlog-exporter](docs/configuring-playbook-prometheus-nginxlog.md)) | | [Borg](https://borgbackup.org) | x | Backups | [Link](docs/configuring-playbook-backup-borg.md) | | [rageshake](https://github.com/matrix-org/rageshake) | x | Bug report server | [Link](docs/configuring-playbook-rageshake.md) | | [synapse-usage-exporter](https://github.com/loelkes/synapse-usage-exporter) | x | Export the usage statistics of a Synapse homeserver to be scraped by Prometheus. | [Link](docs/configuring-playbook-synapse-usage-exporter.md) | diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 38e7b0847..09068124c 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -41,6 +41,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) (optional) +- [Enabling metrics and graphs for NginX logs](docs/configuring-playbook-prometheus-nginxlog.md) (optional) + - [Enabling synapse-usage-exporter for Synapse usage statistics](configuring-playbook-synapse-usage-exporter.md) (optional) ### Core service adjustments From 8db65bb81185154c3e6a13789f7106aca3d13b43 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 20:31:20 +0900 Subject: [PATCH 236/404] Update README.md: add link to configuring-playbook-appservice-draupnir-for-all.md Signed-off-by: Suguru Hirahara --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 04a1ce7a0..853ffd018 100644 --- a/README.md +++ b/README.md @@ -145,7 +145,7 @@ Bots provide various additional functionality to your installation. | [Honoroit](https://github.com/etkecc/honoroit) | x | A helpdesk bot | [Link](docs/configuring-playbook-bot-honoroit.md) | | [Go-NEB](https://github.com/matrix-org/go-neb) | x | A multi functional bot written in Go | [Link](docs/configuring-playbook-bot-go-neb.md) | | [Mjolnir](https://github.com/matrix-org/mjolnir) | x | A moderation tool for Matrix | [Link](docs/configuring-playbook-bot-mjolnir.md) | -| [Draupnir](https://github.com/the-draupnir-project/Draupnir) | x | A moderation tool for Matrix (Fork of Mjolnir) | [Link](docs/configuring-playbook-bot-draupnir.md) | +| [Draupnir](https://github.com/the-draupnir-project/Draupnir) | x | A moderation tool for Matrix (Fork of Mjolnir) | [Link](docs/configuring-playbook-bot-draupnir.md) (for [appservice mode](docs/configuring-playbook-appservice-draupnir-for-all.md))| | [Buscarron](https://github.com/etkecc/buscarron) | x | Web forms (HTTP POST) to Matrix | [Link](docs/configuring-playbook-bot-buscarron.md) | | [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) | x | ChatGPT from Matrix | [Link](docs/configuring-playbook-bot-chatgpt.md) | From 5ebdc0c48d268351c554560439e55de90caceb48 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 1 Nov 2024 01:26:33 +0900 Subject: [PATCH 237/404] Add links to matrix-user-verification-service (#3709) * Add links to matrix-user-verification-service Matrix User Authentication Service itself has been available for Jitsi since 42e4e50f5be654b812939732114f0724865cdc78. Signed-off-by: Suguru Hirahara * Update README.md Co-authored-by: Slavi Pantaleev * Update docs/container-images.md * Update roles/custom/matrix-user-verification-service/defaults/main.yml --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara Co-authored-by: Slavi Pantaleev --- README.md | 1 + docs/container-images.md | 2 ++ .../custom/matrix-user-verification-service/defaults/main.yml | 4 ++++ 3 files changed, 7 insertions(+) diff --git a/README.md b/README.md index 853ffd018..4936d750b 100644 --- a/README.md +++ b/README.md @@ -80,6 +80,7 @@ Extend and modify how users are authenticated on your homeserver. | [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3) (advanced) | x | LDAP Auth password provider module | [Link](docs/configuring-playbook-ldap-auth.md) | | [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) (advanced) | x | A proxy that handles Matrix registration requests and forwards them to LDAP. | [Link](docs/configuring-playbook-matrix-ldap-registration-proxy.md) | | [matrix-registration](https://github.com/ZerataX/matrix-registration) | x | A simple python application to have a token based Matrix registration | [Link](docs/configuring-playbook-matrix-registration.md) | +| [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) (UVS) | x | Service to verify details of a user based on an Open ID token | [Link](docs/configuring-playbook-user-verification-service.md) | ### File Storage diff --git a/docs/container-images.md b/docs/container-images.md index 04fc78d5e..fea54299c 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -44,6 +44,8 @@ These services are not part of our default installation, but can be enabled by [ - [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) - [matrix-registration](https://github.com/ZerataX/matrix-registration): a simple python application to have a token based Matrix registration (optional) +- [matrixdotorg/matrix-user-verification-service](https://hub.docker.com/r/matrixdotorg/matrix-user-verification-service) - [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) for verifying details of a user based on an Open ID token (optional) + - [mautrix/telegram](https://mau.dev/mautrix/telegram/container_registry) - the [mautrix-telegram](https://github.com/mautrix/telegram) bridge to [Telegram](https://telegram.org/) (optional) - [mautrix/gmessages](https://mau.dev/mautrix/gmessages/container_registry) - the [mautrix-gmessages](https://github.com/mautrix/gmessages) bridge to [Google Messages](https://messages.google.com/) (optional) diff --git a/roles/custom/matrix-user-verification-service/defaults/main.yml b/roles/custom/matrix-user-verification-service/defaults/main.yml index dab9699fe..d46b99194 100644 --- a/roles/custom/matrix-user-verification-service/defaults/main.yml +++ b/roles/custom/matrix-user-verification-service/defaults/main.yml @@ -1,4 +1,8 @@ --- + +# matrix-user-verification-service - Service to verify details of a user based on an Open ID token +# Project source code URL: https://github.com/matrix-org/matrix-user-verification-service + # Set this to the display name for ansible used in Output e.g. fail_msg matrix_user_verification_service_ansible_name: "Matrix User Verification Service" From bf0fa1408e9838f45e668e92f5c7731b44b8fb95 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 16:47:10 +0900 Subject: [PATCH 238/404] Add ddclient to documentation - Update README.md - Update docs/configuring-playbook-dynamic-dns.md: remove reference to deceased Google Domains etc. - Update docs/configuring-playbook.md: move documentation to server connectivity section - Update docs/container-images.md: add linuxserver/ddclient Signed-off-by: Suguru Hirahara --- README.md | 1 + docs/configuring-playbook-dynamic-dns.md | 19 +++++++++++++------ docs/configuring-playbook.md | 4 ++-- docs/container-images.md | 2 ++ 4 files changed, 18 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 4936d750b..381d35d56 100644 --- a/README.md +++ b/README.md @@ -65,6 +65,7 @@ Services that run on the server to make the various parts of your installation w | [ma1sd](https://github.com/ma1uta/ma1sd) | x | Matrix Identity Server | [Link](docs/configuring-playbook-ma1sd.md) | [Exim](https://www.exim.org/) | ✓ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | [Link](docs/configuring-playbook-email.md) | | [Dimension](https://github.com/turt2live/matrix-dimension) | x | An open source integration manager for Matrix clients | [Link](docs/configuring-playbook-dimension.md) | +| [ddclient](https://github.com/linuxserver/docker-ddclient) | x | Dynamic DNS | [Link](docs/configuring-playbook-dynamic-dns.md) | | [Sygnal](https://github.com/matrix-org/sygnal) | x | Push gateway | [Link](docs/configuring-playbook-sygnal.md) | | [ntfy](https://ntfy.sh) | x | Push notifications server | [Link](docs/configuring-playbook-ntfy.md) | diff --git a/docs/configuring-playbook-dynamic-dns.md b/docs/configuring-playbook-dynamic-dns.md index 573987c84..efabb75b9 100644 --- a/docs/configuring-playbook-dynamic-dns.md +++ b/docs/configuring-playbook-dynamic-dns.md @@ -1,24 +1,31 @@ # Setting up Dynamic DNS (optional) -## Setup +The playbook can configure Dynamic DNS with [ddclient⁠](https://github.com/ddclient/ddclient) for you. It is a Perl client used to update dynamic DNS entries for accounts on Dynamic DNS Network Service Provider. Most cloud providers / ISPs will charge you extra for a static IP address. If you're not hosting a highly reliable homeserver you can workaround this via dynamic DNS. -To set this up, you'll need to get the username/password from your DNS provider. For google domains, this process is described [here](https://support.google.com/domains/answer/6147083). +## Prerequisite -After you've gotten the proper credentials you can add the following config to your `inventory/host_vars/matrix.example.com/vars.yml`: +You'll need to get a username and password from your DNS provider. Please consult with the provider about how to retrieve them. + +## Adjusting the playbook configuration + +To enable dynamic DNS, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_dynamic_dns_enabled: true matrix_dynamic_dns_domain_configurations: - - provider: domains.google.com + - provider: example.net protocol: dyndn2 - username: XXXXXXXXXXXXXXXX - password: XXXXXXXXXXXXXXXX + username: YOUR_USERNAME_HERE + password: YOUR_PASSWORD_HERE domain: "{{ matrix_domain }}" ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## Additional Reading diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 09068124c..839993480 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -37,8 +37,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Etherpad](configuring-playbook-etherpad.md) (optional) -- [Setting up Dynamic DNS](configuring-playbook-dynamic-dns.md) (optional) - - [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) (optional) - [Enabling metrics and graphs for NginX logs](docs/configuring-playbook-prometheus-nginxlog.md) (optional) @@ -81,6 +79,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Adjusting email-sending settings](configuring-playbook-email.md) (optional) +- [Setting up Dynamic DNS](configuring-playbook-dynamic-dns.md) (optional) + - [Setting up Hydrogen](configuring-playbook-client-hydrogen.md) - a new lightweight Matrix client with legacy and mobile browser support (optional) - [Setting up Cinny](configuring-playbook-client-cinny.md) - a web client focusing primarily on simple, elegant and secure interface (optional) diff --git a/docs/container-images.md b/docs/container-images.md index fea54299c..9cb916687 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -94,6 +94,8 @@ These services are not part of our default installation, but can be enabled by [ - [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) - the [Dimension](https://dimension.t2bot.io/) integration manager (optional) +- [linuxserver/ddclient](https://hub.docker.com/r/linuxserver/ddclient) - [ddclient](https://github.com/linuxserver/docker-ddclient) used to update dynamic DNS entries for accounts on Dynamic DNS Network Service Provider (optional) + - [jitsi/web](https://hub.docker.com/r/jitsi/web) - the [Jitsi](https://jitsi.org/) web UI (optional) - [jitsi/jicofo](https://hub.docker.com/r/jitsi/jicofo) - the [Jitsi](https://jitsi.org/) Focus component (optional) From 4de16dde79b4e35ac66060f92b6616c7723e7c66 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 20:36:54 +0900 Subject: [PATCH 239/404] Update docs/configuring-playbook.md: add link to configuring-playbook-synapse-auto-accept-invite.md Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 839993480..326ba720c 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -210,6 +210,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up synapse-auto-compressor](configuring-playbook-synapse-auto-compressor.md) for compressing the database on Synapse homeservers (optional) +- [Setting up Synapse Auto Invite Accept](configuring-playbook-synapse-auto-accept-invite.md) (optional) + - [Setting up the Sliding Sync proxy](configuring-playbook-sliding-sync-proxy.md) for clients which require Sliding Sync support (like Element X) (optional) - [Setting up the Sygnal push gateway](configuring-playbook-sygnal.md) (optional) From e35dae7fca4812f45f94a1a5c38f2ad12cd09c70 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 22:35:46 +0900 Subject: [PATCH 240/404] Update docs/container-images.md: add unlisted Docker images Signed-off-by: Suguru Hirahara --- docs/container-images.md | 40 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) diff --git a/docs/container-images.md b/docs/container-images.md index 9cb916687..e9d7b29fd 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -34,8 +34,18 @@ These services are not part of our default installation, but can be enabled by [ - [matrixdotorg/dendrite-monolith](https://hub.docker.com/r/matrixdotorg/dendrite-monolith/) - the [Dendrite](https://github.com/matrix-org/dendrite) Matrix homeserver (optional) +- [element-hq/hydrogen-web](https://ghcr.io/element-hq/hydrogen-web) - the [Hydrogen](https://github.com/element-hq/hydrogen-web) Matrix web client (optional) + +- [ajbura/cinny](https://hub.docker.com/r/ajbura/cinny) - the [Cinny](https://github.com/ajbura/cinny) Matrix web client (optional) + +- [etke.cc/schildichat-web](https://ghcr.io/etkecc/schildichat-web) - the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) Matrix web client (optional) + +- [activism.international/matrix_ldap_registration_proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/container_registry) - the [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) for handling Matrix registration requests and forwards them to LDAP (optional) + - [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) - the [Goofys](https://github.com/kahing/goofys) Amazon [S3](https://aws.amazon.com/s3/) file-system-mounting program (optional) +- [t2bot/matrix-media-repo](https://ghcr.io/t2bot/matrix-media-repo) - the [matrix-media-repo](https://docs.t2bot.io/matrix-media-repo/) highly customizable multi-domain media repository (optional) + - [etherpad/etherpad](https://hub.docker.com/r/etherpad/etherpad/) - the [Etherpad](https://etherpad.org) realtime collaborative text editor that can be used in a Jitsi audio/video call or integrated as a widget into Matrix chat rooms via the Dimension integration manager (optional) - [devture/email2matrix](https://hub.docker.com/r/devture/email2matrix/) - the [Email2Matrix](https://github.com/devture/email2matrix) email server, which can relay email messages to Matrix rooms (optional) @@ -46,6 +56,10 @@ These services are not part of our default installation, but can be enabled by [ - [matrixdotorg/matrix-user-verification-service](https://hub.docker.com/r/matrixdotorg/matrix-user-verification-service) - [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) for verifying details of a user based on an Open ID token (optional) +- [mautrix/discord](https://mau.dev/mautrix/discord/container_registry) - the [mautrix-discord](https://github.com/mautrix/discord) bridge to [Discord](https://discord.com/) (optional) + +- [mautrix/slack](https://mau.dev/mautrix/slack/container_registry) - the [mautrix-slack](https://github.com/mautrix/slack) bridge to [Slack](https://slack.com/) (optional) + - [mautrix/telegram](https://mau.dev/mautrix/telegram/container_registry) - the [mautrix-telegram](https://github.com/mautrix/telegram) bridge to [Telegram](https://telegram.org/) (optional) - [mautrix/gmessages](https://mau.dev/mautrix/gmessages/container_registry) - the [mautrix-gmessages](https://github.com/mautrix/gmessages) bridge to [Google Messages](https://messages.google.com/) (optional) @@ -68,6 +82,8 @@ These services are not part of our default installation, but can be enabled by [ - [mautrix/signal](https://mau.dev/mautrix/signal/container_registry) - the [mautrix-signal](https://github.com/mautrix/signal) bridge to [Signal](https://www.signal.org/) (optional) +- [beeper/linkedin](https://ghcr.io/beeper/linkedin) - the [beeper-linkedin](https://github.com/beeper/linkedin) bridge to [LinkedIn](https://www.linkedin.com/) Messaging (optional) + - [matrixdotorg/matrix-appservice-irc](https://hub.docker.com/r/matrixdotorg/matrix-appservice-irc) - the [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) (optional) - [matrix-org/matrix-appservice-discord](https://ghcr.io/matrix-org/matrix-appservice-discord) - the [matrix-appservice-discord](https://github.com/matrix-org/matrix-appservice-discord) bridge to [Discord](https://discordapp.com/) (optional) @@ -76,10 +92,16 @@ These services are not part of our default installation, but can be enabled by [ - [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) - the [Appservice Webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge (optional) +- [halfshot/matrix-hookshot](https://hub.docker.com/r/halfshot/matrix-hookshot) - the [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) Bridge for generic webhooks and multiple project management services (optional) + - [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) - the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) (optional) - [lxduo/matrix-wechat](https://hub.docker.com/r/lxduo/matrix-wechat) - the [matrix-wechat](https://github.com/duo/matrix-wechat) bridge to WeChat (optional) +- [hif1/heisenbridge](https://hub.docker.com/r/hif1/heisenbridge) - the [Heisenbridge](https://github.com/hifi/heisenbridge) bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) (optional) + +- [nodefyme/go-skype-bridge](https://hub.docker.com/r/nodefyme/go-skype-bridge) - the [go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) to [Skype](https://www.skype.com/) (optional) + - [mx-puppet/discord/mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord/container_registry) - the [mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord) bridge to [Discord](https://discordapp.com) (optional) - [mx-puppet/slack/mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack/container_registry) - the [mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) bridge to [Slack](https://slack.com) (optional) @@ -104,6 +126,8 @@ These services are not part of our default installation, but can be enabled by [ - [jitsi/jvb](https://hub.docker.com/r/jitsi/jvb) - the [Jitsi](https://jitsi.org/) Video Bridge component (optional) +- [etke.cc/baibot](https://ghcr.io/etkecc/baibot) - the [baibot](https://github.com/etkecc/baibot) for accessing [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) (optional) + - [anoa/matrix-reminder-bot](https://hub.docker.com/r/anoa/matrix-reminder-bot) - the [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) bot for one-off & recurring reminders and alarms (optional) - [moanos/matrix-registration-bot/](https://hub.docker.com/r/moanos/matrix-registration-bot/) - the [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) bot (manage registration tokens for invitations to the server) (optional) @@ -120,20 +144,34 @@ These services are not part of our default installation, but can be enabled by [ - [gnuxie/draupnir](https://hub.docker.com/r/gnuxie/draupnir) - the [Draupnir](https://github.com/the-draupnir-project/Draupnir/) moderation bot (optional) +- [etke.cc/buscarron](https://ghcr.io/etkecc/buscarron) - the [Buscarron](https://github.com/etkecc/buscarron) bot for web forms (HTTP POST) (optional) + +- [matrixgpt/matrix-chatgpt-bot](https://ghcr.io/matrixgpt/matrix-chatgpt-bot) - the [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) for accessing ChatGPT via your favourite Matrix client (optional) + - [metio/matrix-alertmanager-receiver](https://hub.docker.com/r/metio/matrix-alertmanager-receiver) - the [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) client for Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) (optional) - [element-hq/matrix-authentication-service](https://ghcr.io/element-hq/matrix-authentication-service) - [matrix-authentication-service](https://github.com/element-hq/matrix-authentication-service) (MAS) OAuth 2.0 and OpenID Provider server (optional) - [etke.cc/synapse-admin](https://ghcr.io/etkecc/synapse-admin) - the [etkecc/synapse-admin](https://github.com/etkecc/synapse-admin) (a [feature-rich](https://github.com/etkecc/synapse-admin#fork-differences) fork of [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) web UI tool for administrating users and rooms on your Matrix server (optional) +- [matrix-org/rageshake](https://ghcr.io/matrix-org/rageshake) - the [rageshake](https://github.com/matrix-org/rageshake) bug report server (optional) + - [prom/prometheus](https://hub.docker.com/r/prom/prometheus/) - [Prometheus](https://github.com/prometheus/prometheus/) is a systems and service monitoring system - [prom/node-exporter](https://hub.docker.com/r/prom/node-exporter/) - [Prometheus Node Exporter](https://github.com/prometheus/node_exporter/) is an addon for Prometheus that gathers standard system metrics +- [martin-helmich/prometheus-nginxlog-exporter/exporter](https://ghcr.io/martin-helmich/prometheus-nginxlog-exporter/exporter) - [NGINX-to-Prometheus log file exporter](https://github.com/martin-helmich/prometheus-nginxlog-exporter/) is an addon for Prometheus that gathers access logs from various nginx reverse-proxies (optional) + - [grafana/grafana](https://hub.docker.com/r/grafana/grafana/) - [Grafana](https://github.com/grafana/grafana/) is a graphing tool that works well with the above two images. Our playbook also adds two dashboards for [Synapse](https://github.com/element-hq/synapse/tree/master/contrib/grafana) and [Node Exporter](https://github.com/rfrail3/grafana-dashboards) - [matrixdotorg/sygnal](https://hub.docker.com/r/matrixdotorg/sygnal/) - [Sygnal](https://github.com/matrix-org/sygnal) is a reference Push Gateway for Matrix - [binwiederhier/ntfy](https://hub.docker.com/r/binwiederhier/ntfy/) - [ntfy](https://ntfy.sh/) is a self-hosted, UnifiedPush-compatible push notifications server -- [cactuscomments/cactus-appservice](https://hub.docker.com/r/cactuscomments/cactus-appservice/) - [Cactus Comments](https://cactus.chat) a federated comment system built on Matrix +- [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) - the [Sliding Sync](https://github.com/matrix-org/sliding-sync) proxy (optional) + +- [etke.cc/rust-synapse-compress-state](https://gitlab.com/etke.cc/rust-synapse-compress-state/container_registry) - [synapse-auto-compressor](https://github.com/matrix-org/rust-synapse-compress-state/#automated-tool-synapse_auto_compressor) for automatic compression of Synapse's `state_groups` database table (optional) + +- [cactuscomments/cactus-appservice](https://hub.docker.com/r/cactuscomments/cactus-appservice/) and [joseluisq/static-web-server](https://hub.docker.com/r/joseluisq/static-web-server) - [Cactus Comments](https://cactus.chat) a federated comment system built on Matrix + +- [matrixdotorg/pantalaimon](https://hub.docker.com/r/matrixdotorg/pantalaimon) - the [pantalaimon](https://github.com/matrix-org/pantalaimon) E2EE aware proxy daemon (optional) From 727609c7c87d56f3ff21e87bd24f2b3edf524381 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 22:36:53 +0900 Subject: [PATCH 241/404] Update docs/container-images.md: create a section for container images of deprecated or unmaintained services Signed-off-by: Suguru Hirahara --- docs/container-images.md | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/docs/container-images.md b/docs/container-images.md index e9d7b29fd..fbbfd085c 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -68,16 +68,10 @@ These services are not part of our default installation, but can be enabled by [ - [mautrix/wsproxy](https://mau.dev/mautrix/wsproxy/container_registry) - the [mautrix-wsproxy](https://github.com/mautrix/wsproxy) bridge to Android SMS or Apple iMessage (optional) -- [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) - the [mautrix-facebook](https://github.com/mautrix/facebook) bridge to [Facebook](https://facebook.com/) (optional) - - [mautrix/twitter](https://mau.dev/mautrix/twitter/container_registry) - the [mautrix-twitter](https://github.com/mautrix/twitter) bridge to [Twitter](https://twitter.com/) (optional) -- [mautrix/hangouts](https://mau.dev/mautrix/hangouts/container_registry) - the [mautrix-hangouts](https://github.com/mautrix/hangouts) bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) (optional) - - [mautrix/googlechat](https://mau.dev/mautrix/googlechat/container_registry) - the [mautrix-googlechat](https://github.com/mautrix/googlechat) bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) (optional) -- [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) - the [mautrix-instagram](https://github.com/mautrix/instagram) bridge to [Instagram](https://instagram.com/) (optional) - - [mautrix/meta](https://mau.dev/mautrix/meta/container_registry) - the [mautrix-meta](https://github.com/mautrix/meta) bridge to [Messenger](https://messenger.com/) and [Instagram](https://instagram.com/) (optional) - [mautrix/signal](https://mau.dev/mautrix/signal/container_registry) - the [mautrix-signal](https://github.com/mautrix/signal) bridge to [Signal](https://www.signal.org/) (optional) @@ -90,8 +84,6 @@ These services are not part of our default installation, but can be enabled by [ - [matrixdotorg/matrix-appservice-slack](https://hub.docker.com/r/matrixdotorg/matrix-appservice-slack) - the [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) bridge to [Slack](https://slack.com/) (optional) -- [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) - the [Appservice Webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge (optional) - - [halfshot/matrix-hookshot](https://hub.docker.com/r/halfshot/matrix-hookshot) - the [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) Bridge for generic webhooks and multiple project management services (optional) - [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) - the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) (optional) @@ -114,8 +106,6 @@ These services are not part of our default installation, but can be enabled by [ - [icewind1991/mx-puppet-steam](https://hub.docker.com/r/icewind1991/mx-puppet-steam) - the [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) bridge to [Steam](https://steampowered.com) (optional) -- [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) - the [Dimension](https://dimension.t2bot.io/) integration manager (optional) - - [linuxserver/ddclient](https://hub.docker.com/r/linuxserver/ddclient) - [ddclient](https://github.com/linuxserver/docker-ddclient) used to update dynamic DNS entries for accounts on Dynamic DNS Network Service Provider (optional) - [jitsi/web](https://hub.docker.com/r/jitsi/web) - the [Jitsi](https://jitsi.org/) web UI (optional) @@ -138,16 +128,12 @@ These services are not part of our default installation, but can be enabled by [ - [etke.cc/postmoogle](https://github.com/etkecc/postmoogle/container_registry) - the [Postmoogle](https://github.com/etkecc/postmoogle) email bridge bot (optional) -- [matrixdotorg/go-neb](https://hub.docker.com/r/matrixdotorg/go-neb) - the [Go-NEB](https://github.com/matrix-org/go-neb) bot (optional) - - [matrixdotorg/mjolnir](https://hub.docker.com/r/matrixdotorg/mjolnir) - the [Mjolnir](https://github.com/matrix-org/mjolnir) moderation bot (optional) - [gnuxie/draupnir](https://hub.docker.com/r/gnuxie/draupnir) - the [Draupnir](https://github.com/the-draupnir-project/Draupnir/) moderation bot (optional) - [etke.cc/buscarron](https://ghcr.io/etkecc/buscarron) - the [Buscarron](https://github.com/etkecc/buscarron) bot for web forms (HTTP POST) (optional) -- [matrixgpt/matrix-chatgpt-bot](https://ghcr.io/matrixgpt/matrix-chatgpt-bot) - the [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) for accessing ChatGPT via your favourite Matrix client (optional) - - [metio/matrix-alertmanager-receiver](https://hub.docker.com/r/metio/matrix-alertmanager-receiver) - the [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) client for Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) (optional) - [element-hq/matrix-authentication-service](https://ghcr.io/element-hq/matrix-authentication-service) - [matrix-authentication-service](https://github.com/element-hq/matrix-authentication-service) (MAS) OAuth 2.0 and OpenID Provider server (optional) @@ -175,3 +161,21 @@ These services are not part of our default installation, but can be enabled by [ - [cactuscomments/cactus-appservice](https://hub.docker.com/r/cactuscomments/cactus-appservice/) and [joseluisq/static-web-server](https://hub.docker.com/r/joseluisq/static-web-server) - [Cactus Comments](https://cactus.chat) a federated comment system built on Matrix - [matrixdotorg/pantalaimon](https://hub.docker.com/r/matrixdotorg/pantalaimon) - the [pantalaimon](https://github.com/matrix-org/pantalaimon) E2EE aware proxy daemon (optional) + +## Container images of deprecated / unmaintained services + +The list of the deprecated or unmaintained services is available [here](configuring-playbook.md#deprecated--unmaintained--removed-services). + +- [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) - the [Appservice Webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge (optional) + +- [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) - the [Dimension](https://dimension.t2bot.io/) integration manager (optional) + +- [matrixdotorg/go-neb](https://hub.docker.com/r/matrixdotorg/go-neb) - the [Go-NEB](https://github.com/matrix-org/go-neb) bot (optional) + +- [matrixgpt/matrix-chatgpt-bot](https://ghcr.io/matrixgpt/matrix-chatgpt-bot) - the [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) for accessing ChatGPT via your favourite Matrix client (optional) + +- [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) - the [mautrix-facebook](https://github.com/mautrix/facebook) bridge to [Facebook](https://facebook.com/) (optional) + +- [mautrix/hangouts](https://mau.dev/mautrix/hangouts/container_registry) - the [mautrix-hangouts](https://github.com/mautrix/hangouts) bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) (optional) + +- [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) - the [mautrix-instagram](https://github.com/mautrix/instagram) bridge to [Instagram](https://instagram.com/) (optional) From 2bf31da947e5839b4ad1b991d76f3dbf673688eb Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 20:02:14 +0900 Subject: [PATCH 242/404] Update README.md: remove deprecated or unmaintained services from the supported services section Signed-off-by: Suguru Hirahara --- README.md | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 381d35d56..09b46f4a4 100644 --- a/README.md +++ b/README.md @@ -24,10 +24,11 @@ If you like the [FOSS](https://en.wikipedia.org/wiki/Free_and_open-source_softwa Using this playbook, you can get the following list of services configured on your server. Basically, this playbook aims to get you up-and-running with all the necessities around Matrix, without you having to do anything else. -**Note**: the list below is exhaustive. It includes optional or even some advanced components that you will most likely not need. -Sticking with the defaults (which install a subset of the above components) is the best choice, especially for a new installation. -You can always re-run the playbook later to add or remove components. +**Notes**: +- The list below is exhaustive. It includes optional or even some advanced components that you will most likely not need. Sticking with the defaults (which install a subset of the above components) is the best choice, especially for a new installation. You can always re-run the playbook later to add or remove components. + +- Deprecated or unmaintained services are not listed. You can find documentations for them [here](docs/configuring-playbook.md#deprecated--unmaintained--removed-services). ### Homeserver @@ -64,7 +65,6 @@ Services that run on the server to make the various parts of your installation w | [Let's Encrypt](https://letsencrypt.org/) | ✓ | Free SSL certificate, which secures the connection to all components | [Link](docs/configuring-playbook-ssl-certificates.md) | | [ma1sd](https://github.com/ma1uta/ma1sd) | x | Matrix Identity Server | [Link](docs/configuring-playbook-ma1sd.md) | [Exim](https://www.exim.org/) | ✓ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | [Link](docs/configuring-playbook-email.md) | -| [Dimension](https://github.com/turt2live/matrix-dimension) | x | An open source integration manager for Matrix clients | [Link](docs/configuring-playbook-dimension.md) | | [ddclient](https://github.com/linuxserver/docker-ddclient) | x | Dynamic DNS | [Link](docs/configuring-playbook-dynamic-dns.md) | | [Sygnal](https://github.com/matrix-org/sygnal) | x | Push gateway | [Link](docs/configuring-playbook-sygnal.md) | | [ntfy](https://ntfy.sh) | x | Push notifications server | [Link](docs/configuring-playbook-ntfy.md) | @@ -106,11 +106,8 @@ Bridges can be used to connect your Matrix installation with third-party communi | [mautrix-gmessages](https://github.com/mautrix/gmessages) | x | Bridge to [Google Messages](https://messages.google.com/) | [Link](docs/configuring-playbook-bridge-mautrix-gmessages.md) | | [mautrix-whatsapp](https://github.com/mautrix/whatsapp) | x | Bridge to [WhatsApp](https://www.whatsapp.com/) | [Link](docs/configuring-playbook-bridge-mautrix-whatsapp.md) | | [mautrix-wsproxy](https://github.com/mautrix/wsproxy) | x | Bridge to Android SMS or Apple iMessage | [Link](docs/configuring-playbook-bridge-mautrix-wsproxy.md) | -| [mautrix-facebook](https://github.com/mautrix/facebook) | x | Bridge to [Facebook](https://facebook.com/) | [Link](docs/configuring-playbook-bridge-mautrix-facebook.md) | | [mautrix-twitter](https://github.com/mautrix/twitter) | x | Bridge to [Twitter](https://twitter.com/) | [Link](docs/configuring-playbook-bridge-mautrix-twitter.md) | -| [mautrix-hangouts](https://github.com/mautrix/hangouts) | x | Bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) | [Link](docs/configuring-playbook-bridge-mautrix-hangouts.md) | | [mautrix-googlechat](https://github.com/mautrix/googlechat) | x | Bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) | [Link](docs/configuring-playbook-bridge-mautrix-googlechat.md) | -| [mautrix-instagram](https://github.com/mautrix/instagram) | x | Bridge to [Instagram](https://instagram.com/) | [Link](docs/configuring-playbook-bridge-mautrix-instagram.md) | | [mautrix-meta](https://github.com/mautrix/instagram) | x | Bridge to [Messenger](https://messenger.com/) and [Instagram](https://instagram.com/) | Link for [Messenger](docs/configuring-playbook-bridge-mautrix-meta-messenger.md) / [Instagram](docs/configuring-playbook-bridge-mautrix-meta-instagram.md) | | [mautrix-signal](https://github.com/mautrix/signal) | x | Bridge to [Signal](https://www.signal.org/) | [Link](docs/configuring-playbook-bridge-mautrix-signal.md) | | [beeper-linkedin](https://github.com/beeper/linkedin) | x | Bridge to [LinkedIn](https://www.linkedin.com/) | [Link](docs/configuring-playbook-bridge-beeper-linkedin.md) | @@ -118,7 +115,6 @@ Bridges can be used to connect your Matrix installation with third-party communi | [matrix-appservice-kakaotalk](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) | x | Bridge to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) | [Link](docs/configuring-playbook-bridge-appservice-kakaotalk.md) | | [matrix-appservice-discord](https://github.com/matrix-org/matrix-appservice-discord) | x | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-appservice-discord.md) | | [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) | x | Bridge to [Slack](https://slack.com/) | [Link](docs/configuring-playbook-bridge-appservice-slack.md) | -| [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) | x | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) | [Link](docs/configuring-playbook-bridge-appservice-webhooks.md) | | [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) | x | Bridge for generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular | [Link](docs/configuring-playbook-bridge-hookshot.md) | | [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) | x | Bridge to SMS | [Link](docs/configuring-playbook-bridge-matrix-bridge-sms.md) | | [matrix-wechat](https://github.com/duo/matrix-wechat) | x | Bridge to [WeChat](https://www.wechat.com/) | [Link](docs/configuring-playbook-bridge-wechat.md) | @@ -145,11 +141,9 @@ Bots provide various additional functionality to your installation. | [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) | x | Bot for invitations by creating and managing registration tokens | [Link](docs/configuring-playbook-bot-matrix-registration-bot.md) | | [maubot](https://github.com/maubot/maubot) | x | A plugin-based Matrix bot system | [Link](docs/configuring-playbook-bot-maubot.md) | | [Honoroit](https://github.com/etkecc/honoroit) | x | A helpdesk bot | [Link](docs/configuring-playbook-bot-honoroit.md) | -| [Go-NEB](https://github.com/matrix-org/go-neb) | x | A multi functional bot written in Go | [Link](docs/configuring-playbook-bot-go-neb.md) | | [Mjolnir](https://github.com/matrix-org/mjolnir) | x | A moderation tool for Matrix | [Link](docs/configuring-playbook-bot-mjolnir.md) | | [Draupnir](https://github.com/the-draupnir-project/Draupnir) | x | A moderation tool for Matrix (Fork of Mjolnir) | [Link](docs/configuring-playbook-bot-draupnir.md) (for [appservice mode](docs/configuring-playbook-appservice-draupnir-for-all.md))| | [Buscarron](https://github.com/etkecc/buscarron) | x | Web forms (HTTP POST) to Matrix | [Link](docs/configuring-playbook-bot-buscarron.md) | -| [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) | x | ChatGPT from Matrix | [Link](docs/configuring-playbook-bot-chatgpt.md) | ### Administration From 8ef2671f2b7318074c3464b5ad8e1e2bcd83584c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 1 Nov 2024 08:51:08 +0200 Subject: [PATCH 243/404] Upgrade ntfy (v2.10.0-2 -> v2.11.0-0) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 85290ebb5..90945d393 100644 --- a/requirements.yml +++ b/requirements.yml @@ -31,7 +31,7 @@ version: v6.3.4-3 name: keydb - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-ntfy.git - version: v2.10.0-2 + version: v2.11.0-0 name: ntfy - src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git version: 201c939eed363de269a83ba29784fc3244846048 From 76099c893617d4cb3e4fe250830e816b323ae957 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 25 Oct 2024 15:19:47 +0900 Subject: [PATCH 244/404] Update docs/configuring-playbook-s3.md about object storage providers Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-s3.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/docs/configuring-playbook-s3.md b/docs/configuring-playbook-s3.md index fb7b51b10..72364e251 100644 --- a/docs/configuring-playbook-s3.md +++ b/docs/configuring-playbook-s3.md @@ -15,22 +15,22 @@ Finally, [set up S3 storage for Synapse](#setting-up) (with [Goofys](configuring ## Choosing an Object Storage provider -You can create [Amazon S3](https://aws.amazon.com/s3/) or another S3-compatible object store like [Backblaze B2](https://www.backblaze.com/b2/cloud-storage.html), [Wasabi](https://wasabi.com), [Digital Ocean Spaces](https://www.digitalocean.com/products/spaces), etc. +You can create [Amazon S3](https://aws.amazon.com/s3/) or another S3-compatible object storage like [Backblaze B2](https://www.backblaze.com/b2/cloud-storage.html), [Storj](https://storj.io), [Wasabi](https://wasabi.com), [Digital Ocean Spaces](https://www.digitalocean.com/products/spaces), etc. -Amazon S3 and Backblaze S3 are pay-as-you with no minimum charges for storing too little data. +Amazon S3, Backblaze B2, and Storj are pay-as-you with no minimum charges for storing too little data. -All these providers have different prices, with Backblaze B2 appearing to be the cheapest. +All these providers have different prices, with Storj appearing to be the cheapest (as of 2024-10, storage fee is $0.004 per GB/month, and egress fee is $0.007 per GB). Backblaze egress is free, but for only certain users for up to 3x the amount of data stored. Beyond that you will pay $0.01/GB of egress. -Wasabi has a minimum charge of 1TB if you're storing less than 1TB, which becomes expensive if you need to store less data than that. +Wasabi has a minimum charge of 1TB if you're storing less than 1TB, which becomes expensive if you need to store less data than that. Likewise, Digital Ocean Spaces has also a minimum charge of 250GB ($5/month as of 2022-10). -Digital Ocean Spaces has a minimum charge of 250GB ($5/month as of 2022-10), which is also expensive if you're storing less data than that. +Here are some of the important aspects of choosing the right provider: -Important aspects of choosing the right provider are: - -- a provider by a company you like and trust (or dislike less than the others) -- a provider which has a data region close to your Matrix server (if it's farther away, high latency may cause slowdowns) -- a provider which is OK pricewise -- a provider with free or cheap egress (if you need to get the data out often, for some reason) - likely not too important for the common use-case +- if a provider is a company you like and trust (or dislike less than the others) +- if a provider implements end-to-end encryption of your data +- if a provider has a data region close to your Matrix server (if it's farther away, high latency may cause slowdowns) +- if a provider's infrastructure such as data center is centralized or distributed +- if a provider's price model is transparent (whether it includes hidden costs like minimum charge, minimum storage term, etc.) +- if a provider has free or cheap egress fee (in case you need to get the data out often, for some reason) - likely not too important for the common use-case ## Bucket creation and Security Configuration From e9c5562ae7108878e2e013346cbdc5b72a391335 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 25 Oct 2024 16:26:35 +0900 Subject: [PATCH 245/404] Fix anchor links and its title of documents related to Amazon S3 Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 4 +++- docs/importing-synapse-media-store.md | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 326ba720c..3524a02f1 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -56,7 +56,9 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Storing Matrix media files using matrix-media-repo](configuring-playbook-matrix-media-repo.md) (optional) -- [Storing Matrix media files on Amazon S3](configuring-playbook-s3.md) (optional) +- [Storing Synapse media files on Amazon S3 or another compatible Object Storage](configuring-playbook-s3.md) (optional) + +- [Storing Matrix media files on Amazon S3 with Goofys](docs/configuring-playbook-s3-goofys.md) (optional) - [Using an external PostgreSQL server](configuring-playbook-external-postgres.md) (optional) diff --git a/docs/importing-synapse-media-store.md b/docs/importing-synapse-media-store.md index 97d89c4e9..01180edab 100644 --- a/docs/importing-synapse-media-store.md +++ b/docs/importing-synapse-media-store.md @@ -7,7 +7,7 @@ Run this if you'd like to import your `media_store` files from a previous instal Before doing the actual data restore, **you need to upload your media store directory to the server** (any path is okay). -If you are [Storing Matrix media files on Amazon S3](configuring-playbook-s3.md) (optional), restoring with this tool is not possible right now. +If you are [storing Matrix media files on Amazon S3](configuring-playbook-s3.md) (optional), restoring with this tool is not possible right now. As an alternative, you can perform a manual restore using the [AWS CLI tool](https://aws.amazon.com/cli/) (e.g. `aws s3 sync /path/to/server/media_store/. s3://name-of-bucket/`) From 8a6b822bbd80ca3cdb25b0cd29bf369b6b0ce2e1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 1 Nov 2024 09:52:10 +0200 Subject: [PATCH 246/404] Always send `/rendezvous` routes to the same Synapse worker process (main) to fix QR code login Related to https://github.com/matrix-org/matrix-spec-proposals/pull/4108 --- .../defaults/main.yml | 3 +++ ...trix-synapse-reverse-proxy-companion.conf.j2 | 17 +++++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml b/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml index 9be2f11a3..2f2cca4e4 100644 --- a/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml +++ b/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml @@ -230,6 +230,9 @@ matrix_synapse_reverse_proxy_companion_synapse_media_repository_locations: [] matrix_synapse_reverse_proxy_companion_synapse_user_dir_locations: [] matrix_synapse_reverse_proxy_companion_client_server_main_override_locations_regex: ^/_matrix/client/(api/v1|r0|v3|unstable)/(account/3pid/|directory/list/room/|pushrules/|rooms/[^/]+/(forget|upgrade|report)|login/sso/redirect/|register) matrix_synapse_reverse_proxy_companion_client_server_sso_override_locations_regex: ^(/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect|/_synapse/client/(pick_username|(new_user_consent|oidc/callback|pick_idp|sso_register)$)) +# Related to MSC4108 (https://github.com/matrix-org/matrix-spec-proposals/pull/4108) +matrix_synapse_reverse_proxy_companion_client_server_qr_code_login_locations_regex: ^(/_matrix/client/(unstable|v1)/org.matrix.msc4108/rendezvous|/_synapse/client/rendezvous)$ + matrix_synapse_reverse_proxy_companion_federation_override_locations_regex: ^/_matrix/federation/v1/openid/userinfo$ # synapse content caching diff --git a/roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/conf.d/matrix-synapse-reverse-proxy-companion.conf.j2 b/roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/conf.d/matrix-synapse-reverse-proxy-companion.conf.j2 index 0dac97120..379f2091a 100644 --- a/roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/conf.d/matrix-synapse-reverse-proxy-companion.conf.j2 +++ b/roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/conf.d/matrix-synapse-reverse-proxy-companion.conf.j2 @@ -125,6 +125,23 @@ server { proxy_max_temp_file_size 0; } + # QR code login (`rendezvous`) locations need to go to the same Synapse process. + # It doesn't necessarily need to be the main process, but it needs to be consistent. + # For simplicity, we'll send them to the main process though. + location ~ {{ matrix_synapse_reverse_proxy_companion_client_server_qr_code_login_locations_regex }} { + {# FIXME: This block was copied from the main Synapse fallback below. It would be better to have it in one place and avoid duplication. #} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver {{ matrix_synapse_reverse_proxy_companion_http_level_resolver }} valid=5s; + set $backend "{{ matrix_synapse_reverse_proxy_companion_client_api_addr }}"; + proxy_pass http://$backend; + + proxy_set_header Host $host; + + client_body_buffer_size 25M; + client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M; + proxy_max_temp_file_size 0; + } + {# Workers redirects BEGIN #} {% if generic_workers | length > 0 %} From 0bc4ef8f4d6611f4b18a94d0b4439f69922a8279 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 26 Oct 2024 23:47:16 +0900 Subject: [PATCH 247/404] Update documentation titles of deprecated or unmaintained services Also: fix typos Signed-off-by: Suguru Hirahara --- CHANGELOG.md | 2 +- docs/configuring-playbook-bot-chatgpt.md | 2 +- docs/configuring-playbook-bot-go-neb.md | 2 +- docs/configuring-playbook-bridge-appservice-webhooks.md | 2 +- docs/configuring-playbook-bridge-mautrix-facebook.md | 2 +- docs/configuring-playbook-bridge-mautrix-hangouts.md | 2 +- docs/configuring-playbook-bridge-mautrix-instagram.md | 2 +- docs/configuring-playbook-bridge-mx-puppet-skype.md | 4 ++-- docs/configuring-playbook-dimension.md | 2 +- 9 files changed, 10 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6957616e0..bc6e2bf82 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1641,7 +1641,7 @@ See our [Setting up maubot](docs/configuring-playbook-bot-maubot.md) documentati ## mx-puppet-skype removal -The playbook no longer includes the [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype) bridge, because it has been broken and unmaintaned for a long time. Users that have `matrix_mx_puppet_skype_enabled` in their configuration files will encounter an error when running the playbook until they remove references to this bridge from their configuration. +The playbook no longer includes the [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype) bridge, because it has been broken and unmaintained for a long time. Users that have `matrix_mx_puppet_skype_enabled` in their configuration files will encounter an error when running the playbook until they remove references to this bridge from their configuration. To completely clean up your server from `mx-puppet-skype`'s presence on it: diff --git a/docs/configuring-playbook-bot-chatgpt.md b/docs/configuring-playbook-bot-chatgpt.md index d866d7577..a24157c46 100644 --- a/docs/configuring-playbook-bot-chatgpt.md +++ b/docs/configuring-playbook-bot-chatgpt.md @@ -1,4 +1,4 @@ -# Setting up matrix-bot-chatgpt (optional) +# Setting up matrix-bot-chatgpt (optional, unmaintained) **Note**: [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) is now an archived (**unmaintained**) project. Talking to ChatGPT (and many other LLM providers) can happen via the much more featureful [baibot](https://github.com/etkecc/baibot), which can be installed using [this playbook](configuring-playbook-bot-baibot.md). Consider using that bot instead of this one. diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 268ee596a..1b21897ac 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -1,4 +1,4 @@ -# Setting up Go-NEB (optional) +# Setting up Go-NEB (optional, unmaintained) **Note**: [Go-NEB](https://github.com/matrix-org/go-neb) is now an archived (**unmaintained**) project. We recommend not bothering with installing it. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md). Consider using that bot instead of this one. diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md index d55ef16fa..538395469 100644 --- a/docs/configuring-playbook-bridge-appservice-webhooks.md +++ b/docs/configuring-playbook-bridge-appservice-webhooks.md @@ -1,4 +1,4 @@ -# Setting up Appservice Webhooks bridging (optional) +# Setting up Appservice Webhooks bridging (optional, deprecated) **Note**: This bridge has been deprecated. We recommend not bothering with installing it. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md). Consider using that bridge instead of this one. diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index fdb20c343..9b881b1d8 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -1,4 +1,4 @@ -# Setting up Mautrix Facebook bridging (optional) +# Setting up Mautrix Facebook bridging (optional, deprecated) **Note**: This bridge has been deprecated in favor of the [mautrix-meta](https://github.com/mautrix/meta) Messenger/Instagram bridge, which can be installed using [this playbook](configuring-playbook-bridge-mautrix-meta-messenger.md). Consider using that bridge instead of this one. diff --git a/docs/configuring-playbook-bridge-mautrix-hangouts.md b/docs/configuring-playbook-bridge-mautrix-hangouts.md index 43aeeaa4c..3a4a11736 100644 --- a/docs/configuring-playbook-bridge-mautrix-hangouts.md +++ b/docs/configuring-playbook-bridge-mautrix-hangouts.md @@ -1,4 +1,4 @@ -# Setting up Mautrix Hangouts bridging (optional) +# Setting up Mautrix Hangouts bridging (optional, deprecated) **Note**: This bridge has been deprecated in favor of [Google Chat bridge](https://github.com/mautrix/googlechat), which can be installed using [this playbook](configuring-playbook-bridge-mautrix-googlechat.md). Consider using that bridge instead of this one. diff --git a/docs/configuring-playbook-bridge-mautrix-instagram.md b/docs/configuring-playbook-bridge-mautrix-instagram.md index c829fd085..b9130faf0 100644 --- a/docs/configuring-playbook-bridge-mautrix-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-instagram.md @@ -1,4 +1,4 @@ -# Setting up Mautrix Instagram bridging (optional) +# Setting up Mautrix Instagram bridging (optional, deprecated) **Note**: This bridge has been deprecated in favor of the [mautrix-meta](https://github.com/mautrix/meta) Messenger/Instagram bridge, which can be installed using [this playbook](configuring-playbook-bridge-mautrix-meta-instagram.md). Consider using that bridge instead of this one. diff --git a/docs/configuring-playbook-bridge-mx-puppet-skype.md b/docs/configuring-playbook-bridge-mx-puppet-skype.md index 51dd34832..bc9d6d534 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-skype.md +++ b/docs/configuring-playbook-bridge-mx-puppet-skype.md @@ -1,5 +1,5 @@ -# Setting up MX Puppet Skype bridging (optional) +# Setting up MX Puppet Skype bridging (optional, removed) -The playbook used to be able to install and configure [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype), but no longer includes this component, because it has been broken and unmaintaned for a long time. +The playbook used to be able to install and configure [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype), but no longer includes this component, because it has been broken and unmaintained for a long time. Bridging to [Skype](https://www.skype.com/) can also happen via the [go-skype-bridge](configuring-playbook-bridge-go-skype-bridge.md) bridge supported by the playbook. diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index 91abb24f4..aa18edfa3 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -1,4 +1,4 @@ -# Setting up Dimension integration manager (optional) +# Setting up Dimension integration manager (optional, unmaintained) **[Dimension](https://dimension.t2bot.io) can only be installed after Matrix services are installed and running.** If you're just installing Matrix services for the first time, please continue with the [Configuration](configuring-playbook.md) / [Installation](installing.md) flow and come back here later. From 289bf2909e97ad8fd27ce8c553fda32eaee15db3 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 1 Nov 2024 18:27:55 +0900 Subject: [PATCH 248/404] Add labels to issue templates Signed-off-by: Suguru Hirahara --- .github/ISSUE_TEMPLATE/bug_report.md | 2 +- .github/ISSUE_TEMPLATE/feature_request.md | 2 +- .github/ISSUE_TEMPLATE/i-need-help.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 9dffaee8f..c20d7abf6 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -2,7 +2,7 @@ name: Bug report about: Create a report to help us improve title: '' -labels: '' +labels: bug assignees: '' --- diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index 3fb2ffe26..2dd100be5 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -2,7 +2,7 @@ name: Feature request about: Suggest an idea for this project title: '' -labels: '' +labels: suggestion assignees: '' --- diff --git a/.github/ISSUE_TEMPLATE/i-need-help.md b/.github/ISSUE_TEMPLATE/i-need-help.md index 6e862463b..20444ad54 100644 --- a/.github/ISSUE_TEMPLATE/i-need-help.md +++ b/.github/ISSUE_TEMPLATE/i-need-help.md @@ -2,7 +2,7 @@ name: I need help about: Get support from our community title: '' -labels: '' +labels: question assignees: '' --- From f5e333b51380ce5beacc0e847f50f6e6fde3e7ee Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 1 Nov 2024 21:36:40 +0900 Subject: [PATCH 249/404] Update docs/configuring-playbook-bridge-mautrix-meta-messenger.md: add a note about user ID of the new bridge's bot The user ID of the new bridge (mautrix-meta) is different from that of the old bridge (mautrix-facebook). It is slightly confusing, and the note should help migration. Signed-off-by: Suguru Hirahara --- .../configuring-playbook-bridge-mautrix-meta-messenger.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md index 927475d90..571805bbe 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md @@ -11,12 +11,12 @@ This documentation page only deals with the bridge's ability to bridge to Facebo If you've been using the [mautrix-facebook](./configuring-playbook-bridge-mautrix-facebook.md) bridge, it's possible to migrate the database using [instructions from the bridge documentation](https://docs.mau.fi/bridges/go/meta/facebook-migration.html) (advanced). -Then you may wish to get rid of the Facebook bridge. To do so, send a `clean-rooms` command to the management room with the old bridge bot (`@facebookbot:example.com`). - -This would give you a list of portals and groups of portals you may purge. Proceed with sending commands like `clean recommended`, etc. +Then you may wish to get rid of the Facebook bridge. To do so, send a `clean-rooms` command to the management room with the old bridge bot (`@facebookbot:example.com`). It gives you a list of portals and groups of portals you may purge. Proceed with sending commands like `clean recommended`, etc. Then, consider disabling the old bridge in your configuration, so it won't recreate the portals when you receive new messages. +**Note**: the user ID of the new bridge bot is `@messengerbot:example.com`, not `@facebookbot:example.com`. After disabling the old bridge, its bot user will stop responding to a command. + ## Adjusting the playbook configuration To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: @@ -102,7 +102,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage -You then need to start a chat with `@messengerbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@messengerbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). Note that the user ID of the bridge's bot is not `@facebookbot:example.com`. You then need to send a `login` command and follow the bridge bot's instructions. From 8f7a723b37235c4ff4c0d3466c51564e5594c2a5 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 1 Nov 2024 21:59:20 +0900 Subject: [PATCH 250/404] Update docs/configuring-playbook-bridge-mautrix-meta-instagram.md: the same paragraph as docs/configuring-playbook-bridge-mautrix-meta-messenger.md Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-mautrix-meta-instagram.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-meta-instagram.md b/docs/configuring-playbook-bridge-mautrix-meta-instagram.md index f7809090d..9b2b44313 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-instagram.md @@ -14,9 +14,7 @@ If you've been using the [mautrix-instagram](./configuring-playbook-bridge-mautr - both trying to use `@instagrambot:example.com` as their username. This conflict may be resolved by adjusting `matrix_mautrix_instagram_appservice_bot_username` or `matrix_mautrix_meta_instagram_appservice_username` - both trying to bridge the same DMs -To do so, send a `clean-rooms` command to the management room with the old bridge bot (`@instagrambot:example.com`). - -This would give you a list of portals and groups of portals you may purge. Proceed with sending commands like `clean recommended`, etc. +To do so, send a `clean-rooms` command to the management room with the old bridge bot (`@instagrambot:example.com`). It gives you a list of portals and groups of portals you may purge. Proceed with sending commands like `clean recommended`, etc. Then, consider disabling the old bridge in your configuration, so it won't recreate the portals when you receive new messages. From 63e16ed034b1de59b4349d687726eb48d6c62364 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 22:56:58 +0900 Subject: [PATCH 251/404] Update docs/container-images.md: create a table for Homeserver This is essentially an imitation of 59a01dabfc0b09b2ac3f8b81a8aecbe47b43bbde for container images. It copies the entries order and descriptions on the table of README.md Signed-off-by: Suguru Hirahara --- docs/container-images.md | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/docs/container-images.md b/docs/container-images.md index fbbfd085c..d5a977bd5 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -5,16 +5,28 @@ This page summarizes the container ([Docker](https://www.docker.com/)) images us We try to stick to official images (provided by their respective projects) as much as possible. -## Container images used by default +## Homeserver -These services are enabled and used by default, but you can turn them off, if you wish. +| Service | Container image | Default? | Description | +| ------- | --------------- | -------- | ----------- | +| [Synapse](configuring-playbook-synapse.md) | [element-hq/synapse](https://ghcr.io/element-hq/synapse) | ✓ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network | +| [Conduit](configuring-playbook-conduit.md) | [matrixconduit/matrix-conduit](https://hub.docker.com/r/matrixconduit/matrix-conduit) | x | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Conduit is a lightweight open-source server implementation of the Matrix Specification with a focus on easy setup and low system requirements | +| [Dendrite](configuring-playbook-dendrite.md) | [matrixdotorg/dendrite-monolith](https://hub.docker.com/r/matrixdotorg/dendrite-monolith/) | x | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Dendrite is a second-generation Matrix homeserver written in Go, an alternative to Synapse. | -- [element-hq/synapse](https://ghcr.io/element-hq/synapse) - a fork of [matrixdotorg/synapse](https://github.com/matrix-org/synapse) Matrix homeserver - -- [coturn/coturn](https://hub.docker.com/r/coturn/coturn/) - the [Coturn](https://github.com/coturn/coturn) STUN/TURN server (optional) +## Clients - [vectorim/element-web](https://hub.docker.com/r/vectorim/element-web/) - the [Element](https://element.io/) web client (optional) +- [element-hq/hydrogen-web](https://ghcr.io/element-hq/hydrogen-web) - the [Hydrogen](https://github.com/element-hq/hydrogen-web) Matrix web client (optional) + +- [ajbura/cinny](https://hub.docker.com/r/ajbura/cinny) - the [Cinny](https://github.com/ajbura/cinny) Matrix web client (optional) + +- [etke.cc/schildichat-web](https://ghcr.io/etkecc/schildichat-web) - the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) Matrix web client (optional) + +## Server Components + +- [coturn/coturn](https://hub.docker.com/r/coturn/coturn/) - the [Coturn](https://github.com/coturn/coturn) STUN/TURN server (optional) + - [postgres](https://hub.docker.com/_/postgres/) - the [Postgres](https://www.postgresql.org/) database server (optional) - [devture/exim-relay](https://hub.docker.com/r/devture/exim-relay/) - the [Exim](https://www.exim.org/) email server (optional) @@ -30,16 +42,6 @@ These services are not part of our default installation, but can be enabled by [ - [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) - the [ma1sd](https://github.com/ma1uta/ma1sd) Matrix Identity server (optional) -- [matrixconduit/matrix-conduit](https://hub.docker.com/r/matrixconduit/matrix-conduit) - the [Conduit](https://conduit.rs) Matrix homeserver (optional) - -- [matrixdotorg/dendrite-monolith](https://hub.docker.com/r/matrixdotorg/dendrite-monolith/) - the [Dendrite](https://github.com/matrix-org/dendrite) Matrix homeserver (optional) - -- [element-hq/hydrogen-web](https://ghcr.io/element-hq/hydrogen-web) - the [Hydrogen](https://github.com/element-hq/hydrogen-web) Matrix web client (optional) - -- [ajbura/cinny](https://hub.docker.com/r/ajbura/cinny) - the [Cinny](https://github.com/ajbura/cinny) Matrix web client (optional) - -- [etke.cc/schildichat-web](https://ghcr.io/etkecc/schildichat-web) - the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) Matrix web client (optional) - - [activism.international/matrix_ldap_registration_proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/container_registry) - the [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) for handling Matrix registration requests and forwards them to LDAP (optional) - [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) - the [Goofys](https://github.com/kahing/goofys) Amazon [S3](https://aws.amazon.com/s3/) file-system-mounting program (optional) From f3fde12c45a6983dc5b025b2c46abab779003a1f Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 23:00:52 +0900 Subject: [PATCH 252/404] Update docs/container-images.md: create tables for Clients and Server Components Signed-off-by: Suguru Hirahara --- docs/container-images.md | 42 ++++++++++++++++------------------------ 1 file changed, 17 insertions(+), 25 deletions(-) diff --git a/docs/container-images.md b/docs/container-images.md index d5a977bd5..35f0a9c4c 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -15,33 +15,31 @@ We try to stick to official images (provided by their respective projects) as mu ## Clients -- [vectorim/element-web](https://hub.docker.com/r/vectorim/element-web/) - the [Element](https://element.io/) web client (optional) - -- [element-hq/hydrogen-web](https://ghcr.io/element-hq/hydrogen-web) - the [Hydrogen](https://github.com/element-hq/hydrogen-web) Matrix web client (optional) - -- [ajbura/cinny](https://hub.docker.com/r/ajbura/cinny) - the [Cinny](https://github.com/ajbura/cinny) Matrix web client (optional) - -- [etke.cc/schildichat-web](https://ghcr.io/etkecc/schildichat-web) - the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) Matrix web client (optional) +| Service | Container image | Default? | Description | +| ------- | --------------- | -------- | ----------- | +| [Element](configuring-playbook-client-element.md) | [vectorim/element-web](https://hub.docker.com/r/vectorim/element-web/) | ✓ | Web UI, which is configured to connect to your own Synapse server by default | +| [Hydrogen](configuring-playbook-client-hydrogen.md) | [element-hq/hydrogen-web](https://ghcr.io/element-hq/hydrogen-web) | x | Lightweight Matrix client with legacy and mobile browser support | +| [Cinny](configuring-playbook-client-cinny.md) | [ajbura/cinny](https://hub.docker.com/r/ajbura/cinny) | x | Simple, elegant and secure web client | +| [SchildiChat](configuring-playbook-client-schildichat.md) | [etke.cc/schildichat-web](https://ghcr.io/etkecc/schildichat-web) | x | Based on Element, with a more traditional instant messaging experience | ## Server Components -- [coturn/coturn](https://hub.docker.com/r/coturn/coturn/) - the [Coturn](https://github.com/coturn/coturn) STUN/TURN server (optional) - -- [postgres](https://hub.docker.com/_/postgres/) - the [Postgres](https://www.postgresql.org/) database server (optional) - -- [devture/exim-relay](https://hub.docker.com/r/devture/exim-relay/) - the [Exim](https://www.exim.org/) email server (optional) - -- [Traefik](https://hub.docker.com/_/traefik/) - the [Traefik](https://traefik.io/) web server (optional) - -- [certbot/certbot](https://hub.docker.com/r/certbot/certbot/) - the [certbot](https://certbot.eff.org/) tool for obtaining SSL certificates from [Let's Encrypt](https://letsencrypt.org/) (optional) - +| Service | Container image | Default? | Description | +| ------- | --------------- | -------- | ----------- | +| [PostgreSQL](configuring-playbook-external-postgres.md) | [postgres](https://hub.docker.com/_/postgres/) | ✓ | Database for Synapse. [Using an external PostgreSQL server](configuring-playbook-external-postgres.md) is also possible. | +| [Coturn](configuring-playbook-turn.md) | [coturn/coturn](https://hub.docker.com/r/coturn/coturn/) | ✓ | STUN/TURN server for WebRTC audio/video calls | +| [Traefik](configuring-playbook-traefik.md) | [Traefik](https://hub.docker.com/_/traefik/) | ✓ | Web server, listening on ports 80, 443 and 8448 - standing in front of all the other services. Using your own webserver [is possible](configuring-playbook-own-webserver.md) | +| [Let's Encrypt](configuring-playbook-ssl-certificates.md) | [certbot/certbot](https://hub.docker.com/r/certbot/certbot/) | ✓ | The [certbot](https://certbot.eff.org/) tool for obtaining SSL certificates from [Let's Encrypt](https://letsencrypt.org/) | +| [ma1sd](configuring-playbook-ma1sd.md) | [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) | x | Matrix Identity Server | +| [Exim](configuring-playbook-email.md) | [devture/exim-relay](https://hub.docker.com/r/devture/exim-relay/) | ✓ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | +| [ddclient](configuring-playbook-dynamic-dns.md) | [linuxserver/ddclient](https://hub.docker.com/r/linuxserver/ddclient) | x | Update dynamic DNS entries for accounts on Dynamic DNS Network Service Provider | +| [Sygnal](configuring-playbook-sygnal.md) | [matrixdotorg/sygnal](https://hub.docker.com/r/matrixdotorg/sygnal/) | x | Reference Push Gateway for Matrix | +| [ntfy](configuring-playbook-ntfy.md) | [binwiederhier/ntfy](https://hub.docker.com/r/binwiederhier/ntfy/) | x | Self-hosted, UnifiedPush-compatible push notifications server | ## Optional other container images we may use These services are not part of our default installation, but can be enabled by [configuring the playbook](configuring-playbook.md) (either before the initial installation or any time later): -- [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) - the [ma1sd](https://github.com/ma1uta/ma1sd) Matrix Identity server (optional) - - [activism.international/matrix_ldap_registration_proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/container_registry) - the [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) for handling Matrix registration requests and forwards them to LDAP (optional) - [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) - the [Goofys](https://github.com/kahing/goofys) Amazon [S3](https://aws.amazon.com/s3/) file-system-mounting program (optional) @@ -108,8 +106,6 @@ These services are not part of our default installation, but can be enabled by [ - [icewind1991/mx-puppet-steam](https://hub.docker.com/r/icewind1991/mx-puppet-steam) - the [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) bridge to [Steam](https://steampowered.com) (optional) -- [linuxserver/ddclient](https://hub.docker.com/r/linuxserver/ddclient) - [ddclient](https://github.com/linuxserver/docker-ddclient) used to update dynamic DNS entries for accounts on Dynamic DNS Network Service Provider (optional) - - [jitsi/web](https://hub.docker.com/r/jitsi/web) - the [Jitsi](https://jitsi.org/) web UI (optional) - [jitsi/jicofo](https://hub.docker.com/r/jitsi/jicofo) - the [Jitsi](https://jitsi.org/) Focus component (optional) @@ -152,10 +148,6 @@ These services are not part of our default installation, but can be enabled by [ - [grafana/grafana](https://hub.docker.com/r/grafana/grafana/) - [Grafana](https://github.com/grafana/grafana/) is a graphing tool that works well with the above two images. Our playbook also adds two dashboards for [Synapse](https://github.com/element-hq/synapse/tree/master/contrib/grafana) and [Node Exporter](https://github.com/rfrail3/grafana-dashboards) -- [matrixdotorg/sygnal](https://hub.docker.com/r/matrixdotorg/sygnal/) - [Sygnal](https://github.com/matrix-org/sygnal) is a reference Push Gateway for Matrix - -- [binwiederhier/ntfy](https://hub.docker.com/r/binwiederhier/ntfy/) - [ntfy](https://ntfy.sh/) is a self-hosted, UnifiedPush-compatible push notifications server - - [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) - the [Sliding Sync](https://github.com/matrix-org/sliding-sync) proxy (optional) - [etke.cc/rust-synapse-compress-state](https://gitlab.com/etke.cc/rust-synapse-compress-state/container_registry) - [synapse-auto-compressor](https://github.com/matrix-org/rust-synapse-compress-state/#automated-tool-synapse_auto_compressor) for automatic compression of Synapse's `state_groups` database table (optional) From ab1cce5a14d5ca8ddee6f75814ce25aa296d47ab Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 23:30:44 +0900 Subject: [PATCH 253/404] Update docs/container-images.md: create a table for Authentication Signed-off-by: Suguru Hirahara --- docs/container-images.md | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/docs/container-images.md b/docs/container-images.md index 35f0a9c4c..541d9a008 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -36,12 +36,21 @@ We try to stick to official images (provided by their respective projects) as mu | [Sygnal](configuring-playbook-sygnal.md) | [matrixdotorg/sygnal](https://hub.docker.com/r/matrixdotorg/sygnal/) | x | Reference Push Gateway for Matrix | | [ntfy](configuring-playbook-ntfy.md) | [binwiederhier/ntfy](https://hub.docker.com/r/binwiederhier/ntfy/) | x | Self-hosted, UnifiedPush-compatible push notifications server | +## Authentication + +| Service | Container image | Default? | Description | +| ------- | --------------- | -------- | ----------- | +| [matrix-synapse-rest-auth](configuring-playbook-rest-auth.md) | (N/A) | x | REST authentication password provider module | +| [matrix-synapse-shared-secret-auth](configuring-playbook-shared-secret-auth.md) | (N/A) | x | Password provider module | +| [matrix-synapse-ldap3](configuring-playbook-ldap-auth.md) (advanced) | (N/A) | x | LDAP Auth password provider module | +| [matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) | [activism.international/matrix_ldap_registration_proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/container_registry) | x | A proxy that handles Matrix registration requests and forwards them to LDAP. | +| [matrix-registration](configuring-playbook-matrix-registration.md) | [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) | x | A simple python application to have a token based Matrix registration | +| [Matrix User Verification Service](configuring-playbook-user-verification-service.md) (UVS) | [matrixdotorg/matrix-user-verification-service](https://hub.docker.com/r/atrixdotorg/matrix-user-verification-service) | x | Service to verify details of a user based on an Open ID token | + ## Optional other container images we may use These services are not part of our default installation, but can be enabled by [configuring the playbook](configuring-playbook.md) (either before the initial installation or any time later): -- [activism.international/matrix_ldap_registration_proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/container_registry) - the [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) for handling Matrix registration requests and forwards them to LDAP (optional) - - [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) - the [Goofys](https://github.com/kahing/goofys) Amazon [S3](https://aws.amazon.com/s3/) file-system-mounting program (optional) - [t2bot/matrix-media-repo](https://ghcr.io/t2bot/matrix-media-repo) - the [matrix-media-repo](https://docs.t2bot.io/matrix-media-repo/) highly customizable multi-domain media repository (optional) @@ -52,10 +61,6 @@ These services are not part of our default installation, but can be enabled by [ - [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal/) - [Matrix Corporal](https://github.com/devture/matrix-corporal): reconciliator and gateway for a managed Matrix server (optional) -- [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) - [matrix-registration](https://github.com/ZerataX/matrix-registration): a simple python application to have a token based Matrix registration (optional) - -- [matrixdotorg/matrix-user-verification-service](https://hub.docker.com/r/matrixdotorg/matrix-user-verification-service) - [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) for verifying details of a user based on an Open ID token (optional) - - [mautrix/discord](https://mau.dev/mautrix/discord/container_registry) - the [mautrix-discord](https://github.com/mautrix/discord) bridge to [Discord](https://discord.com/) (optional) - [mautrix/slack](https://mau.dev/mautrix/slack/container_registry) - the [mautrix-slack](https://github.com/mautrix/slack) bridge to [Slack](https://slack.com/) (optional) From d90dcc4a0439cb6325ea28aec6684d619cdd01fe Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 27 Oct 2024 23:41:14 +0900 Subject: [PATCH 254/404] Update docs/container-images.md: create a table for File Storage Signed-off-by: Suguru Hirahara --- docs/container-images.md | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/docs/container-images.md b/docs/container-images.md index 541d9a008..c80c0a466 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -47,14 +47,18 @@ We try to stick to official images (provided by their respective projects) as mu | [matrix-registration](configuring-playbook-matrix-registration.md) | [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) | x | A simple python application to have a token based Matrix registration | | [Matrix User Verification Service](configuring-playbook-user-verification-service.md) (UVS) | [matrixdotorg/matrix-user-verification-service](https://hub.docker.com/r/atrixdotorg/matrix-user-verification-service) | x | Service to verify details of a user based on an Open ID token | +## File Storage + +| Service | Container image | Default? | Description | +| ------- | --------------- | -------- | ----------- | +| [Goofys](configuring-playbook-s3-goofys.md) | [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) | x | [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files | +| [synapse-s3-storage-provider](configuring-playbook-s3.md) | (N/A) | x | [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files | +| [matrix-media-repo](configuring-playbook-matrix-media-repo.md) | [t2bot/matrix-media-repo](https://ghcr.io/t2bot/matrix-media-repo) | x | matrix-media-repo is a highly customizable multi-domain media repository for Matrix. Intended for medium to large deployments, this media repo de-duplicates media while being fully compliant with the specification. | + ## Optional other container images we may use These services are not part of our default installation, but can be enabled by [configuring the playbook](configuring-playbook.md) (either before the initial installation or any time later): -- [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) - the [Goofys](https://github.com/kahing/goofys) Amazon [S3](https://aws.amazon.com/s3/) file-system-mounting program (optional) - -- [t2bot/matrix-media-repo](https://ghcr.io/t2bot/matrix-media-repo) - the [matrix-media-repo](https://docs.t2bot.io/matrix-media-repo/) highly customizable multi-domain media repository (optional) - - [etherpad/etherpad](https://hub.docker.com/r/etherpad/etherpad/) - the [Etherpad](https://etherpad.org) realtime collaborative text editor that can be used in a Jitsi audio/video call or integrated as a widget into Matrix chat rooms via the Dimension integration manager (optional) - [devture/email2matrix](https://hub.docker.com/r/devture/email2matrix/) - the [Email2Matrix](https://github.com/devture/email2matrix) email server, which can relay email messages to Matrix rooms (optional) From 2b12ccb51760ac5e6b0cb3dac74a1f5e921933f4 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 28 Oct 2024 01:21:16 +0900 Subject: [PATCH 255/404] Update docs/container-images.md: create a table for Bridges Signed-off-by: Suguru Hirahara --- docs/container-images.md | 87 +++++++++++++++------------------------- 1 file changed, 33 insertions(+), 54 deletions(-) diff --git a/docs/container-images.md b/docs/container-images.md index c80c0a466..824c4fb0d 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -55,66 +55,47 @@ We try to stick to official images (provided by their respective projects) as mu | [synapse-s3-storage-provider](configuring-playbook-s3.md) | (N/A) | x | [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files | | [matrix-media-repo](configuring-playbook-matrix-media-repo.md) | [t2bot/matrix-media-repo](https://ghcr.io/t2bot/matrix-media-repo) | x | matrix-media-repo is a highly customizable multi-domain media repository for Matrix. Intended for medium to large deployments, this media repo de-duplicates media while being fully compliant with the specification. | +# Bridges + +| Service | Container image | Default? | Description | +| ------- | --------------- | -------- | ----------- | +| [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) | [mautrix/discord](https://mau.dev/mautrix/discord/container_registry) | x | Bridge to [Discord](https://discord.com/) | +| [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) | [mautrix/slack](https://mau.dev/mautrix/slack/container_registry) | x | Bridge to [Slack](https://slack.com/) | +| [mautrix-telegram](configuring-playbook-bridge-mautrix-telegram.md) | [mautrix/telegram](https://mau.dev/mautrix/telegram/container_registry) | x | Bridge to [Telegram](https://telegram.org/) | +| [mautrix-gmessages](configuring-playbook-bridge-mautrix-gmessages.md) | [mautrix/gmessages](https://mau.dev/mautrix/gmessages/container_registry) | x | Bridge to [Google Messages](https://messages.google.com/) | +| [mautrix-whatsapp](configuring-playbook-bridge-mautrix-whatsapp.md) | [mautrix/whatsapp](https://mau.dev/mautrix/whatsapp/container_registry) | x | Bridge to [WhatsApp](https://www.whatsapp.com/) | +| [mautrix-wsproxy](configuring-playbook-bridge-mautrix-wsproxy.md) | [mautrix/wsproxy](https://mau.dev/mautrix/wsproxy/container_registry) | x | Bridge to Android SMS or Apple iMessage | +| [mautrix-twitter](configuring-playbook-bridge-mautrix-twitter.md) | [mautrix/twitter](https://mau.dev/mautrix/twitter/container_registry) | x | Bridge to [Twitter](https://twitter.com/) | +| [mautrix-googlechat](configuring-playbook-bridge-mautrix-googlechat.md) | [mautrix/googlechat](https://mau.dev/mautrix/googlechat/container_registry) | x | Bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) | +| mautrix-meta (for [Messenger](configuring-playbook-bridge-mautrix-meta-messenger.md) and [Instagram](configuring-playbook-bridge-mautrix-meta-instagram.md)) | [mautrix/meta](https://mau.dev/mautrix/meta/container_registry) | x | Bridge to [Messenger](https://messenger.com/) and [Instagram](https://instagram.com/) | +| [mautrix-signal](configuring-playbook-bridge-mautrix-signal.md) | [mautrix/signal](https://mau.dev/mautrix/signal/container_registry) | x | Bridge to [Signal](https://www.signal.org/) | +| [beeper-linkedin](configuring-playbook-bridge-beeper-linkedin.md) | [beeper/linkedin](https://ghcr.io/beeper/linkedin) | x | Bridge to [LinkedIn](https://www.linkedin.com/) | +| [matrix-appservice-irc](configuring-playbook-bridge-appservice-irc.md) | [matrixdotorg/matrix-appservice-irc](https://hub.docker.com/r/matrixdotorg/matrix-appservice-irc) | x | Bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | +| [matrix-appservice-kakaotalk](configuring-playbook-bridge-appservice-kakaotalk.md) | Self-building | x | Bridge to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) | +| [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) | [matrix-org/matrix-appservice-discord](https://ghcr.io/matrix-org/matrix-appservice-discord) | x | Bridge to [Discord](https://discordapp.com/) | +| [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) | [matrixdotorg/matrix-appservice-slack](https://hub.docker.com/r/matrixdotorg/matrix-appservice-slack) | x | Bridge to [Slack](https://slack.com/) | +| [matrix-hookshot](configuring-playbook-bridge-hookshot.md) | [halfshot/matrix-hookshot](https://hub.docker.com/r/halfshot/matrix-hookshot) | x | Bridge for generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular | +| [matrix-sms-bridge](configuring-playbook-bridge-matrix-bridge-sms.md) | [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) | x | Bridge to SMS | +| [matrix-wechat](configuring-playbook-bridge-wechat.md) | [lxduo/matrix-wechat](https://hub.docker.com/r/lxduo/matrix-wechat) | x | Bridge to [WeChat](https://www.wechat.com/) | +| [Heisenbridge](configuring-playbook-bridge-heisenbridge.md) | [hif1/heisenbridge](https://hub.docker.com/r/hif1/heisenbridge) | x | Bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | +| [go-skype-bridge](configuring-playbook-bridge-go-skype-bridge.md) | [nodefyme/go-skype-bridge](https://hub.docker.com/r/nodefyme/go-skype-bridge) | x | Bridge to [Skype](https://www.skype.com) | +| [mx-puppet-slack](configuring-playbook-bridge-mx-puppet-slack.md) | [mx-puppet/slack/mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack/container_registry) | x | Bridge to [Slack](https://slack.com) | +| [mx-puppet-instagram](configuring-playbook-bridge-mx-puppet-instagram.md) | [sorunome/mx-puppet-instagram](https://hub.docker.com/r/sorunome/mx-puppet-instagram) | x | Bridge for Instagram-DMs ([Instagram](https://www.instagram.com/)) | +| [mx-puppet-twitter](configuring-playbook-bridge-mx-puppet-twitter.md) | [sorunome/mx-puppet-twitter](https://hub.docker.com/r/sorunome/mx-puppet-twitter) | x | Bridge for Twitter-DMs ([Twitter](https://twitter.com/)) | +| [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) | [mx-puppet/discord/mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord/container_registry) | x | Bridge to [Discord](https://discordapp.com/) | +| [mx-puppet-groupme](configuring-playbook-bridge-mx-puppet-groupme.md) | [xangelix/mx-puppet-groupme](https://hub.docker.com/r/xangelix/mx-puppet-groupme) | x | Bridge to [GroupMe](https://groupme.com/) | +| [mx-puppet-steam](configuring-playbook-bridge-mx-puppet-steam.md) | [icewind1991/mx-puppet-steam](https://hub.docker.com/r/icewind1991/mx-puppet-steam) | x | Bridge to [Steam](https://steamapp.com/) | +| [Email2Matrix](configuring-playbook-email2matrix.md) | [devture/email2matrix](https://hub.docker.com/r/devture/email2matrix/) | x | Bridge for relaying emails to Matrix rooms | +| [Postmoogle](docs/configuring-playbook-bridge-postmoogle.md) | [etke.cc/postmoogle](https://github.com/etkecc/postmoogle/container_registry) | x | Email to Matrix bridge | + ## Optional other container images we may use These services are not part of our default installation, but can be enabled by [configuring the playbook](configuring-playbook.md) (either before the initial installation or any time later): - [etherpad/etherpad](https://hub.docker.com/r/etherpad/etherpad/) - the [Etherpad](https://etherpad.org) realtime collaborative text editor that can be used in a Jitsi audio/video call or integrated as a widget into Matrix chat rooms via the Dimension integration manager (optional) -- [devture/email2matrix](https://hub.docker.com/r/devture/email2matrix/) - the [Email2Matrix](https://github.com/devture/email2matrix) email server, which can relay email messages to Matrix rooms (optional) - - [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal/) - [Matrix Corporal](https://github.com/devture/matrix-corporal): reconciliator and gateway for a managed Matrix server (optional) -- [mautrix/discord](https://mau.dev/mautrix/discord/container_registry) - the [mautrix-discord](https://github.com/mautrix/discord) bridge to [Discord](https://discord.com/) (optional) - -- [mautrix/slack](https://mau.dev/mautrix/slack/container_registry) - the [mautrix-slack](https://github.com/mautrix/slack) bridge to [Slack](https://slack.com/) (optional) - -- [mautrix/telegram](https://mau.dev/mautrix/telegram/container_registry) - the [mautrix-telegram](https://github.com/mautrix/telegram) bridge to [Telegram](https://telegram.org/) (optional) - -- [mautrix/gmessages](https://mau.dev/mautrix/gmessages/container_registry) - the [mautrix-gmessages](https://github.com/mautrix/gmessages) bridge to [Google Messages](https://messages.google.com/) (optional) - -- [mautrix/whatsapp](https://mau.dev/mautrix/whatsapp/container_registry) - the [mautrix-whatsapp](https://github.com/mautrix/whatsapp) bridge to [Whatsapp](https://www.whatsapp.com/) (optional) - -- [mautrix/wsproxy](https://mau.dev/mautrix/wsproxy/container_registry) - the [mautrix-wsproxy](https://github.com/mautrix/wsproxy) bridge to Android SMS or Apple iMessage (optional) - -- [mautrix/twitter](https://mau.dev/mautrix/twitter/container_registry) - the [mautrix-twitter](https://github.com/mautrix/twitter) bridge to [Twitter](https://twitter.com/) (optional) - -- [mautrix/googlechat](https://mau.dev/mautrix/googlechat/container_registry) - the [mautrix-googlechat](https://github.com/mautrix/googlechat) bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) (optional) - -- [mautrix/meta](https://mau.dev/mautrix/meta/container_registry) - the [mautrix-meta](https://github.com/mautrix/meta) bridge to [Messenger](https://messenger.com/) and [Instagram](https://instagram.com/) (optional) - -- [mautrix/signal](https://mau.dev/mautrix/signal/container_registry) - the [mautrix-signal](https://github.com/mautrix/signal) bridge to [Signal](https://www.signal.org/) (optional) - -- [beeper/linkedin](https://ghcr.io/beeper/linkedin) - the [beeper-linkedin](https://github.com/beeper/linkedin) bridge to [LinkedIn](https://www.linkedin.com/) Messaging (optional) - -- [matrixdotorg/matrix-appservice-irc](https://hub.docker.com/r/matrixdotorg/matrix-appservice-irc) - the [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) (optional) - -- [matrix-org/matrix-appservice-discord](https://ghcr.io/matrix-org/matrix-appservice-discord) - the [matrix-appservice-discord](https://github.com/matrix-org/matrix-appservice-discord) bridge to [Discord](https://discordapp.com/) (optional) - -- [matrixdotorg/matrix-appservice-slack](https://hub.docker.com/r/matrixdotorg/matrix-appservice-slack) - the [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) bridge to [Slack](https://slack.com/) (optional) - -- [halfshot/matrix-hookshot](https://hub.docker.com/r/halfshot/matrix-hookshot) - the [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) Bridge for generic webhooks and multiple project management services (optional) - -- [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) - the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) (optional) - -- [lxduo/matrix-wechat](https://hub.docker.com/r/lxduo/matrix-wechat) - the [matrix-wechat](https://github.com/duo/matrix-wechat) bridge to WeChat (optional) - -- [hif1/heisenbridge](https://hub.docker.com/r/hif1/heisenbridge) - the [Heisenbridge](https://github.com/hifi/heisenbridge) bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) (optional) - -- [nodefyme/go-skype-bridge](https://hub.docker.com/r/nodefyme/go-skype-bridge) - the [go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) to [Skype](https://www.skype.com/) (optional) - -- [mx-puppet/discord/mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord/container_registry) - the [mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord) bridge to [Discord](https://discordapp.com) (optional) - -- [mx-puppet/slack/mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack/container_registry) - the [mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) bridge to [Slack](https://slack.com) (optional) - -- [sorunome/mx-puppet-instagram](https://hub.docker.com/r/sorunome/mx-puppet-instagram) - the [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) bridge to [Instagram](https://www.instagram.com) (optional) - -- [sorunome/mx-puppet-twitter](https://hub.docker.com/r/sorunome/mx-puppet-twitter) - the [mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) bridge to [Twitter](https://twitter.com) (optional) - -- [xangelix/mx-puppet-groupme](https://hub.docker.com/r/xangelix/mx-puppet-groupme) - the [mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) bridge to [GroupMe](https://groupme.com/) (optional) - -- [icewind1991/mx-puppet-steam](https://hub.docker.com/r/icewind1991/mx-puppet-steam) - the [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) bridge to [Steam](https://steampowered.com) (optional) - - [jitsi/web](https://hub.docker.com/r/jitsi/web) - the [Jitsi](https://jitsi.org/) web UI (optional) - [jitsi/jicofo](https://hub.docker.com/r/jitsi/jicofo) - the [Jitsi](https://jitsi.org/) Focus component (optional) @@ -133,8 +114,6 @@ These services are not part of our default installation, but can be enabled by [ - [etke.cc/honoroit](https://github.com/etkecc/honoroit/container_registry) - the [Honoroit](https://github.com/etkecc/honoroit) helpdesk bot (optional) -- [etke.cc/postmoogle](https://github.com/etkecc/postmoogle/container_registry) - the [Postmoogle](https://github.com/etkecc/postmoogle) email bridge bot (optional) - - [matrixdotorg/mjolnir](https://hub.docker.com/r/matrixdotorg/mjolnir) - the [Mjolnir](https://github.com/matrix-org/mjolnir) moderation bot (optional) - [gnuxie/draupnir](https://hub.docker.com/r/gnuxie/draupnir) - the [Draupnir](https://github.com/the-draupnir-project/Draupnir/) moderation bot (optional) From 292dd56eed5998584c7f10b6da2a438a5c3ca7a7 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 28 Oct 2024 01:31:44 +0900 Subject: [PATCH 256/404] Update docs/container-images.md: create a table for Bots Signed-off-by: Suguru Hirahara --- docs/container-images.md | 29 +++++++++++++---------------- 1 file changed, 13 insertions(+), 16 deletions(-) diff --git a/docs/container-images.md b/docs/container-images.md index 824c4fb0d..3b90e6a8a 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -88,6 +88,19 @@ We try to stick to official images (provided by their respective projects) as mu | [Email2Matrix](configuring-playbook-email2matrix.md) | [devture/email2matrix](https://hub.docker.com/r/devture/email2matrix/) | x | Bridge for relaying emails to Matrix rooms | | [Postmoogle](docs/configuring-playbook-bridge-postmoogle.md) | [etke.cc/postmoogle](https://github.com/etkecc/postmoogle/container_registry) | x | Email to Matrix bridge | +## Bots + +| Service | Container image | Default? | Description | +| ------- | --------------- | -------- | ----------- | +| [baibot](configuring-playbook-bot-baibot.md) | [etke.cc/baibot](https://ghcr.io/etkecc/baibot) | x | A bot that exposes the power of [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) to you | +| [matrix-reminder-bot](configuring-playbook-bot-matrix-reminder-bot.md) | [anoa/matrix-reminder-bot](https://hub.docker.com/r/anoa/matrix-reminder-bot) | x | Bot for scheduling one-off & recurring reminders and alarms | +| [matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md) | [moanos/matrix-registration-bot](https://hub.docker.com/r/moanos/matrix-registration-bot/) | x | Bot for invitations by creating and managing registration tokens | +| [maubot](configuring-playbook-bot-maubot.md) | [dock.mau.dev/maubot/maubot](https://mau.dev/maubot/maubot/container_registry) | x | A plugin-based Matrix bot system | +| [Honoroit](configuring-playbook-bot-honoroit.md) | [etke.cc/honoroit](https://github.com/etkecc/honoroit/container_registry) | x | A helpdesk bot | +| [Mjolnir](configuring-playbook-bot-mjolnir.md) | [matrixdotorg/mjolnir](https://hub.docker.com/r/matrixdotorg/mjolnir) | x | A moderation tool for Matrix | +| [Draupnir](configuring-playbook-bot-draupnir.md) | [gnuxie/draupnir](https://hub.docker.com/r/gnuxie/draupnir) | x | A moderation tool for Matrix (Fork of Mjolnir) | +| [Buscarron](configuring-playbook-bot-buscarron.md) | [etke.cc/buscarron](https://ghcr.io/etkecc/buscarron) | x | Web forms (HTTP POST) to Matrix | + ## Optional other container images we may use These services are not part of our default installation, but can be enabled by [configuring the playbook](configuring-playbook.md) (either before the initial installation or any time later): @@ -104,22 +117,6 @@ These services are not part of our default installation, but can be enabled by [ - [jitsi/jvb](https://hub.docker.com/r/jitsi/jvb) - the [Jitsi](https://jitsi.org/) Video Bridge component (optional) -- [etke.cc/baibot](https://ghcr.io/etkecc/baibot) - the [baibot](https://github.com/etkecc/baibot) for accessing [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) (optional) - -- [anoa/matrix-reminder-bot](https://hub.docker.com/r/anoa/matrix-reminder-bot) - the [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) bot for one-off & recurring reminders and alarms (optional) - -- [moanos/matrix-registration-bot/](https://hub.docker.com/r/moanos/matrix-registration-bot/) - the [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) bot (manage registration tokens for invitations to the server) (optional) - -- [dock.mau.dev/maubot/maubot](https://mau.dev/maubot/maubot/container_registry) - the [maubot](https://github.com/maubot/maubot) bot (a plugin-based Matrix bot system) (optional) - -- [etke.cc/honoroit](https://github.com/etkecc/honoroit/container_registry) - the [Honoroit](https://github.com/etkecc/honoroit) helpdesk bot (optional) - -- [matrixdotorg/mjolnir](https://hub.docker.com/r/matrixdotorg/mjolnir) - the [Mjolnir](https://github.com/matrix-org/mjolnir) moderation bot (optional) - -- [gnuxie/draupnir](https://hub.docker.com/r/gnuxie/draupnir) - the [Draupnir](https://github.com/the-draupnir-project/Draupnir/) moderation bot (optional) - -- [etke.cc/buscarron](https://ghcr.io/etkecc/buscarron) - the [Buscarron](https://github.com/etkecc/buscarron) bot for web forms (HTTP POST) (optional) - - [metio/matrix-alertmanager-receiver](https://hub.docker.com/r/metio/matrix-alertmanager-receiver) - the [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) client for Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) (optional) - [element-hq/matrix-authentication-service](https://ghcr.io/element-hq/matrix-authentication-service) - [matrix-authentication-service](https://github.com/element-hq/matrix-authentication-service) (MAS) OAuth 2.0 and OpenID Provider server (optional) From a4619fec256c0f425eb8b34fa4b2aa0e10f4bb27 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 28 Oct 2024 02:01:19 +0900 Subject: [PATCH 257/404] Update docs/container-images.md: create a table for Administration Signed-off-by: Suguru Hirahara --- docs/container-images.md | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/docs/container-images.md b/docs/container-images.md index 3b90e6a8a..ce0b07151 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -101,6 +101,21 @@ We try to stick to official images (provided by their respective projects) as mu | [Draupnir](configuring-playbook-bot-draupnir.md) | [gnuxie/draupnir](https://hub.docker.com/r/gnuxie/draupnir) | x | A moderation tool for Matrix (Fork of Mjolnir) | | [Buscarron](configuring-playbook-bot-buscarron.md) | [etke.cc/buscarron](https://ghcr.io/etkecc/buscarron) | x | Web forms (HTTP POST) to Matrix | +## Administration + +| Service | Container image | Default? | Description | +| ------- | --------------- | -------- | ----------- | +| [matrix-alertmanager-receiver](configuring-playbook-alertmanager-receiver.md) | [metio/matrix-alertmanager-receiver](https://hub.docker.com/r/metio/matrix-alertmanager-receiver) | x | Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) client | +| [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md) | [element-hq/matrix-authentication-service](https://ghcr.io/element-hq/matrix-authentication-service) | x | OAuth 2.0 and OpenID Provider server | +| [synapse-admin](configuring-playbook-synapse-admin.md) | [etke.cc/synapse-admin](https://ghcr.io/etkecc/synapse-admin) | x | A web UI tool for administrating users and rooms on your Matrix server | +| [Metrics and Graphs](configuring-playbook-prometheus-grafana.md) | [prom/prometheus](https://hub.docker.com/r/prom/prometheus/) | x | [Prometheus](https://prometheus.io) time-series database server | +| [Metrics and Graphs](configuring-playbook-prometheus-grafana.md) | [prom/node-exporter](https://hub.docker.com/r/prom/node-exporter/) | x | Prometheus [node-exporter](https://prometheus.io/docs/guides/node-exporter/) host metrics exporter | +| [Metrics and Graphs](configuring-playbook-prometheus-grafana.md) | [grafana/grafana](https://hub.docker.com/r/grafana/grafana/) | x | Graphing tool that works well with the above two images. Our playbook also adds two dashboards for [Synapse](https://github.com/element-hq/synapse/tree/master/contrib/grafana) and [Node Exporter](https://github.com/rfrail3/grafana-dashboards) | +| [Metrics and Graphs](configuring-playbook-prometheus-nginxlog.md) | [martin-helmich/prometheus-nginxlog-exporter/exporter](https://ghcr.io/martin-helmich/prometheus-nginxlog-exporter/exporter) | x | Addon for Prometheus that gathers access logs from various nginx reverse-proxies | +| [Borg](configuring-playbook-backup-borg.md) | (N/A) | x | Backups | +| [rageshake](configuring-playbook-rageshake.md) | [matrix-org/rageshake](https://ghcr.io/matrix-org/rageshake) | x | Bug report server | +| [synapse-usage-exporter](configuring-playbook-synapse-usage-exporter.md) | Self-building | x | Export the usage statistics of a Synapse homeserver to be scraped by Prometheus. | + ## Optional other container images we may use These services are not part of our default installation, but can be enabled by [configuring the playbook](configuring-playbook.md) (either before the initial installation or any time later): @@ -117,22 +132,6 @@ These services are not part of our default installation, but can be enabled by [ - [jitsi/jvb](https://hub.docker.com/r/jitsi/jvb) - the [Jitsi](https://jitsi.org/) Video Bridge component (optional) -- [metio/matrix-alertmanager-receiver](https://hub.docker.com/r/metio/matrix-alertmanager-receiver) - the [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) client for Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) (optional) - -- [element-hq/matrix-authentication-service](https://ghcr.io/element-hq/matrix-authentication-service) - [matrix-authentication-service](https://github.com/element-hq/matrix-authentication-service) (MAS) OAuth 2.0 and OpenID Provider server (optional) - -- [etke.cc/synapse-admin](https://ghcr.io/etkecc/synapse-admin) - the [etkecc/synapse-admin](https://github.com/etkecc/synapse-admin) (a [feature-rich](https://github.com/etkecc/synapse-admin#fork-differences) fork of [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) web UI tool for administrating users and rooms on your Matrix server (optional) - -- [matrix-org/rageshake](https://ghcr.io/matrix-org/rageshake) - the [rageshake](https://github.com/matrix-org/rageshake) bug report server (optional) - -- [prom/prometheus](https://hub.docker.com/r/prom/prometheus/) - [Prometheus](https://github.com/prometheus/prometheus/) is a systems and service monitoring system - -- [prom/node-exporter](https://hub.docker.com/r/prom/node-exporter/) - [Prometheus Node Exporter](https://github.com/prometheus/node_exporter/) is an addon for Prometheus that gathers standard system metrics - -- [martin-helmich/prometheus-nginxlog-exporter/exporter](https://ghcr.io/martin-helmich/prometheus-nginxlog-exporter/exporter) - [NGINX-to-Prometheus log file exporter](https://github.com/martin-helmich/prometheus-nginxlog-exporter/) is an addon for Prometheus that gathers access logs from various nginx reverse-proxies (optional) - -- [grafana/grafana](https://hub.docker.com/r/grafana/grafana/) - [Grafana](https://github.com/grafana/grafana/) is a graphing tool that works well with the above two images. Our playbook also adds two dashboards for [Synapse](https://github.com/element-hq/synapse/tree/master/contrib/grafana) and [Node Exporter](https://github.com/rfrail3/grafana-dashboards) - - [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) - the [Sliding Sync](https://github.com/matrix-org/sliding-sync) proxy (optional) - [etke.cc/rust-synapse-compress-state](https://gitlab.com/etke.cc/rust-synapse-compress-state/container_registry) - [synapse-auto-compressor](https://github.com/matrix-org/rust-synapse-compress-state/#automated-tool-synapse_auto_compressor) for automatic compression of Synapse's `state_groups` database table (optional) From c2859c727ce6c18f5cf458161ac125411add8b6e Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 28 Oct 2024 02:23:56 +0900 Subject: [PATCH 258/404] Update docs/container-images.md: create a table for Misc Signed-off-by: Suguru Hirahara --- docs/container-images.md | 38 ++++++++++++++++---------------------- 1 file changed, 16 insertions(+), 22 deletions(-) diff --git a/docs/container-images.md b/docs/container-images.md index ce0b07151..c23b81d90 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -116,29 +116,23 @@ We try to stick to official images (provided by their respective projects) as mu | [rageshake](configuring-playbook-rageshake.md) | [matrix-org/rageshake](https://ghcr.io/matrix-org/rageshake) | x | Bug report server | | [synapse-usage-exporter](configuring-playbook-synapse-usage-exporter.md) | Self-building | x | Export the usage statistics of a Synapse homeserver to be scraped by Prometheus. | -## Optional other container images we may use +## Misc -These services are not part of our default installation, but can be enabled by [configuring the playbook](configuring-playbook.md) (either before the initial installation or any time later): - -- [etherpad/etherpad](https://hub.docker.com/r/etherpad/etherpad/) - the [Etherpad](https://etherpad.org) realtime collaborative text editor that can be used in a Jitsi audio/video call or integrated as a widget into Matrix chat rooms via the Dimension integration manager (optional) - -- [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal/) - [Matrix Corporal](https://github.com/devture/matrix-corporal): reconciliator and gateway for a managed Matrix server (optional) - -- [jitsi/web](https://hub.docker.com/r/jitsi/web) - the [Jitsi](https://jitsi.org/) web UI (optional) - -- [jitsi/jicofo](https://hub.docker.com/r/jitsi/jicofo) - the [Jitsi](https://jitsi.org/) Focus component (optional) - -- [jitsi/prosody](https://hub.docker.com/r/jitsi/prosody) - the [Jitsi](https://jitsi.org/) Prosody XMPP server component (optional) - -- [jitsi/jvb](https://hub.docker.com/r/jitsi/jvb) - the [Jitsi](https://jitsi.org/) Video Bridge component (optional) - -- [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) - the [Sliding Sync](https://github.com/matrix-org/sliding-sync) proxy (optional) - -- [etke.cc/rust-synapse-compress-state](https://gitlab.com/etke.cc/rust-synapse-compress-state/container_registry) - [synapse-auto-compressor](https://github.com/matrix-org/rust-synapse-compress-state/#automated-tool-synapse_auto_compressor) for automatic compression of Synapse's `state_groups` database table (optional) - -- [cactuscomments/cactus-appservice](https://hub.docker.com/r/cactuscomments/cactus-appservice/) and [joseluisq/static-web-server](https://hub.docker.com/r/joseluisq/static-web-server) - [Cactus Comments](https://cactus.chat) a federated comment system built on Matrix - -- [matrixdotorg/pantalaimon](https://hub.docker.com/r/matrixdotorg/pantalaimon) - the [pantalaimon](https://github.com/matrix-org/pantalaimon) E2EE aware proxy daemon (optional) +| Service | Container image | Default? | Description | +| ------- | --------------- | -------- | ----------- | +| [sliding-sync](configuring-playbook-sliding-sync-proxy.md) | [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) | x | Sliding Sync support for clients which require it (e.g. Element X) | +| [synapse_auto_accept_invite](configuring-playbook-synapse-auto-accept-invite.md) | (N/A) | x | A Synapse module to automatically accept invites. | +| [synapse_auto_compressor](configuring-playbook-synapse-auto-compressor.md) | [etke.cc/rust-synapse-compress-state](https://gitlab.com/etke.cc/rust-synapse-compress-state/container_registry) | x | A cli tool that automatically compresses `state_groups` database table in background. | +| [synapse-simple-antispam](configuring-playbook-synapse-simple-antispam.md) (advanced) | (N/A) | x | A spam checker module | +| [Matrix Corporal](configuring-playbook-matrix-corporal.md) (advanced) | [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal/) | x | Reconciliator and gateway for a managed Matrix server | +| [Etherpad](configuring-playbook-etherpad.md) | [etherpad/etherpad](https://hub.docker.com/r/etherpad/etherpad/) | x | An open source collaborative text editor | +| [Jitsi](configuring-playbook-jitsi.md) | [jitsi/web](https://hub.docker.com/r/jitsi/web) | x | the [Jitsi](https://jitsi.org/) web UI | +| [Jitsi](configuring-playbook-jitsi.md) | [jitsi/jicofo](https://hub.docker.com/r/jitsi/jicofo) | x | the [Jitsi](https://jitsi.org/) Focus component | +| [Jitsi](configuring-playbook-jitsi.md) | [jitsi/prosody](https://hub.docker.com/r/jitsi/prosody) | x | the [Jitsi](https://jitsi.org/) Prosody XMPP server component | +| [Jitsi](configuring-playbook-jitsi.md) | [jitsi/jvb](https://hub.docker.com/r/jitsi/jvb) | x | the [Jitsi](https://jitsi.org/) Video Bridge component | +| [Cactus Comments](configuring-playbook-cactus-comments.md) | [cactuscomments/cactus-appservice](https://hub.docker.com/r/cactuscomments/cactus-appservice/) | x | A federated comment system built on Matrix | +| [Cactus Comments](configuring-playbook-cactus-comments.md) | [joseluisq/static-web-server](https://hub.docker.com/r/joseluisq/static-web-server) | x | A federated comment system built on Matrix | +| [Pantalaimon](configuring-playbook-pantalaimon.md) | [matrixdotorg/pantalaimon](https://hub.docker.com/r/matrixdotorg/pantalaimon) | x | An E2EE aware proxy daemon | ## Container images of deprecated / unmaintained services From 24ab56b1bc6efbb1333bba366d761f2b254b6fd0 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 28 Oct 2024 02:36:46 +0900 Subject: [PATCH 259/404] Update docs/container-images.md: create a table for deprecated or unmaintained services Signed-off-by: Suguru Hirahara --- docs/container-images.md | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/docs/container-images.md b/docs/container-images.md index c23b81d90..5c96be450 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -138,16 +138,12 @@ We try to stick to official images (provided by their respective projects) as mu The list of the deprecated or unmaintained services is available [here](configuring-playbook.md#deprecated--unmaintained--removed-services). -- [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) - the [Appservice Webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge (optional) - -- [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) - the [Dimension](https://dimension.t2bot.io/) integration manager (optional) - -- [matrixdotorg/go-neb](https://hub.docker.com/r/matrixdotorg/go-neb) - the [Go-NEB](https://github.com/matrix-org/go-neb) bot (optional) - -- [matrixgpt/matrix-chatgpt-bot](https://ghcr.io/matrixgpt/matrix-chatgpt-bot) - the [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) for accessing ChatGPT via your favourite Matrix client (optional) - -- [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) - the [mautrix-facebook](https://github.com/mautrix/facebook) bridge to [Facebook](https://facebook.com/) (optional) - -- [mautrix/hangouts](https://mau.dev/mautrix/hangouts/container_registry) - the [mautrix-hangouts](https://github.com/mautrix/hangouts) bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) (optional) - -- [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) - the [mautrix-instagram](https://github.com/mautrix/instagram) bridge to [Instagram](https://instagram.com/) (optional) +| Service | Container image | Default? | Description | +| ------- | --------------- | -------- | ----------- | +| [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md) | [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) | x | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) | +| [Dimension](configuring-playbook-dimension.md) | [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) | x | An open source integration manager for Matrix clients | +| [Go-NEB](configuring-playbook-bot-go-neb.md) | [matrixdotorg/go-neb](https://hub.docker.com/r/matrixdotorg/go-neb) | x | A multi functional bot written in Go | +| [matrix-chatgpt-bot](configuring-playbook-bot-chatgpt.md) | [matrixgpt/matrix-chatgpt-bot](https://ghcr.io/matrixgpt/matrix-chatgpt-bot) | x | Accessing ChatGPT via your favourite Matrix client | +| [mautrix-facebook](configuring-playbook-bridge-mautrix-facebook.md) | [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) | x | Bridge to [Facebook](https://facebook.com/) | +| [mautrix-hangouts](configuring-playbook-bridge-mautrix-hangouts.md) | [mautrix/hangouts](https://mau.dev/mautrix/hangouts/container_registry) | x | Bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) | +| [mautrix-instagram](configuring-playbook-bridge-mautrix-instagram.md) | [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) | x | Bridge to [Instagram](https://instagram.com/) | From 39018f7f4da6f44485a94eb8b2d44c079b5c68b4 Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 1 Nov 2024 19:07:38 +0200 Subject: [PATCH 260/404] borgbackup: fix postgres version detection mechanism --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 90945d393..9e6c5c986 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,7 +4,7 @@ version: v1.0.0-3 name: auxiliary - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git - version: v1.2.8-1.8.13-0 + version: v1.2.8-1.8.13-2 name: backup_borg - src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git version: v0.2.0-0 From 04488f45992c6be414e21d0c6c63e0b1afa0c75b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 2 Nov 2024 13:04:16 +0900 Subject: [PATCH 261/404] Add .github/ISSUE_TEMPLATE/config.yml - Disable blank (without using a template) issue - Add a contact link to the support room on Matrix Signed-off-by: Suguru Hirahara --- .github/ISSUE_TEMPLATE/config.yml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/config.yml diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 000000000..57488385d --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,6 @@ +--- +blank_issues_enabled: false +contact_links: + - name: Support room on Matrix + url: https://matrix.to/#/#matrix-docker-ansible-deploy:devture.com + about: Get timely support from more people by joining our Matrix room. From 94cb9bad32be97846b74ccf75d4219ba5a352372 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 2 Nov 2024 13:09:55 +0900 Subject: [PATCH 262/404] Update .github/renovate.json: add "dependencies" label Signed-off-by: Suguru Hirahara --- .github/renovate.json | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/renovate.json b/.github/renovate.json index 06bf4ade9..f14fed020 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -3,6 +3,7 @@ "extends": [ "config:base" ], + "labels": ["dependencies"], "regexManagers": [ { "fileMatch": ["defaults/main.yml$"], From 6b5c66675a5890481b94a4b74e4b11631fdcfe41 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 2 Nov 2024 13:30:15 +0900 Subject: [PATCH 263/404] Update docs/configuring-playbook-backup-borg.md and docs/configuring-playbook-ntfy.md: fix URLs Remove "/-/" from the URLs, which is a fragment of URLs on GitLab Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-backup-borg.md | 2 +- docs/configuring-playbook-ntfy.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 647ccb945..9beeacb61 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -64,7 +64,7 @@ To backup without encryption, add `backup_borg_encryption: 'none'` to your vars. `backup_borg_location_source_directories` defines the list of directories to back up: it's set to `{{ matrix_base_data_path }}` by default, which is the base directory for every service's data, such as Synapse, Postgres and the bridges. You might want to exclude certain directories or file patterns from the backup using the `backup_borg_location_exclude_patterns` variable. -Check the [backup_borg role](https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg)'s [defaults/main.yml](https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg/-/blob/main/defaults/main.yml) file for the full list of available options. +Check the [backup_borg role](https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg)'s [defaults/main.yml](https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg/blob/main/defaults/main.yml) file for the full list of available options. ## Installing diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index abda19481..27671cd68 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -25,7 +25,7 @@ ntfy_enabled: true # log_level: DEBUG ``` -For a more complete list of variables that you could override, see the [`defaults/main.yml` file](https://github.com/mother-of-all-self-hosting/ansible-role-ntfy/-/blob/main/defaults/main.yml) of the ntfy Ansible role. +For a more complete list of variables that you could override, see the [`defaults/main.yml` file](https://github.com/mother-of-all-self-hosting/ansible-role-ntfy/blob/main/defaults/main.yml) of the ntfy Ansible role. For a complete list of ntfy config options that you could put in `ntfy_configuration_extension_yaml`, see the [ntfy config documentation](https://ntfy.sh/docs/config/#config-options). From 018a8c8fdf9c3a98ec12fb6d91cab5e11150078c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 2 Nov 2024 18:12:20 +0900 Subject: [PATCH 264/404] Update docs/configuring-playbook-s3.md: replace the URL to matrix-media-repo The URL stopped working since some time. Linking to the internal file will keep working as long as the URL is properly managed. Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-s3.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-s3.md b/docs/configuring-playbook-s3.md index 72364e251..3620f70a8 100644 --- a/docs/configuring-playbook-s3.md +++ b/docs/configuring-playbook-s3.md @@ -106,4 +106,4 @@ To set up Synapse to store files in S3, follow the instructions for the method o - using [synapse-s3-storage-provider](configuring-playbook-synapse-s3-storage-provider.md) (recommended) - using [Goofys to mount the S3 store to the local filesystem](configuring-playbook-s3-goofys.md) -- using [matrix-media-repo](https://docs.t2bot.io/matrix-media-repo/configuration/s3-datastore.html) +- using [matrix-media-repo](configuring-playbook-matrix-media-repo.md) From 2ac89b7fb226375f297a1b1aea2e922bf85673db Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 2 Nov 2024 09:23:23 +0000 Subject: [PATCH 265/404] chore(deps): update ghcr.io/etkecc/postmoogle docker tag to v0.9.24 --- roles/custom/matrix-bridge-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-postmoogle/defaults/main.yml b/roles/custom/matrix-bridge-postmoogle/defaults/main.yml index fb18e21f6..58700b913 100644 --- a/roles/custom/matrix-bridge-postmoogle/defaults/main.yml +++ b/roles/custom/matrix-bridge-postmoogle/defaults/main.yml @@ -10,7 +10,7 @@ matrix_postmoogle_docker_repo_version: "{{ 'main' if matrix_postmoogle_version = matrix_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" # renovate: datasource=docker depName=ghcr.io/etkecc/postmoogle -matrix_postmoogle_version: v0.9.23 +matrix_postmoogle_version: v0.9.24 matrix_postmoogle_docker_image: "{{ matrix_postmoogle_docker_image_name_prefix }}etkecc/postmoogle:{{ matrix_postmoogle_version }}" matrix_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_postmoogle_container_image_self_build else 'ghcr.io/' }}" matrix_postmoogle_docker_image_force_pull: "{{ matrix_postmoogle_docker_image.endswith(':latest') }}" From af992fb43bb1e830fdb6ddf3176d4b0b9653bcce Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 2 Nov 2024 13:38:33 +0000 Subject: [PATCH 266/404] chore(deps): update joseluisq/static-web-server docker tag to v2.33.1 --- roles/custom/matrix-cactus-comments-client/defaults/main.yml | 2 +- roles/custom/matrix-static-files/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/custom/matrix-cactus-comments-client/defaults/main.yml b/roles/custom/matrix-cactus-comments-client/defaults/main.yml index f044a0cc8..9e144adce 100644 --- a/roles/custom/matrix-cactus-comments-client/defaults/main.yml +++ b/roles/custom/matrix-cactus-comments-client/defaults/main.yml @@ -13,7 +13,7 @@ matrix_cactus_comments_client_public_path: "{{ matrix_cactus_comments_client_bas matrix_cactus_comments_client_public_path_file_permissions: "0644" # renovate: datasource=docker depName=joseluisq/static-web-server -matrix_cactus_comments_client_version: 2.33.0 +matrix_cactus_comments_client_version: 2.33.1 matrix_cactus_comments_client_container_image: "{{ matrix_container_global_registry_prefix }}joseluisq/static-web-server:{{ matrix_cactus_comments_client_container_image_tag }}" matrix_cactus_comments_client_container_image_tag: "{{ 'latest' if matrix_cactus_comments_client_version == 'latest' else (matrix_cactus_comments_client_version + '-alpine') }}" diff --git a/roles/custom/matrix-static-files/defaults/main.yml b/roles/custom/matrix-static-files/defaults/main.yml index 43cb4e967..105af4447 100644 --- a/roles/custom/matrix-static-files/defaults/main.yml +++ b/roles/custom/matrix-static-files/defaults/main.yml @@ -8,7 +8,7 @@ matrix_static_files_enabled: true matrix_static_files_identifier: matrix-static-files # renovate: datasource=docker depName=joseluisq/static-web-server -matrix_static_files_version: 2.33.0 +matrix_static_files_version: 2.33.1 matrix_static_files_base_path: "{{ matrix_base_data_path }}/{{ 'static-files' if matrix_static_files_identifier == 'matrix-static-files' else matrix_static_files_identifier }}" matrix_static_files_config_path: "{{ matrix_static_files_base_path }}/config" From fd1d3e6bfcf81a61e6461517852301afff9afa00 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 00:38:06 +0900 Subject: [PATCH 267/404] Update docs/configuring-playbook-backup-borg.md (#3724) * Update docs/configuring-playbook-backup-borg.md Signed-off-by: Suguru Hirahara * Reflect the feedback Signed-off-by: Suguru Hirahara --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara --- docs/configuring-playbook-backup-borg.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 9beeacb61..b0bcfe68b 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -10,10 +10,13 @@ The backup will run based on `backup_borg_schedule` var (systemd timer calendar) By default, if you're using the integrated Postgres database server (as opposed to [an external Postgres server](configuring-playbook-external-postgres.md)), backups with BorgBackup will also include dumps of your Postgres database. An alternative solution for backing up the Postgres database is [postgres backup](configuring-playbook-postgres-backup.md). If you decide to go with another solution, you can disable Postgres-backup support for BorgBackup using the `backup_borg_postgresql_enabled` variable. +**Note**: the component is not managed by this repository but its [own repository](https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg). ## Prerequisites -1. Create a new SSH key: +1. If you do not disable Postgres-backup support, make sure that the Postgres version of your homeserver's database is compatible with borgmatic. + +2. Create a new SSH key: ```bash ssh-keygen -t ed25519 -N '' -f matrix-borg-backup -C matrix @@ -21,7 +24,7 @@ By default, if you're using the integrated Postgres database server (as opposed This can be done on any machine and you don't need to place the key in the `.ssh` folder. It will be added to the Ansible config later. -2. Add the **public** part of this SSH key (the `matrix-borg-backup.pub` file) to your BorgBackup provider/server: +3. Add the **public** part of this SSH key (the `matrix-borg-backup.pub` file) to your BorgBackup provider/server: If you plan to use a hosted solution, follow their instructions. If you have your own server, copy the key over: From c6f0b290bcfbc8d9261769e38a3d7fde195066c5 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 8 Oct 2024 21:04:20 +0900 Subject: [PATCH 268/404] Update docs/configuring-playbook-bridge-appservice-webhooks.md Use a common expression for adjusting configuration. As the component has been deprecated, this is purely for future use as a template. Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-webhooks.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md index 538395469..533db001b 100644 --- a/docs/configuring-playbook-bridge-appservice-webhooks.md +++ b/docs/configuring-playbook-bridge-appservice-webhooks.md @@ -8,7 +8,7 @@ Setup Instructions: loosely based on [this](https://github.com/turt2live/matrix-appservice-webhooks/blob/master/README.md) -1. All you basically need is to adjust your `inventory/host_vars/matrix.example.com/vars.yml`: +1. Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_appservice_webhooks_enabled: true From f8c9507ae1c9a396db89a498b6bf4bbd0ff3ac85 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 24 Oct 2024 02:49:07 +0900 Subject: [PATCH 269/404] Update docs/updating-users-passwords.md: triple backticks for syntax highlighting Signed-off-by: Suguru Hirahara --- docs/updating-users-passwords.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/updating-users-passwords.md b/docs/updating-users-passwords.md index 1785a67ca..850937706 100644 --- a/docs/updating-users-passwords.md +++ b/docs/updating-users-passwords.md @@ -23,7 +23,7 @@ docker exec -it matrix-synapse /usr/local/bin/hash_password -c /data/homeserver. and then connecting to the postgres server and executing: -``` +```sql UPDATE users SET password_hash = '' WHERE name = '@someone:example.com' ``` From 1886a8fc4d36da66f21ee671d9d5d0def1775860 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 12:53:12 +0900 Subject: [PATCH 270/404] Update docs/updating-users-passwords.md: fix SQL command Signed-off-by: Suguru Hirahara --- docs/updating-users-passwords.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/updating-users-passwords.md b/docs/updating-users-passwords.md index 850937706..efc2c9b36 100644 --- a/docs/updating-users-passwords.md +++ b/docs/updating-users-passwords.md @@ -24,7 +24,7 @@ docker exec -it matrix-synapse /usr/local/bin/hash_password -c /data/homeserver. and then connecting to the postgres server and executing: ```sql -UPDATE users SET password_hash = '' WHERE name = '@someone:example.com' +UPDATE users SET password_hash = '' WHERE name = '@someone:example.com'; ``` where `` is the hash returned by the docker command above. From 5ef203777f7a1c2b663a219adc7eb302e24694b7 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 16:52:40 +0900 Subject: [PATCH 271/404] =?UTF-8?q?Fix=20capitalization:=20draupnir=20?= =?UTF-8?q?=E2=86=92=20Draupnir?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- ...configuring-playbook-appservice-draupnir-for-all.md | 6 +++--- docs/configuring-playbook-bot-draupnir.md | 10 +++++----- .../defaults/main.yml | 2 +- .../tasks/setup_install.yml | 6 +++--- roles/custom/matrix-bot-draupnir/defaults/main.yml | 2 +- .../custom/matrix-bot-draupnir/tasks/setup_install.yml | 6 +++--- .../matrix-bot-draupnir/templates/production.yaml.j2 | 2 +- 7 files changed, 17 insertions(+), 17 deletions(-) diff --git a/docs/configuring-playbook-appservice-draupnir-for-all.md b/docs/configuring-playbook-appservice-draupnir-for-all.md index a8c703381..59b60e9d5 100644 --- a/docs/configuring-playbook-appservice-draupnir-for-all.md +++ b/docs/configuring-playbook-appservice-draupnir-for-all.md @@ -13,7 +13,7 @@ Draupnir for all is the way to go if you need more than 1 Draupnir instance, but Draupnir for all in the playbook is rate-limit-exempt automatically as its appservice configuration file does not specify any rate limits. -Normal Draupnir does come with the benefit of access to Synapse Admin features. You are also able to more easily customise your normal Draupnir than D4A as D4A even on the branch with the Avatar command (To be Upstreamed to Mainline Draupnir) that command is clunky as it requires the use of things like Element devtools. In normal draupnir this is a quick operation where you login to Draupnir with a normal client and set Avatar and Display name normally. +Normal Draupnir does come with the benefit of access to Synapse Admin features. You are also able to more easily customise your normal Draupnir than D4A as D4A even on the branch with the Avatar command (To be Upstreamed to Mainline Draupnir) that command is clunky as it requires the use of things like Element devtools. In normal Draupnir this is a quick operation where you login to Draupnir with a normal client and set Avatar and Display name normally. Draupnir for all does not support external tooling like [MRU](https://mru.rory.gay) as it can't access Draupnir's user account. @@ -78,13 +78,13 @@ Congratulations if you made it all the way here because you now have a fully wor ### Configuration of D4A -You can refer to the upstream [documentation](https://github.com/the-draupnir-project/Draupnir) for more configuration documentation. Please note that the playbook ships a full copy of the example config that does transfer to provisioned draupnirs in the production-bots.yaml.j2 file in the template directory of the role. +You can refer to the upstream [documentation](https://github.com/the-draupnir-project/Draupnir) for more configuration documentation. Please note that the playbook ships a full copy of the example config that does transfer to provisioned Draupnirs in the production-bots.yaml.j2 file in the template directory of the role. Please note that Config extension does not affect the appservices config as this config is not extensible in current Draupnir anyways. Config extension instead touches the config passed to the Draupnirs that your Appservice creates. So for example below makes all provisioned Draupnirs protect all joined rooms. You can configure additional options by adding the `matrix_appservice_draupnir_for_all_extension_yaml` variable to your `inventory/host_vars/matrix.example.com/vars.yml` file. -For example to change draupnir's `protectAllJoinedRooms` option to `true` you would add the following to your `vars.yml` file. +For example to change Draupnir's `protectAllJoinedRooms` option to `true` you would add the following to your `vars.yml` file. ```yaml matrix_appservice_draupnir_for_all_extension_yaml: | diff --git a/docs/configuring-playbook-bot-draupnir.md b/docs/configuring-playbook-bot-draupnir.md index 5bd9c3df8..533fcc706 100644 --- a/docs/configuring-playbook-bot-draupnir.md +++ b/docs/configuring-playbook-bot-draupnir.md @@ -1,6 +1,6 @@ -# Setting up draupnir (optional) +# Setting up Draupnir (optional) -The playbook can install and configure the [draupnir](https://github.com/the-draupnir-project/Draupnir) moderation bot for you. +The playbook can install and configure the [Draupnir](https://github.com/the-draupnir-project/Draupnir) moderation bot for you. See the project's [documentation](https://github.com/the-draupnir-project/Draupnir) to learn what it does and why it might be useful to you. @@ -23,7 +23,7 @@ You can use the playbook to [register a new user](registering-users.md): ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.draupnir password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user ``` -If you would like draupnir to be able to deactivate users, move aliases, shutdown rooms, show abuse reports ([see below](#abuse-reports)), etc then it must be a server admin so you need to change `admin=no` to `admin=yes` in the command above. +If you would like Draupnir to be able to deactivate users, move aliases, shutdown rooms, show abuse reports ([see below](#abuse-reports)), etc then it must be a server admin so you need to change `admin=no` to `admin=yes` in the command above. ## 2. Get an access token @@ -33,7 +33,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t ## 3. Make sure the account is free from rate limiting -You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step draupnir will crash. This can be done using Synapse's [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). Please ask for help if you are uncomfortable with these steps or run into issues. +You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Draupnir will crash. This can be done using Synapse's [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). Please ask for help if you are uncomfortable with these steps or run into issues. If your Synapse Admin API is exposed to the internet for some reason like running the Synapse Admin Role [Link](/docs/configuring-playbook-synapse-admin.md) or running `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true` in your playbook config. If your API is not externally exposed you should still be able to on the local host for your synapse run these commands. @@ -195,7 +195,7 @@ To **disable a given protection**, send a command like this: `!draupnir disable You can configure additional options by adding the `matrix_bot_draupnir_configuration_extension_yaml` variable to your `inventory/host_vars/matrix.example.com/vars.yml` file. -For example to change draupnir's `recordIgnoredInvites` option to `true` you would add the following to your `vars.yml` file. +For example to change Draupnir's `recordIgnoredInvites` option to `true` you would add the following to your `vars.yml` file. ```yaml matrix_bot_draupnir_configuration_extension_yaml: | diff --git a/roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml b/roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml index 0242edbda..a5680809d 100644 --- a/roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml +++ b/roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml @@ -40,7 +40,7 @@ matrix_appservice_draupnir_for_all_systemd_wanted_services_list: [] # The room ID where people can use the bot. The bot has no access controls, so # anyone in this room can use the bot - secure your room! # This should be a room alias - not a matrix.to URL. -# Note: draupnir is fairly verbose - expect a lot of messages from it. +# Note: Draupnir is fairly verbose - expect a lot of messages from it. # This room is diffrent for Appservice Mode compared to normal mode. # In Appservice mode it provides functions like user management. matrix_appservice_draupnir_for_all_master_control_room_alias: "" diff --git a/roles/custom/matrix-appservice-draupnir-for-all/tasks/setup_install.yml b/roles/custom/matrix-appservice-draupnir-for-all/tasks/setup_install.yml index 1e716f264..6dc2bf95e 100644 --- a/roles/custom/matrix-appservice-draupnir-for-all/tasks/setup_install.yml +++ b/roles/custom/matrix-appservice-draupnir-for-all/tasks/setup_install.yml @@ -17,7 +17,7 @@ - {path: "{{ matrix_appservice_draupnir_for_all_docker_src_files_path }}", when: "{{ matrix_appservice_draupnir_for_all_container_image_self_build }}"} when: "item.when | bool" -- name: Ensure draupnir Docker image is pulled +- name: Ensure Draupnir Docker image is pulled community.docker.docker_image: name: "{{ matrix_appservice_draupnir_for_all_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" @@ -29,7 +29,7 @@ delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed -- name: Ensure draupnir repository is present on self-build +- name: Ensure Draupnir repository is present on self-build ansible.builtin.git: repo: "{{ matrix_appservice_draupnir_for_all_container_image_self_build_repo }}" dest: "{{ matrix_appservice_draupnir_for_all_docker_src_files_path }}" @@ -40,7 +40,7 @@ register: matrix_appservice_draupnir_for_all_git_pull_results when: "matrix_appservice_draupnir_for_all_container_image_self_build | bool" -- name: Ensure draupnir Docker image is built +- name: Ensure Draupnir Docker image is built community.docker.docker_image: name: "{{ matrix_appservice_draupnir_for_all_docker_image }}" source: build diff --git a/roles/custom/matrix-bot-draupnir/defaults/main.yml b/roles/custom/matrix-bot-draupnir/defaults/main.yml index 639632edc..aafdfb129 100644 --- a/roles/custom/matrix-bot-draupnir/defaults/main.yml +++ b/roles/custom/matrix-bot-draupnir/defaults/main.yml @@ -106,7 +106,7 @@ matrix_bot_draupnir_configuration_extension: "{{ matrix_bot_draupnir_configurati # You most likely don't need to touch this variable. Instead, see `matrix_bot_draupnir_configuration_yaml`. matrix_bot_draupnir_configuration: "{{ matrix_bot_draupnir_configuration_yaml | from_yaml | combine(matrix_bot_draupnir_configuration_extension, recursive=True) }}" -# Controls whether labels will be added that redirect the /_matrix/client/../rooms/../report paths to draupnir +# Controls whether labels will be added that redirect the /_matrix/client/../rooms/../report paths to Draupnir # Following these recommendations (https://github.com/element-hq/synapse/blob/master/docs/reverse_proxy.md), by default, we don't. # Regardless of whether this is enabled, it may or may not take effect due to the value of other variables. # See `matrix_synapse_container_labels_traefik_enabled` or `matrix_synapse_container_labels_matrix_related_labels_enabled` diff --git a/roles/custom/matrix-bot-draupnir/tasks/setup_install.yml b/roles/custom/matrix-bot-draupnir/tasks/setup_install.yml index 48fc2039c..0ddf994e7 100644 --- a/roles/custom/matrix-bot-draupnir/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-draupnir/tasks/setup_install.yml @@ -28,7 +28,7 @@ - src: "{{ role_path }}/templates/labels.j2" dest: "{{ matrix_bot_draupnir_base_path }}/labels" -- name: Ensure draupnir Docker image is pulled +- name: Ensure Draupnir Docker image is pulled community.docker.docker_image: name: "{{ matrix_bot_draupnir_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" @@ -40,7 +40,7 @@ delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed -- name: Ensure draupnir repository is present on self-build +- name: Ensure Draupnir repository is present on self-build ansible.builtin.git: repo: "{{ matrix_bot_draupnir_container_image_self_build_repo }}" dest: "{{ matrix_bot_draupnir_docker_src_files_path }}" @@ -51,7 +51,7 @@ register: matrix_bot_draupnir_git_pull_results when: "matrix_bot_draupnir_container_image_self_build | bool" -- name: Ensure draupnir Docker image is built +- name: Ensure Draupnir Docker image is built community.docker.docker_image: name: "{{ matrix_bot_draupnir_docker_image }}" source: build diff --git a/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 b/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 index acb2c508b..90df739cb 100644 --- a/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 +++ b/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 @@ -56,7 +56,7 @@ managementRoom: {{ matrix_bot_draupnir_management_room | to_json }} # Deprecated and will be removed in a future version. # Running with verboseLogging is unsupported. # Whether Draupnir should log a lot more messages in the room, -# mainly involves "all-OK" messages, and debugging messages for when draupnir checks bans in a room. +# mainly involves "all-OK" messages, and debugging messages for when Draupnir checks bans in a room. #verboseLogging: false # The log level of terminal (or container) output, From 55d9aa04c2091a00621d84071a5e04de654ad238 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 13:45:55 +0900 Subject: [PATCH 272/404] Update docs/configuring-playbook.md: remove "optional" from links Setting "optional" is redundant for those entries, as all of them are under the heading "Other configuration options" and it is obvious that those settings are optional. Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 172 +++++++++++++++++------------------ 1 file changed, 86 insertions(+), 86 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 3524a02f1..e98f6313c 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -33,198 +33,198 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Additional useful services -- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) (optional) +- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) -- [Setting up Etherpad](configuring-playbook-etherpad.md) (optional) +- [Setting up Etherpad](configuring-playbook-etherpad.md) -- [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) (optional) +- [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) -- [Enabling metrics and graphs for NginX logs](docs/configuring-playbook-prometheus-nginxlog.md) (optional) +- [Enabling metrics and graphs for NginX logs](docs/configuring-playbook-prometheus-nginxlog.md) -- [Enabling synapse-usage-exporter for Synapse usage statistics](configuring-playbook-synapse-usage-exporter.md) (optional) +- [Enabling synapse-usage-exporter for Synapse usage statistics](configuring-playbook-synapse-usage-exporter.md) ### Core service adjustments - Homeserver configuration: - - [Configuring Synapse](configuring-playbook-synapse.md), if you're going with the default/recommended homeserver implementation (optional) + - [Configuring Synapse](configuring-playbook-synapse.md), if you're going with the default/recommended homeserver implementation - - [Configuring Conduit](configuring-playbook-conduit.md), if you've switched to the [Conduit](https://conduit.rs) homeserver implementation (optional) + - [Configuring Conduit](configuring-playbook-conduit.md), if you've switched to the [Conduit](https://conduit.rs) homeserver implementation - - [Configuring Dendrite](configuring-playbook-dendrite.md), if you've switched to the [Dendrite](https://matrix-org.github.io/dendrite) homeserver implementation (optional) + - [Configuring Dendrite](configuring-playbook-dendrite.md), if you've switched to the [Dendrite](https://matrix-org.github.io/dendrite) homeserver implementation -- [Configuring Element](configuring-playbook-client-element.md) (optional) +- [Configuring Element](configuring-playbook-client-element.md) -- [Storing Matrix media files using matrix-media-repo](configuring-playbook-matrix-media-repo.md) (optional) +- [Storing Matrix media files using matrix-media-repo](configuring-playbook-matrix-media-repo.md) -- [Storing Synapse media files on Amazon S3 or another compatible Object Storage](configuring-playbook-s3.md) (optional) +- [Storing Synapse media files on Amazon S3 or another compatible Object Storage](configuring-playbook-s3.md) -- [Storing Matrix media files on Amazon S3 with Goofys](docs/configuring-playbook-s3-goofys.md) (optional) +- [Storing Matrix media files on Amazon S3 with Goofys](docs/configuring-playbook-s3-goofys.md) -- [Using an external PostgreSQL server](configuring-playbook-external-postgres.md) (optional) +- [Using an external PostgreSQL server](configuring-playbook-external-postgres.md) -- [Adjusting SSL certificate retrieval](configuring-playbook-ssl-certificates.md) (optional, advanced) +- [Adjusting SSL certificate retrieval](configuring-playbook-ssl-certificates.md) (advanced) -- [Serving the base domain](configuring-playbook-base-domain-serving.md) (optional) +- [Serving the base domain](configuring-playbook-base-domain-serving.md) -- [Configuring the Traefik reverse-proxy](configuring-playbook-traefik.md) (optional, advanced) +- [Configuring the Traefik reverse-proxy](configuring-playbook-traefik.md) (advanced) -- [Using your own webserver, instead of this playbook's Traefik reverse-proxy](configuring-playbook-own-webserver.md) (optional, advanced) +- [Using your own webserver, instead of this playbook's Traefik reverse-proxy](configuring-playbook-own-webserver.md) (advanced) -- [Adjusting TURN server configuration](configuring-playbook-turn.md) (optional, advanced) +- [Adjusting TURN server configuration](configuring-playbook-turn.md) (advanced) ### Server connectivity -- [Enabling Telemetry for your Matrix server](configuring-playbook-telemetry.md) (optional) +- [Enabling Telemetry for your Matrix server](configuring-playbook-telemetry.md) -- [Controlling Matrix federation](configuring-playbook-federation.md) (optional) +- [Controlling Matrix federation](configuring-playbook-federation.md) -- [Adjusting email-sending settings](configuring-playbook-email.md) (optional) +- [Adjusting email-sending settings](configuring-playbook-email.md) -- [Setting up Dynamic DNS](configuring-playbook-dynamic-dns.md) (optional) +- [Setting up Dynamic DNS](configuring-playbook-dynamic-dns.md) -- [Setting up Hydrogen](configuring-playbook-client-hydrogen.md) - a new lightweight Matrix client with legacy and mobile browser support (optional) +- [Setting up Hydrogen](configuring-playbook-client-hydrogen.md) - a new lightweight Matrix client with legacy and mobile browser support -- [Setting up Cinny](configuring-playbook-client-cinny.md) - a web client focusing primarily on simple, elegant and secure interface (optional) +- [Setting up Cinny](configuring-playbook-client-cinny.md) - a web client focusing primarily on simple, elegant and secure interface -- [Setting up SchildiChat](configuring-playbook-client-schildichat.md) - a web client based on [Element](https://element.io/) with some extras and tweaks (optional) +- [Setting up SchildiChat](configuring-playbook-client-schildichat.md) - a web client based on [Element](https://element.io/) with some extras and tweaks ### Authentication and user-related -- [Setting up Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md) (Next-generation auth for Matrix, based on OAuth 2.0/OIDC) (optional) +- [Setting up Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md) (Next-generation auth for Matrix, based on OAuth 2.0/OIDC) -- [Setting up Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) (optional) +- [Setting up Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) -- [Setting up ma1sd Identity Server](configuring-playbook-ma1sd.md) (optional) +- [Setting up ma1sd Identity Server](configuring-playbook-ma1sd.md) -- [Setting up Synapse Admin](configuring-playbook-synapse-admin.md) (optional) +- [Setting up Synapse Admin](configuring-playbook-synapse-admin.md) -- [Setting up matrix-registration](configuring-playbook-matrix-registration.md) (optional) +- [Setting up matrix-registration](configuring-playbook-matrix-registration.md) -- [Setting up the REST authentication password provider module](configuring-playbook-rest-auth.md) (optional, advanced) +- [Setting up the REST authentication password provider module](configuring-playbook-rest-auth.md) (advanced) -- [Setting up the Shared Secret Auth password provider module](configuring-playbook-shared-secret-auth.md) (optional, advanced) +- [Setting up the Shared Secret Auth password provider module](configuring-playbook-shared-secret-auth.md) (advanced) -- [Setting up the LDAP authentication password provider module](configuring-playbook-ldap-auth.md) (optional, advanced) +- [Setting up the LDAP authentication password provider module](configuring-playbook-ldap-auth.md) (advanced) -- [Setting up matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) (optional, advanced) +- [Setting up matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) (advanced) -- [Setting up Synapse Simple Antispam](configuring-playbook-synapse-simple-antispam.md) (optional, advanced) +- [Setting up Synapse Simple Antispam](configuring-playbook-synapse-simple-antispam.md) (advanced) -- [Setting up Matrix Corporal](configuring-playbook-matrix-corporal.md) (optional, advanced) +- [Setting up Matrix Corporal](configuring-playbook-matrix-corporal.md) (advanced) -- [Setting up Matrix User Verification Service](configuring-playbook-user-verification-service.md) (optional, advanced) +- [Setting up Matrix User Verification Service](configuring-playbook-user-verification-service.md) (advanced) -- [Setting up Pantalaimon (E2EE aware proxy daemon)](configuring-playbook-pantalaimon.md) (optional, advanced) +- [Setting up Pantalaimon (E2EE aware proxy daemon)](configuring-playbook-pantalaimon.md) (advanced) ### Bridging other networks -- [Setting up Mautrix Discord bridging](configuring-playbook-bridge-mautrix-discord.md) (optional) +- [Setting up Mautrix Discord bridging](configuring-playbook-bridge-mautrix-discord.md) -- [Setting up Mautrix Telegram bridging](configuring-playbook-bridge-mautrix-telegram.md) (optional) +- [Setting up Mautrix Telegram bridging](configuring-playbook-bridge-mautrix-telegram.md) -- [Setting up Mautrix Slack bridging](configuring-playbook-bridge-mautrix-slack.md) (optional) +- [Setting up Mautrix Slack bridging](configuring-playbook-bridge-mautrix-slack.md) -- [Setting up Mautrix Google Messages bridging](configuring-playbook-bridge-mautrix-gmessages.md) (optional) +- [Setting up Mautrix Google Messages bridging](configuring-playbook-bridge-mautrix-gmessages.md) -- [Setting up Mautrix Whatsapp bridging](configuring-playbook-bridge-mautrix-whatsapp.md) (optional) +- [Setting up Mautrix Whatsapp bridging](configuring-playbook-bridge-mautrix-whatsapp.md) -- [Setting up Instagram bridging via Mautrix Meta](configuring-playbook-bridge-mautrix-meta-instagram.md) (optional) +- [Setting up Instagram bridging via Mautrix Meta](configuring-playbook-bridge-mautrix-meta-instagram.md) -- [Setting up Messenger bridging via Mautrix Meta](configuring-playbook-bridge-mautrix-meta-messenger.md) (optional) +- [Setting up Messenger bridging via Mautrix Meta](configuring-playbook-bridge-mautrix-meta-messenger.md) -- [Setting up Mautrix Google Chat bridging](configuring-playbook-bridge-mautrix-googlechat.md) (optional) +- [Setting up Mautrix Google Chat bridging](configuring-playbook-bridge-mautrix-googlechat.md) -- [Setting up Mautrix Twitter bridging](configuring-playbook-bridge-mautrix-twitter.md) (optional) +- [Setting up Mautrix Twitter bridging](configuring-playbook-bridge-mautrix-twitter.md) -- [Setting up Mautrix Signal bridging](configuring-playbook-bridge-mautrix-signal.md) (optional) +- [Setting up Mautrix Signal bridging](configuring-playbook-bridge-mautrix-signal.md) -- [Setting up Mautrix wsproxy for bridging Android SMS or Apple iMessage](configuring-playbook-bridge-mautrix-wsproxy.md) (optional) +- [Setting up Mautrix wsproxy for bridging Android SMS or Apple iMessage](configuring-playbook-bridge-mautrix-wsproxy.md) -- [Setting up Appservice IRC bridging](configuring-playbook-bridge-appservice-irc.md) (optional) +- [Setting up Appservice IRC bridging](configuring-playbook-bridge-appservice-irc.md) -- [Setting up Appservice Discord bridging](configuring-playbook-bridge-appservice-discord.md) (optional) +- [Setting up Appservice Discord bridging](configuring-playbook-bridge-appservice-discord.md) -- [Setting up Appservice Slack bridging](configuring-playbook-bridge-appservice-slack.md) (optional) +- [Setting up Appservice Slack bridging](configuring-playbook-bridge-appservice-slack.md) -- [Setting up Appservice Kakaotalk bridging](configuring-playbook-bridge-appservice-kakaotalk.md) (optional) +- [Setting up Appservice Kakaotalk bridging](configuring-playbook-bridge-appservice-kakaotalk.md) -- [Setting up Beeper LinkedIn bridging](configuring-playbook-bridge-beeper-linkedin.md) (optional) +- [Setting up Beeper LinkedIn bridging](configuring-playbook-bridge-beeper-linkedin.md) -- [Setting up matrix-hookshot](configuring-playbook-bridge-hookshot.md) - a bridge between Matrix and multiple project management services, such as [GitHub](https://github.com), [GitLab](https://about.gitlab.com) and [JIRA](https://www.atlassian.com/software/jira). (optional) +- [Setting up matrix-hookshot](configuring-playbook-bridge-hookshot.md) - a bridge between Matrix and multiple project management services, such as [GitHub](https://github.com), [GitLab](https://about.gitlab.com) and [JIRA](https://www.atlassian.com/software/jira). -- [Setting up MX Puppet Slack bridging](configuring-playbook-bridge-mx-puppet-slack.md) (optional) +- [Setting up MX Puppet Slack bridging](configuring-playbook-bridge-mx-puppet-slack.md) -- [Setting up MX Puppet Instagram bridging](configuring-playbook-bridge-mx-puppet-instagram.md) (optional) +- [Setting up MX Puppet Instagram bridging](configuring-playbook-bridge-mx-puppet-instagram.md) -- [Setting up MX Puppet Twitter bridging](configuring-playbook-bridge-mx-puppet-twitter.md) (optional) +- [Setting up MX Puppet Twitter bridging](configuring-playbook-bridge-mx-puppet-twitter.md) -- [Setting up MX Puppet Discord bridging](configuring-playbook-bridge-mx-puppet-discord.md) (optional) +- [Setting up MX Puppet Discord bridging](configuring-playbook-bridge-mx-puppet-discord.md) -- [Setting up MX Puppet GroupMe bridging](configuring-playbook-bridge-mx-puppet-groupme.md) (optional) +- [Setting up MX Puppet GroupMe bridging](configuring-playbook-bridge-mx-puppet-groupme.md) -- [Setting up MX Puppet Steam bridging](configuring-playbook-bridge-mx-puppet-steam.md) (optional) +- [Setting up MX Puppet Steam bridging](configuring-playbook-bridge-mx-puppet-steam.md) -- [Setting up Go Skype Bridge bridging](configuring-playbook-bridge-go-skype-bridge.md) (optional) +- [Setting up Go Skype Bridge bridging](configuring-playbook-bridge-go-skype-bridge.md) -- [Setting up Email2Matrix](configuring-playbook-email2matrix.md) (optional) +- [Setting up Email2Matrix](configuring-playbook-email2matrix.md) -- [Setting up Postmoogle email bridging](configuring-playbook-bridge-postmoogle.md) (optional) +- [Setting up Postmoogle email bridging](configuring-playbook-bridge-postmoogle.md) -- [Setting up Matrix SMS bridging](configuring-playbook-bridge-matrix-bridge-sms.md) (optional) +- [Setting up Matrix SMS bridging](configuring-playbook-bridge-matrix-bridge-sms.md) -- [Setting up Heisenbridge bouncer-style IRC bridging](configuring-playbook-bridge-heisenbridge.md) (optional) +- [Setting up Heisenbridge bouncer-style IRC bridging](configuring-playbook-bridge-heisenbridge.md) -- [Setting up WeChat bridging](configuring-playbook-bridge-wechat.md) (optional) +- [Setting up WeChat bridging](configuring-playbook-bridge-wechat.md) ### Bots -- [Setting up baibot](configuring-playbook-bot-baibot.md) - a bot through which you can talk to various [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) services ([OpenAI](https://openai.com/)'s [ChatGPT](https://openai.com/blog/chatgpt/) and [others](https://github.com/etkecc/baibot/blob/main/docs/providers.md)) (optional) +- [Setting up baibot](configuring-playbook-bot-baibot.md) - a bot through which you can talk to various [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) services ([OpenAI](https://openai.com/)'s [ChatGPT](https://openai.com/blog/chatgpt/) and [others](https://github.com/etkecc/baibot/blob/main/docs/providers.md)) -- [Setting up matrix-reminder-bot](configuring-playbook-bot-matrix-reminder-bot.md) - a bot to remind you about stuff (optional) +- [Setting up matrix-reminder-bot](configuring-playbook-bot-matrix-reminder-bot.md) - a bot to remind you about stuff -- [Setting up matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md) - a bot to create and manage registration tokens to invite users (optional) +- [Setting up matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md) - a bot to create and manage registration tokens to invite users -- [Setting up maubot](configuring-playbook-bot-maubot.md) - a plugin-based Matrix bot system (optional) +- [Setting up maubot](configuring-playbook-bot-maubot.md) - a plugin-based Matrix bot system -- [Setting up Honoroit](configuring-playbook-bot-honoroit.md) - a helpdesk bot (optional) +- [Setting up Honoroit](configuring-playbook-bot-honoroit.md) - a helpdesk bot -- [Setting up Mjolnir](configuring-playbook-bot-mjolnir.md) - a moderation tool/bot (optional) +- [Setting up Mjolnir](configuring-playbook-bot-mjolnir.md) - a moderation tool/bot -- [Setting up Draupnir](configuring-playbook-bot-draupnir.md) - a moderation tool/bot, forked from Mjolnir and maintained by its former leader developer (optional) +- [Setting up Draupnir](configuring-playbook-bot-draupnir.md) - a moderation tool/bot, forked from Mjolnir and maintained by its former leader developer -- [Setting up Draupnir for all/D4A](configuring-playbook-appservice-draupnir-for-all.md) - like the [Draupnir bot](configuring-playbook-bot-draupnir.md) mentioned above, but running in appservice mode and supporting multiple instances (optional) +- [Setting up Draupnir for all/D4A](configuring-playbook-appservice-draupnir-for-all.md) - like the [Draupnir bot](configuring-playbook-bot-draupnir.md) mentioned above, but running in appservice mode and supporting multiple instances -- [Setting up Buscarron](configuring-playbook-bot-buscarron.md) - a bot you can use to send any form (HTTP POST, HTML) to a (encrypted) Matrix room (optional) +- [Setting up Buscarron](configuring-playbook-bot-buscarron.md) - a bot you can use to send any form (HTTP POST, HTML) to a (encrypted) Matrix room ### Backups -- [Setting up BorgBackup](configuring-playbook-backup-borg.md) - a full Matrix server backup solution, including the Postgres database (optional) +- [Setting up BorgBackup](configuring-playbook-backup-borg.md) - a full Matrix server backup solution, including the Postgres database -- [Setting up postgres backup](configuring-playbook-postgres-backup.md) - a Postgres-database backup solution (note: does not include other files) (optional) +- [Setting up postgres backup](configuring-playbook-postgres-backup.md) - a Postgres-database backup solution (note: does not include other files) ### Other specialized services -- [Setting up synapse-auto-compressor](configuring-playbook-synapse-auto-compressor.md) for compressing the database on Synapse homeservers (optional) +- [Setting up synapse-auto-compressor](configuring-playbook-synapse-auto-compressor.md) for compressing the database on Synapse homeservers -- [Setting up Synapse Auto Invite Accept](configuring-playbook-synapse-auto-accept-invite.md) (optional) +- [Setting up Synapse Auto Invite Accept](configuring-playbook-synapse-auto-accept-invite.md) -- [Setting up the Sliding Sync proxy](configuring-playbook-sliding-sync-proxy.md) for clients which require Sliding Sync support (like Element X) (optional) +- [Setting up the Sliding Sync proxy](configuring-playbook-sliding-sync-proxy.md) for clients which require Sliding Sync support (like Element X) -- [Setting up the Sygnal push gateway](configuring-playbook-sygnal.md) (optional) +- [Setting up the Sygnal push gateway](configuring-playbook-sygnal.md) -- [Setting up the ntfy push notifications server](configuring-playbook-ntfy.md) (optional) +- [Setting up the ntfy push notifications server](configuring-playbook-ntfy.md) -- [Setting up Cactus Comments](configuring-playbook-cactus-comments.md) - a federated comment system built on Matrix (optional) +- [Setting up Cactus Comments](configuring-playbook-cactus-comments.md) - a federated comment system built on Matrix -- [Setting up the rageshake bug report server](configuring-playbook-rageshake.md) (optional) +- [Setting up the rageshake bug report server](configuring-playbook-rageshake.md) -- [Setting up Prometheus Alertmanager integration via matrix-alertmanager-receiver](configuring-playbook-alertmanager-receiver.md) (optional) +- [Setting up Prometheus Alertmanager integration via matrix-alertmanager-receiver](configuring-playbook-alertmanager-receiver.md) ### Deprecated / unmaintained / removed services From 6e92a5da3f0beb96e9f19aae05aa124f4ed04b27 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 13:52:13 +0900 Subject: [PATCH 273/404] Update docs/configuring-playbook.md: move "Core service adjustments" section up Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index e98f6313c..468354a96 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -31,18 +31,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins ## Other configuration options -### Additional useful services - -- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) - -- [Setting up Etherpad](configuring-playbook-etherpad.md) - -- [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) - -- [Enabling metrics and graphs for NginX logs](docs/configuring-playbook-prometheus-nginxlog.md) - -- [Enabling synapse-usage-exporter for Synapse usage statistics](configuring-playbook-synapse-usage-exporter.md) - ### Core service adjustments - Homeserver configuration: @@ -72,6 +60,17 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Adjusting TURN server configuration](configuring-playbook-turn.md) (advanced) +### Additional useful services + +- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) + +- [Setting up Etherpad](configuring-playbook-etherpad.md) + +- [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) + +- [Enabling metrics and graphs for NginX logs](docs/configuring-playbook-prometheus-nginxlog.md) + +- [Enabling synapse-usage-exporter for Synapse usage statistics](configuring-playbook-synapse-usage-exporter.md) ### Server connectivity From 7511b3d3ea307faf8fdcd9f7676bb4a0764647a8 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 13:59:15 +0900 Subject: [PATCH 274/404] Update docs/configuring-playbook.md: create a section "Clients" Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 468354a96..b11f214c0 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -40,8 +40,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Configuring Dendrite](configuring-playbook-dendrite.md), if you've switched to the [Dendrite](https://matrix-org.github.io/dendrite) homeserver implementation -- [Configuring Element](configuring-playbook-client-element.md) - - [Storing Matrix media files using matrix-media-repo](configuring-playbook-matrix-media-repo.md) - [Storing Synapse media files on Amazon S3 or another compatible Object Storage](configuring-playbook-s3.md) @@ -60,6 +58,16 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Adjusting TURN server configuration](configuring-playbook-turn.md) (advanced) +### Clients + +- [Configuring Element](configuring-playbook-client-element.md), if you're going with the default/recommended client + +- [Setting up Hydrogen](configuring-playbook-client-hydrogen.md), if you've enabled [Hydrogen](https://github.com/element-hq/hydrogen-web), a lightweight Matrix client with legacy and mobile browser support + +- [Setting up Cinny](configuring-playbook-client-cinny.md), if you've enabled [Cinny](https://github.com/ajbura/cinny), a web client focusing primarily on simple, elegant and secure interface + +- [Setting up SchildiChat](configuring-playbook-client-schildichat.md), if you've enabled [SchildiChat](https://schildi.chat/), a web client based on [Element](https://element.io/) with some extras and tweaks + ### Additional useful services - [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) @@ -82,13 +90,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Dynamic DNS](configuring-playbook-dynamic-dns.md) -- [Setting up Hydrogen](configuring-playbook-client-hydrogen.md) - a new lightweight Matrix client with legacy and mobile browser support - -- [Setting up Cinny](configuring-playbook-client-cinny.md) - a web client focusing primarily on simple, elegant and secure interface - -- [Setting up SchildiChat](configuring-playbook-client-schildichat.md) - a web client based on [Element](https://element.io/) with some extras and tweaks - - ### Authentication and user-related - [Setting up Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md) (Next-generation auth for Matrix, based on OAuth 2.0/OIDC) From c404995456e477e2289f44334203d9071ee7ac38 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 14:13:11 +0900 Subject: [PATCH 275/404] Update docs/configuring-playbook.md: create a list for server components based on the table on README.md Also: update README.md and docs/container-images.md Move Sygnal and ntfy from "Server Components" to "Misc", following the existing categorization on docs/configuring-playbook.md where they are categorized as "Other specialzed services". This categorization makes more sense as they are not really services which make the components on the server work (per README.md) Signed-off-by: Suguru Hirahara --- README.md | 4 ++-- docs/configuring-playbook.md | 33 +++++++++++++++++---------------- docs/container-images.md | 4 ++-- 3 files changed, 21 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 09b46f4a4..0bd304e43 100644 --- a/README.md +++ b/README.md @@ -66,8 +66,6 @@ Services that run on the server to make the various parts of your installation w | [ma1sd](https://github.com/ma1uta/ma1sd) | x | Matrix Identity Server | [Link](docs/configuring-playbook-ma1sd.md) | [Exim](https://www.exim.org/) | ✓ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | [Link](docs/configuring-playbook-email.md) | | [ddclient](https://github.com/linuxserver/docker-ddclient) | x | Dynamic DNS | [Link](docs/configuring-playbook-dynamic-dns.md) | -| [Sygnal](https://github.com/matrix-org/sygnal) | x | Push gateway | [Link](docs/configuring-playbook-sygnal.md) | -| [ntfy](https://ntfy.sh) | x | Push notifications server | [Link](docs/configuring-playbook-ntfy.md) | ### Authentication @@ -175,6 +173,8 @@ Various services that don't fit any other category. | [Jitsi](https://jitsi.org/) | x | An open source video-conferencing platform | [Link](docs/configuring-playbook-jitsi.md) | | [Cactus Comments](https://cactus.chat) | x | A federated comment system built on Matrix | [Link](docs/configuring-playbook-cactus-comments.md) | | [Pantalaimon](https://github.com/matrix-org/pantalaimon) | x | An E2EE aware proxy daemon | [Link](docs/configuring-playbook-pantalaimon.md) | +| [Sygnal](https://github.com/matrix-org/sygnal) | x | Push gateway | [Link](docs/configuring-playbook-sygnal.md) | +| [ntfy](https://ntfy.sh) | x | Push notifications server | [Link](docs/configuring-playbook-ntfy.md) | ## Installation diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index b11f214c0..411b09ca4 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -40,24 +40,31 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Configuring Dendrite](configuring-playbook-dendrite.md), if you've switched to the [Dendrite](https://matrix-org.github.io/dendrite) homeserver implementation +- Server components: + - [Using an external PostgreSQL server](configuring-playbook-external-postgres.md) + + - [Adjusting TURN server configuration](configuring-playbook-turn.md) (advanced) + + - [Configuring the Traefik reverse-proxy](configuring-playbook-traefik.md) (advanced) + + - [Using your own webserver, instead of this playbook's Traefik reverse-proxy](configuring-playbook-own-webserver.md) (advanced) + + - [Adjusting SSL certificate retrieval](configuring-playbook-ssl-certificates.md) (advanced) + + - [Adjusting email-sending settings](configuring-playbook-email.md) + + - [Setting up ma1sd Identity Server](configuring-playbook-ma1sd.md) + + - [Setting up Dynamic DNS](configuring-playbook-dynamic-dns.md) + - [Storing Matrix media files using matrix-media-repo](configuring-playbook-matrix-media-repo.md) - [Storing Synapse media files on Amazon S3 or another compatible Object Storage](configuring-playbook-s3.md) - [Storing Matrix media files on Amazon S3 with Goofys](docs/configuring-playbook-s3-goofys.md) -- [Using an external PostgreSQL server](configuring-playbook-external-postgres.md) - -- [Adjusting SSL certificate retrieval](configuring-playbook-ssl-certificates.md) (advanced) - - [Serving the base domain](configuring-playbook-base-domain-serving.md) -- [Configuring the Traefik reverse-proxy](configuring-playbook-traefik.md) (advanced) - -- [Using your own webserver, instead of this playbook's Traefik reverse-proxy](configuring-playbook-own-webserver.md) (advanced) - -- [Adjusting TURN server configuration](configuring-playbook-turn.md) (advanced) - ### Clients - [Configuring Element](configuring-playbook-client-element.md), if you're going with the default/recommended client @@ -86,18 +93,12 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Controlling Matrix federation](configuring-playbook-federation.md) -- [Adjusting email-sending settings](configuring-playbook-email.md) - -- [Setting up Dynamic DNS](configuring-playbook-dynamic-dns.md) - ### Authentication and user-related - [Setting up Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md) (Next-generation auth for Matrix, based on OAuth 2.0/OIDC) - [Setting up Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) -- [Setting up ma1sd Identity Server](configuring-playbook-ma1sd.md) - - [Setting up Synapse Admin](configuring-playbook-synapse-admin.md) - [Setting up matrix-registration](configuring-playbook-matrix-registration.md) diff --git a/docs/container-images.md b/docs/container-images.md index 5c96be450..8f4c2aa0d 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -33,8 +33,6 @@ We try to stick to official images (provided by their respective projects) as mu | [ma1sd](configuring-playbook-ma1sd.md) | [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) | x | Matrix Identity Server | | [Exim](configuring-playbook-email.md) | [devture/exim-relay](https://hub.docker.com/r/devture/exim-relay/) | ✓ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | | [ddclient](configuring-playbook-dynamic-dns.md) | [linuxserver/ddclient](https://hub.docker.com/r/linuxserver/ddclient) | x | Update dynamic DNS entries for accounts on Dynamic DNS Network Service Provider | -| [Sygnal](configuring-playbook-sygnal.md) | [matrixdotorg/sygnal](https://hub.docker.com/r/matrixdotorg/sygnal/) | x | Reference Push Gateway for Matrix | -| [ntfy](configuring-playbook-ntfy.md) | [binwiederhier/ntfy](https://hub.docker.com/r/binwiederhier/ntfy/) | x | Self-hosted, UnifiedPush-compatible push notifications server | ## Authentication @@ -133,6 +131,8 @@ We try to stick to official images (provided by their respective projects) as mu | [Cactus Comments](configuring-playbook-cactus-comments.md) | [cactuscomments/cactus-appservice](https://hub.docker.com/r/cactuscomments/cactus-appservice/) | x | A federated comment system built on Matrix | | [Cactus Comments](configuring-playbook-cactus-comments.md) | [joseluisq/static-web-server](https://hub.docker.com/r/joseluisq/static-web-server) | x | A federated comment system built on Matrix | | [Pantalaimon](configuring-playbook-pantalaimon.md) | [matrixdotorg/pantalaimon](https://hub.docker.com/r/matrixdotorg/pantalaimon) | x | An E2EE aware proxy daemon | +| [Sygnal](configuring-playbook-sygnal.md) | [matrixdotorg/sygnal](https://hub.docker.com/r/matrixdotorg/sygnal/) | x | Reference Push Gateway for Matrix | +| [ntfy](configuring-playbook-ntfy.md) | [binwiederhier/ntfy](https://hub.docker.com/r/binwiederhier/ntfy/) | x | Self-hosted, UnifiedPush-compatible push notifications server | ## Container images of deprecated / unmaintained services From 15fd33fb45aca6cf51e194c6733eb14787e53056 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 14:16:31 +0900 Subject: [PATCH 276/404] Update docs/configuring-playbook.md: merge "Server connectivity" section to "Core service adjustments" section Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 411b09ca4..7d1e99a3e 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -57,6 +57,11 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Dynamic DNS](configuring-playbook-dynamic-dns.md) +- Server connectivity: + - [Enabling Telemetry for your Matrix server](configuring-playbook-telemetry.md) + + - [Controlling Matrix federation](configuring-playbook-federation.md) + - [Storing Matrix media files using matrix-media-repo](configuring-playbook-matrix-media-repo.md) - [Storing Synapse media files on Amazon S3 or another compatible Object Storage](configuring-playbook-s3.md) @@ -87,12 +92,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Enabling synapse-usage-exporter for Synapse usage statistics](configuring-playbook-synapse-usage-exporter.md) -### Server connectivity - -- [Enabling Telemetry for your Matrix server](configuring-playbook-telemetry.md) - -- [Controlling Matrix federation](configuring-playbook-federation.md) - ### Authentication and user-related - [Setting up Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md) (Next-generation auth for Matrix, based on OAuth 2.0/OIDC) From eaeb2f99b51795644d378611c0984dd7457b725e Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 14:17:47 +0900 Subject: [PATCH 277/404] Update docs/configuring-playbook.md: move "Authentication and user-related" section up Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 7d1e99a3e..6db119c8d 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -80,18 +80,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up SchildiChat](configuring-playbook-client-schildichat.md), if you've enabled [SchildiChat](https://schildi.chat/), a web client based on [Element](https://element.io/) with some extras and tweaks -### Additional useful services - -- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) - -- [Setting up Etherpad](configuring-playbook-etherpad.md) - -- [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) - -- [Enabling metrics and graphs for NginX logs](docs/configuring-playbook-prometheus-nginxlog.md) - -- [Enabling synapse-usage-exporter for Synapse usage statistics](configuring-playbook-synapse-usage-exporter.md) - ### Authentication and user-related - [Setting up Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md) (Next-generation auth for Matrix, based on OAuth 2.0/OIDC) @@ -118,6 +106,17 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Pantalaimon (E2EE aware proxy daemon)](configuring-playbook-pantalaimon.md) (advanced) +### Additional useful services + +- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) + +- [Setting up Etherpad](configuring-playbook-etherpad.md) + +- [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) + +- [Enabling metrics and graphs for NginX logs](docs/configuring-playbook-prometheus-nginxlog.md) + +- [Enabling synapse-usage-exporter for Synapse usage statistics](configuring-playbook-synapse-usage-exporter.md) ### Bridging other networks From 2376821722c9912dc7fe3625bd82541f7a80afe6 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 14:19:15 +0900 Subject: [PATCH 278/404] Update docs/configuring-playbook.md: create "File Storage" section under "Authentication and user-related" section This basically follows the order of the tables on README.md Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 6db119c8d..837596b00 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -62,12 +62,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Controlling Matrix federation](configuring-playbook-federation.md) -- [Storing Matrix media files using matrix-media-repo](configuring-playbook-matrix-media-repo.md) - -- [Storing Synapse media files on Amazon S3 or another compatible Object Storage](configuring-playbook-s3.md) - -- [Storing Matrix media files on Amazon S3 with Goofys](docs/configuring-playbook-s3-goofys.md) - - [Serving the base domain](configuring-playbook-base-domain-serving.md) ### Clients @@ -106,6 +100,15 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Pantalaimon (E2EE aware proxy daemon)](configuring-playbook-pantalaimon.md) (advanced) +### File Storage + +- [Storing Matrix media files on Amazon S3 with Goofys](docs/configuring-playbook-s3-goofys.md) + +- [Storing Synapse media files on Amazon S3 or another compatible Object Storage](configuring-playbook-s3.md) + +- [Storing Matrix media files using matrix-media-repo](configuring-playbook-matrix-media-repo.md) + + ### Additional useful services - [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) From d630668f46ec881f8efedb6ac1aa137ec46a96a2 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 14:21:11 +0900 Subject: [PATCH 279/404] Update docs/configuring-playbook.md: move "Additional useful services" section down under "Bots" section Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 837596b00..77466eac1 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -108,19 +108,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Storing Matrix media files using matrix-media-repo](configuring-playbook-matrix-media-repo.md) - -### Additional useful services - -- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) - -- [Setting up Etherpad](configuring-playbook-etherpad.md) - -- [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) - -- [Enabling metrics and graphs for NginX logs](docs/configuring-playbook-prometheus-nginxlog.md) - -- [Enabling synapse-usage-exporter for Synapse usage statistics](configuring-playbook-synapse-usage-exporter.md) - ### Bridging other networks - [Setting up Mautrix Discord bridging](configuring-playbook-bridge-mautrix-discord.md) @@ -202,6 +189,17 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Buscarron](configuring-playbook-bot-buscarron.md) - a bot you can use to send any form (HTTP POST, HTML) to a (encrypted) Matrix room +### Additional useful services + +- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) + +- [Setting up Etherpad](configuring-playbook-etherpad.md) + +- [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) + +- [Enabling metrics and graphs for NginX logs](docs/configuring-playbook-prometheus-nginxlog.md) + +- [Enabling synapse-usage-exporter for Synapse usage statistics](configuring-playbook-synapse-usage-exporter.md) ### Backups From 69273b30e4f43fab257f8dec6ddaf12c59d026e8 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 14:24:41 +0900 Subject: [PATCH 280/404] Update docs/configuring-playbook.md: create "Administration" section Reorganize "Additional useful services" section and "Other specialized services" section Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 77466eac1..c5b9a8f08 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -189,27 +189,29 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Buscarron](configuring-playbook-bot-buscarron.md) - a bot you can use to send any form (HTTP POST, HTML) to a (encrypted) Matrix room -### Additional useful services +### Administration -- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) - -- [Setting up Etherpad](configuring-playbook-etherpad.md) +- [Setting up Prometheus Alertmanager integration via matrix-alertmanager-receiver](configuring-playbook-alertmanager-receiver.md) - [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) - [Enabling metrics and graphs for NginX logs](docs/configuring-playbook-prometheus-nginxlog.md) +- [Setting up the rageshake bug report server](configuring-playbook-rageshake.md) + - [Enabling synapse-usage-exporter for Synapse usage statistics](configuring-playbook-synapse-usage-exporter.md) -### Backups - -- [Setting up BorgBackup](configuring-playbook-backup-borg.md) - a full Matrix server backup solution, including the Postgres database - -- [Setting up postgres backup](configuring-playbook-postgres-backup.md) - a Postgres-database backup solution (note: does not include other files) +- Backups: + - [Setting up BorgBackup](configuring-playbook-backup-borg.md) - a full Matrix server backup solution, including the Postgres database + - [Setting up postgres backup](configuring-playbook-postgres-backup.md) - a Postgres-database backup solution (note: does not include other files) ### Other specialized services +- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) + +- [Setting up Etherpad](configuring-playbook-etherpad.md) + - [Setting up synapse-auto-compressor](configuring-playbook-synapse-auto-compressor.md) for compressing the database on Synapse homeservers - [Setting up Synapse Auto Invite Accept](configuring-playbook-synapse-auto-accept-invite.md) @@ -222,10 +224,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Cactus Comments](configuring-playbook-cactus-comments.md) - a federated comment system built on Matrix -- [Setting up the rageshake bug report server](configuring-playbook-rageshake.md) - -- [Setting up Prometheus Alertmanager integration via matrix-alertmanager-receiver](configuring-playbook-alertmanager-receiver.md) - ### Deprecated / unmaintained / removed services **Note**: since a deprecated or unmaintained service will not be updated, its bug or vulnerability will be unlikely to get patched. It is recommended to migrate from the service to an alternative if any, and make sure to do your own research before you decide to keep it running nonetheless. From 16104b6e5760d30b8ce15ffd7826a4ee35c78188 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 14:34:26 +0900 Subject: [PATCH 281/404] Update docs/configuring-playbook.md: move entries to "Other specialized services" section These entries are ones categorized under "Misc" section on README.md Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index c5b9a8f08..4ab44549b 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -94,12 +94,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Synapse Simple Antispam](configuring-playbook-synapse-simple-antispam.md) (advanced) -- [Setting up Matrix Corporal](configuring-playbook-matrix-corporal.md) (advanced) - - [Setting up Matrix User Verification Service](configuring-playbook-user-verification-service.md) (advanced) -- [Setting up Pantalaimon (E2EE aware proxy daemon)](configuring-playbook-pantalaimon.md) (advanced) - ### File Storage - [Storing Matrix media files on Amazon S3 with Goofys](docs/configuring-playbook-s3-goofys.md) @@ -208,22 +204,26 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Other specialized services -- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) - -- [Setting up Etherpad](configuring-playbook-etherpad.md) - -- [Setting up synapse-auto-compressor](configuring-playbook-synapse-auto-compressor.md) for compressing the database on Synapse homeservers +- [Setting up the Sliding Sync proxy](configuring-playbook-sliding-sync-proxy.md) for clients which require Sliding Sync support (like Element X) - [Setting up Synapse Auto Invite Accept](configuring-playbook-synapse-auto-accept-invite.md) -- [Setting up the Sliding Sync proxy](configuring-playbook-sliding-sync-proxy.md) for clients which require Sliding Sync support (like Element X) +- [Setting up synapse-auto-compressor](configuring-playbook-synapse-auto-compressor.md) for compressing the database on Synapse homeservers + +- [Setting up Matrix Corporal](configuring-playbook-matrix-corporal.md) (advanced) + +- [Setting up Etherpad](configuring-playbook-etherpad.md) + +- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) + +- [Setting up Cactus Comments](configuring-playbook-cactus-comments.md) - a federated comment system built on Matrix + +- [Setting up Pantalaimon (E2EE aware proxy daemon)](configuring-playbook-pantalaimon.md) (advanced) - [Setting up the Sygnal push gateway](configuring-playbook-sygnal.md) - [Setting up the ntfy push notifications server](configuring-playbook-ntfy.md) -- [Setting up Cactus Comments](configuring-playbook-cactus-comments.md) - a federated comment system built on Matrix - ### Deprecated / unmaintained / removed services **Note**: since a deprecated or unmaintained service will not be updated, its bug or vulnerability will be unlikely to get patched. It is recommended to migrate from the service to an alternative if any, and make sure to do your own research before you decide to keep it running nonetheless. From 68b8f1137ff9608ddf097654c0895f0ecc586db8 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 14:48:34 +0900 Subject: [PATCH 282/404] Update docs/configuring-playbook.md and docs/container-images.md: add explanations to each section These sentences are copied from README.md Signed-off-by: Suguru Hirahara --- README.md | 2 +- docs/configuring-playbook.md | 14 ++++++++++++++ docs/container-images.md | 16 ++++++++++++++++ 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 0bd304e43..d6f16d5eb 100644 --- a/README.md +++ b/README.md @@ -160,7 +160,7 @@ Services that help you in administrating and monitoring your Matrix installation ### Misc -Various services that don't fit any other category. +Various services that don't fit any other categories. | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 4ab44549b..40bf3603e 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -66,6 +66,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Clients +Web clients for Matrix that you can host on your own domains. + - [Configuring Element](configuring-playbook-client-element.md), if you're going with the default/recommended client - [Setting up Hydrogen](configuring-playbook-client-hydrogen.md), if you've enabled [Hydrogen](https://github.com/element-hq/hydrogen-web), a lightweight Matrix client with legacy and mobile browser support @@ -76,6 +78,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Authentication and user-related +Extend and modify how users are authenticated on your homeserver. + - [Setting up Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md) (Next-generation auth for Matrix, based on OAuth 2.0/OIDC) - [Setting up Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) @@ -98,6 +102,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### File Storage +Use alternative file storage to the default `media_store` folder. + - [Storing Matrix media files on Amazon S3 with Goofys](docs/configuring-playbook-s3-goofys.md) - [Storing Synapse media files on Amazon S3 or another compatible Object Storage](configuring-playbook-s3.md) @@ -106,6 +112,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Bridging other networks +Bridges can be used to connect your Matrix installation with third-party communication networks. + - [Setting up Mautrix Discord bridging](configuring-playbook-bridge-mautrix-discord.md) - [Setting up Mautrix Telegram bridging](configuring-playbook-bridge-mautrix-telegram.md) @@ -167,6 +175,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Bots +Bots provide various additional functionality to your installation. + - [Setting up baibot](configuring-playbook-bot-baibot.md) - a bot through which you can talk to various [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) services ([OpenAI](https://openai.com/)'s [ChatGPT](https://openai.com/blog/chatgpt/) and [others](https://github.com/etkecc/baibot/blob/main/docs/providers.md)) - [Setting up matrix-reminder-bot](configuring-playbook-bot-matrix-reminder-bot.md) - a bot to remind you about stuff @@ -187,6 +197,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Administration +Services that help you in administrating and monitoring your Matrix installation. + - [Setting up Prometheus Alertmanager integration via matrix-alertmanager-receiver](configuring-playbook-alertmanager-receiver.md) - [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) @@ -204,6 +216,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Other specialized services +Various services that don't fit any other categories. + - [Setting up the Sliding Sync proxy](configuring-playbook-sliding-sync-proxy.md) for clients which require Sliding Sync support (like Element X) - [Setting up Synapse Auto Invite Accept](configuring-playbook-synapse-auto-accept-invite.md) diff --git a/docs/container-images.md b/docs/container-images.md index 8f4c2aa0d..ff7395294 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -15,6 +15,8 @@ We try to stick to official images (provided by their respective projects) as mu ## Clients +Web clients for Matrix that you can host on your own domains. + | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | | [Element](configuring-playbook-client-element.md) | [vectorim/element-web](https://hub.docker.com/r/vectorim/element-web/) | ✓ | Web UI, which is configured to connect to your own Synapse server by default | @@ -24,6 +26,8 @@ We try to stick to official images (provided by their respective projects) as mu ## Server Components +Services that run on the server to make the various parts of your installation work. + | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | | [PostgreSQL](configuring-playbook-external-postgres.md) | [postgres](https://hub.docker.com/_/postgres/) | ✓ | Database for Synapse. [Using an external PostgreSQL server](configuring-playbook-external-postgres.md) is also possible. | @@ -36,6 +40,8 @@ We try to stick to official images (provided by their respective projects) as mu ## Authentication +Extend and modify how users are authenticated on your homeserver. + | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | | [matrix-synapse-rest-auth](configuring-playbook-rest-auth.md) | (N/A) | x | REST authentication password provider module | @@ -47,6 +53,8 @@ We try to stick to official images (provided by their respective projects) as mu ## File Storage +Use alternative file storage to the default `media_store` folder. + | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | | [Goofys](configuring-playbook-s3-goofys.md) | [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) | x | [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files | @@ -55,6 +63,8 @@ We try to stick to official images (provided by their respective projects) as mu # Bridges +Bridges can be used to connect your Matrix installation with third-party communication networks. + | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | | [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) | [mautrix/discord](https://mau.dev/mautrix/discord/container_registry) | x | Bridge to [Discord](https://discord.com/) | @@ -88,6 +98,8 @@ We try to stick to official images (provided by their respective projects) as mu ## Bots +Bots provide various additional functionality to your installation. + | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | | [baibot](configuring-playbook-bot-baibot.md) | [etke.cc/baibot](https://ghcr.io/etkecc/baibot) | x | A bot that exposes the power of [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) to you | @@ -101,6 +113,8 @@ We try to stick to official images (provided by their respective projects) as mu ## Administration +Services that help you in administrating and monitoring your Matrix installation. + | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | | [matrix-alertmanager-receiver](configuring-playbook-alertmanager-receiver.md) | [metio/matrix-alertmanager-receiver](https://hub.docker.com/r/metio/matrix-alertmanager-receiver) | x | Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) client | @@ -116,6 +130,8 @@ We try to stick to official images (provided by their respective projects) as mu ## Misc +Various services that don't fit any other categories. + | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | | [sliding-sync](configuring-playbook-sliding-sync-proxy.md) | [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) | x | Sliding Sync support for clients which require it (e.g. Element X) | From 7864a756079c98054641324b23cca9ffc658a7ec Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 3 Nov 2024 21:08:10 +0100 Subject: [PATCH 283/404] improve readability configuring-dns.md --- docs/configuring-dns.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index a9a3f3244..5a3f087d0 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -93,8 +93,9 @@ This is an optional feature for the optionally-installed [ma1sd service](configu **Note**: This `_matrix-identity._tcp` SRV record for the identity server is different from the `_matrix._tcp` that can be used for Synapse delegation. See [howto-server-delegation.md](howto-server-delegation.md) for more information about delegation. -When you're done with the DNS configuration and ready to proceed, continue with [Getting the playbook](getting-the-playbook.md). - ## `_dmarc`, `postmoogle._domainkey` TXT and `matrix` MX records setup To make the [postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge enable its email sending features, you need to configure SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records + +--- +When you're done with the DNS configuration and ready to proceed, continue with [Getting the playbook](getting-the-playbook.md). From c8ee67aa3bd31a3b75ecbdd243ffd14550bcdc77 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 13:37:12 +0900 Subject: [PATCH 284/404] Update README.md and docs/container-images.md: move up Exim as default service Signed-off-by: Suguru Hirahara --- README.md | 2 +- docs/container-images.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d6f16d5eb..3a493405c 100644 --- a/README.md +++ b/README.md @@ -63,8 +63,8 @@ Services that run on the server to make the various parts of your installation w | [Coturn](https://github.com/coturn/coturn) | ✓ | STUN/TURN server for WebRTC audio/video calls | [Link](docs/configuring-playbook-turn.md) | | [Traefik](https://doc.traefik.io/traefik/) | ✓ | Web server, listening on ports 80, 443 and 8448 - standing in front of all the other services. Using your own webserver [is possible](docs/configuring-playbook-own-webserver.md) | [Link](docs/configuring-playbook-traefik.md) | | [Let's Encrypt](https://letsencrypt.org/) | ✓ | Free SSL certificate, which secures the connection to all components | [Link](docs/configuring-playbook-ssl-certificates.md) | -| [ma1sd](https://github.com/ma1uta/ma1sd) | x | Matrix Identity Server | [Link](docs/configuring-playbook-ma1sd.md) | [Exim](https://www.exim.org/) | ✓ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | [Link](docs/configuring-playbook-email.md) | +| [ma1sd](https://github.com/ma1uta/ma1sd) | x | Matrix Identity Server | [Link](docs/configuring-playbook-ma1sd.md) | [ddclient](https://github.com/linuxserver/docker-ddclient) | x | Dynamic DNS | [Link](docs/configuring-playbook-dynamic-dns.md) | diff --git a/docs/container-images.md b/docs/container-images.md index ff7395294..f6b2c1ab1 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -34,8 +34,8 @@ Services that run on the server to make the various parts of your installation w | [Coturn](configuring-playbook-turn.md) | [coturn/coturn](https://hub.docker.com/r/coturn/coturn/) | ✓ | STUN/TURN server for WebRTC audio/video calls | | [Traefik](configuring-playbook-traefik.md) | [Traefik](https://hub.docker.com/_/traefik/) | ✓ | Web server, listening on ports 80, 443 and 8448 - standing in front of all the other services. Using your own webserver [is possible](configuring-playbook-own-webserver.md) | | [Let's Encrypt](configuring-playbook-ssl-certificates.md) | [certbot/certbot](https://hub.docker.com/r/certbot/certbot/) | ✓ | The [certbot](https://certbot.eff.org/) tool for obtaining SSL certificates from [Let's Encrypt](https://letsencrypt.org/) | -| [ma1sd](configuring-playbook-ma1sd.md) | [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) | x | Matrix Identity Server | | [Exim](configuring-playbook-email.md) | [devture/exim-relay](https://hub.docker.com/r/devture/exim-relay/) | ✓ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | +| [ma1sd](configuring-playbook-ma1sd.md) | [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) | x | Matrix Identity Server | | [ddclient](configuring-playbook-dynamic-dns.md) | [linuxserver/ddclient](https://hub.docker.com/r/linuxserver/ddclient) | x | Update dynamic DNS entries for accounts on Dynamic DNS Network Service Provider | ## Authentication From 7b9aaceb7e1d27e146282a763cdb7c2e38fcfe4c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 3 Nov 2024 14:43:05 +0900 Subject: [PATCH 285/404] Update README.md and docs/container-images.md: move "synapse-simple-antispam" to Authentication, following docs/configuring-playbook.md Signed-off-by: Suguru Hirahara --- README.md | 2 +- docs/container-images.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3a493405c..9d5f11d5a 100644 --- a/README.md +++ b/README.md @@ -80,6 +80,7 @@ Extend and modify how users are authenticated on your homeserver. | [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) (advanced) | x | A proxy that handles Matrix registration requests and forwards them to LDAP. | [Link](docs/configuring-playbook-matrix-ldap-registration-proxy.md) | | [matrix-registration](https://github.com/ZerataX/matrix-registration) | x | A simple python application to have a token based Matrix registration | [Link](docs/configuring-playbook-matrix-registration.md) | | [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) (UVS) | x | Service to verify details of a user based on an Open ID token | [Link](docs/configuring-playbook-user-verification-service.md) | +| [synapse-simple-antispam](https://github.com/t2bot/synapse-simple-antispam) (advanced) | x | A spam checker module | [Link](docs/configuring-playbook-synapse-simple-antispam.md) | ### File Storage @@ -167,7 +168,6 @@ Various services that don't fit any other categories. | [sliding-sync](https://github.com/matrix-org/sliding-sync)| x | Sliding Sync support for clients which require it (e.g. Element X) | [Link](docs/configuring-playbook-sliding-sync-proxy.md) | | [synapse_auto_accept_invite](https://github.com/matrix-org/synapse-auto-accept-invite) | x | A Synapse module to automatically accept invites. | [Link](docs/configuring-playbook-synapse-auto-accept-invite.md) | | [synapse_auto_compressor](https://github.com/matrix-org/rust-synapse-compress-state/#automated-tool-synapse_auto_compressor) | x | A cli tool that automatically compresses `state_groups` database table in background. | [Link](docs/configuring-playbook-synapse-auto-compressor.md) | -| [synapse-simple-antispam](https://github.com/t2bot/synapse-simple-antispam) (advanced) | x | A spam checker module | [Link](docs/configuring-playbook-synapse-simple-antispam.md) | | [Matrix Corporal](https://github.com/devture/matrix-corporal) (advanced) | x | Reconciliator and gateway for a managed Matrix server | [Link](docs/configuring-playbook-matrix-corporal.md) | | [Etherpad](https://etherpad.org) | x | An open source collaborative text editor | [Link](docs/configuring-playbook-etherpad.md) | | [Jitsi](https://jitsi.org/) | x | An open source video-conferencing platform | [Link](docs/configuring-playbook-jitsi.md) | diff --git a/docs/container-images.md b/docs/container-images.md index f6b2c1ab1..38f1fb32d 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -50,6 +50,7 @@ Extend and modify how users are authenticated on your homeserver. | [matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) | [activism.international/matrix_ldap_registration_proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/container_registry) | x | A proxy that handles Matrix registration requests and forwards them to LDAP. | | [matrix-registration](configuring-playbook-matrix-registration.md) | [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) | x | A simple python application to have a token based Matrix registration | | [Matrix User Verification Service](configuring-playbook-user-verification-service.md) (UVS) | [matrixdotorg/matrix-user-verification-service](https://hub.docker.com/r/atrixdotorg/matrix-user-verification-service) | x | Service to verify details of a user based on an Open ID token | +| [synapse-simple-antispam](configuring-playbook-synapse-simple-antispam.md) (advanced) | (N/A) | x | A spam checker module | ## File Storage @@ -137,7 +138,6 @@ Various services that don't fit any other categories. | [sliding-sync](configuring-playbook-sliding-sync-proxy.md) | [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) | x | Sliding Sync support for clients which require it (e.g. Element X) | | [synapse_auto_accept_invite](configuring-playbook-synapse-auto-accept-invite.md) | (N/A) | x | A Synapse module to automatically accept invites. | | [synapse_auto_compressor](configuring-playbook-synapse-auto-compressor.md) | [etke.cc/rust-synapse-compress-state](https://gitlab.com/etke.cc/rust-synapse-compress-state/container_registry) | x | A cli tool that automatically compresses `state_groups` database table in background. | -| [synapse-simple-antispam](configuring-playbook-synapse-simple-antispam.md) (advanced) | (N/A) | x | A spam checker module | | [Matrix Corporal](configuring-playbook-matrix-corporal.md) (advanced) | [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal/) | x | Reconciliator and gateway for a managed Matrix server | | [Etherpad](configuring-playbook-etherpad.md) | [etherpad/etherpad](https://hub.docker.com/r/etherpad/etherpad/) | x | An open source collaborative text editor | | [Jitsi](configuring-playbook-jitsi.md) | [jitsi/web](https://hub.docker.com/r/jitsi/web) | x | the [Jitsi](https://jitsi.org/) web UI | From ae4dd1ea3ad3561e5a125bb9f4d57945c00d6da9 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 4 Nov 2024 16:10:03 +0900 Subject: [PATCH 286/404] Update docs/faq.md: fix headings level Signed-off-by: Suguru Hirahara --- docs/faq.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/faq.md b/docs/faq.md index cbd210868..5939decc5 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -11,13 +11,13 @@ Also, we encourage you to not dig yourself into a hole by reading way too much. ## Introductory -## Where do I find more questions and answers about Matrix? +### Where do I find more questions and answers about Matrix? This is a Frequently Asked Questions page focused on this [Ansible](https://www.ansible.com/) playbook ([What is Ansible? How does it work?](#what-is-ansible-how-does-it-work)) for deploying a [Matrix](https://matrix.org/) server. For a lot more generic questions and answers, see the [matrix.org FAQ](https://matrix.org/faq/). -## What is Matrix? What is Element? What is Synapse? Why are you confusing me with so many terms? +### What is Matrix? What is Element? What is Synapse? Why are you confusing me with so many terms? [Matrix](https://matrix.org/) is a new type of realtime communication (chat) network, the closest analogy to which is probably "email". @@ -39,7 +39,7 @@ In short: This FAQ here mostly focuses on installing various Matrix services using the Ansible automation tool. You can learn much more about Matrix in the [matrix.org FAQ](https://matrix.org/faq/). -## People I wish to talk to are not on Matrix. Can I talk to them? +### People I wish to talk to are not on Matrix. Can I talk to them? You most likely can. Besides Matrix-native chats, Matrix also supports the concept of "bridging", which allows you to plug other networks into it. @@ -47,7 +47,7 @@ This Ansible playbook can help you install [tens of bridges for various networks Besides setting up your own bridges (preferable), you can also use some [public bridges hosted by others](https://publiclist.anchel.nl/#bridges). -## How do I get started with Matrix? +### How do I get started with Matrix? One of [Matrix](https://matrix.org/)'s distinguishing strengths (compared to other chat networks) is its decentralized nature. There's not just one entity (company, organization) controlling the servers. Rather there's thousands of servers operated by different people - one server being insecure, slow or disrespective toward its users does not affect the rest of the network. To participate in that decentralization in its fullest, consider hosting your own server or using some public server other than the largest/default one (`matrix.org`). From 79680c5ac15d76888028ec16a5cf8e9ea636c9fe Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 4 Nov 2024 16:26:27 +0900 Subject: [PATCH 287/404] Update i-need-help.md: add notification about FAQ.md Signed-off-by: Suguru Hirahara --- .github/ISSUE_TEMPLATE/i-need-help.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/ISSUE_TEMPLATE/i-need-help.md b/.github/ISSUE_TEMPLATE/i-need-help.md index 20444ad54..8bf1a4da4 100644 --- a/.github/ISSUE_TEMPLATE/i-need-help.md +++ b/.github/ISSUE_TEMPLATE/i-need-help.md @@ -8,7 +8,9 @@ assignees: '' --- **Playbook Configuration**: From 6b83f00f8e1fbf23ccfefdc1664c98dc63d5c27c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 4 Nov 2024 10:28:09 +0200 Subject: [PATCH 288/404] Upgrade Traefik (v3.1.3-2 -> v3.1.3-3) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 9e6c5c986..9c7b2d2d1 100644 --- a/requirements.yml +++ b/requirements.yml @@ -70,7 +70,7 @@ version: v1.0.0-0 name: timesync - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git - version: v3.1.3-2 + version: v3.1.3-3 name: traefik - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git version: v2.8.3-5 From a2d193f16395f5318d5010b55ecb6be088576dde Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 4 Nov 2024 10:30:52 +0200 Subject: [PATCH 289/404] Upgrade Traefik (v3.1.3-3 -> v3.2.0-0) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 9c7b2d2d1..12a030397 100644 --- a/requirements.yml +++ b/requirements.yml @@ -70,7 +70,7 @@ version: v1.0.0-0 name: timesync - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git - version: v3.1.3-3 + version: v3.2.0-0 name: traefik - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git version: v2.8.3-5 From cc3641d7c0e79a8dbd9f9c5771ff119ee0a77ae8 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 4 Nov 2024 10:21:44 +0000 Subject: [PATCH 290/404] Update dependency backup_borg to v1.4.0-1.9.0-0 --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 12a030397..750bd99e1 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,7 +4,7 @@ version: v1.0.0-3 name: auxiliary - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git - version: v1.2.8-1.8.13-2 + version: v1.4.0-1.9.0-0 name: backup_borg - src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git version: v0.2.0-0 From d689a73f93f9a730422a7889015cbe8f7b83b8b3 Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Mon, 4 Nov 2024 14:17:44 +0200 Subject: [PATCH 291/404] update backup-borg role --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 750bd99e1..0fdb85a6d 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,7 +4,7 @@ version: v1.0.0-3 name: auxiliary - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git - version: v1.4.0-1.9.0-0 + version: v1.4.0-1.9.0-1 name: backup_borg - src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git version: v0.2.0-0 From 4bd511819f2c1770e714643e1868ff53d75831e5 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 4 Nov 2024 22:56:02 +0900 Subject: [PATCH 292/404] Update docs/installing.md: add a note to avoid running the just recipe install-all, instead of ansible-playbook with install-all tag The note is for those who are not familiar with the playbook's tag and its just recipe. Signed-off-by: Suguru Hirahara --- docs/installing.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/installing.md b/docs/installing.md index ef816aff8..47af4f346 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -58,12 +58,14 @@ Proceed to [Maintaining your setup in the future](#2-maintaining-your-setup-in-t If you will be importing data into your newly created Matrix server, install it, but **do not** start its services just yet. Starting its services or messing with its database now will affect your data import later on. -To do the installation **without** starting services, run only the `install-all` tag: +To do the installation **without** starting services, run `ansible-playbook` with the `install-all` tag only: ```sh ansible-playbook -i inventory/hosts setup.yml --tags=install-all ``` +**Note**: do not run the just "recipe" `just install-all` instead, because it automatically starts services at the end of execution. + When this command completes, services won't be running yet. You can now: From d817a923a31e4ca8287d98a64efc8ebc1b1c47b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mitja=20Je=C5=BE?= Date: Mon, 4 Nov 2024 18:21:46 +0100 Subject: [PATCH 293/404] Update installing.md I believe this is typo. --- docs/installing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/installing.md b/docs/installing.md index ef816aff8..67ae35837 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -4,7 +4,7 @@ If you've [configured your DNS](configuring-dns.md) and have [configured the pla **Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `just roles`. `just roles` is a shortcut (a `roles` target defined in [`justfile`](../justfile) and executed by the [`just`](https://github.com/casey/just) utility) which ultimately runs [agru](https://github.com/etkecc/agru) or [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) (depending on what is available in your system) to download Ansible roles. If you don't have `just`, you can also manually run the `roles` commands seen in the `justfile`. -There's another shortcut (`just update`) which updates the playbook (`git pull`) and updates roles (`just update`) at the same time. +There's another shortcut (`just update`) which updates the playbook (`git pull`) and updates roles (`just roles`) at the same time. ## Playbook tags introduction From bb84d6f70a5b0be17641d721e12985271e5eb480 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 4 Nov 2024 23:57:22 +0900 Subject: [PATCH 294/404] Update docs/configuring-dns.md: remove an incorrect instruction to the next step The right next step of docs/configuring-dns.md is docs/getting-the-playbook.md Signed-off-by: Suguru Hirahara --- docs/configuring-dns.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 5a3f087d0..21132b36f 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -24,8 +24,6 @@ Be mindful as to how long it will take for the DNS records to propagate. If you are using Cloudflare DNS, make sure to disable the proxy and set all records to `DNS only`. Otherwise, fetching certificates will fail. -When you're done configuring DNS, proceed to [Configuring the playbook](configuring-playbook.md). - ## DNS settings for optional services/features | Used by component | Type | Host | Priority | Weight | Port | Target | From c720e9531c3934d7b5b1eea0f4e1be412c0c7122 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 5 Nov 2024 09:06:32 +0200 Subject: [PATCH 295/404] Upgrade backup-borg (v1.4.0-1.9.0-1 -> v1.4.0-1.9.0-2) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 0fdb85a6d..ea3743462 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,7 +4,7 @@ version: v1.0.0-3 name: auxiliary - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git - version: v1.4.0-1.9.0-1 + version: v1.4.0-1.9.0-2 name: backup_borg - src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git version: v0.2.0-0 From 065d3ac0661ae7f9cbb27fdc6b98ea215206515f Mon Sep 17 00:00:00 2001 From: 1over137 <22680475+1over137@users.noreply.github.com> Date: Tue, 5 Nov 2024 02:37:11 -0500 Subject: [PATCH 296/404] Documentation: sliding sync proxy is not required for Synapse >1.114 (#3735) * Update configuring-playbook-sliding-sync-proxy.md * Update README.md * Apply suggestions from code review Co-authored-by: Slavi Pantaleev --------- Co-authored-by: Slavi Pantaleev --- README.md | 2 +- docs/configuring-playbook-sliding-sync-proxy.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9d5f11d5a..2294730ca 100644 --- a/README.md +++ b/README.md @@ -165,7 +165,7 @@ Various services that don't fit any other categories. | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | -| [sliding-sync](https://github.com/matrix-org/sliding-sync)| x | Sliding Sync support for clients which require it (e.g. Element X) | [Link](docs/configuring-playbook-sliding-sync-proxy.md) | +| [sliding-sync](https://github.com/matrix-org/sliding-sync)| x | (Superseded by Simplified Sliding Sync integrated into Synapse > `1.114` and Conduit > `0.6.0`) Sliding Sync support for clients which require it (e.g. old Element X versions before Simplified Sliding Sync was developed) | [Link](docs/configuring-playbook-sliding-sync-proxy.md) | | [synapse_auto_accept_invite](https://github.com/matrix-org/synapse-auto-accept-invite) | x | A Synapse module to automatically accept invites. | [Link](docs/configuring-playbook-synapse-auto-accept-invite.md) | | [synapse_auto_compressor](https://github.com/matrix-org/rust-synapse-compress-state/#automated-tool-synapse_auto_compressor) | x | A cli tool that automatically compresses `state_groups` database table in background. | [Link](docs/configuring-playbook-synapse-auto-compressor.md) | | [Matrix Corporal](https://github.com/devture/matrix-corporal) (advanced) | x | Reconciliator and gateway for a managed Matrix server | [Link](docs/configuring-playbook-matrix-corporal.md) | diff --git a/docs/configuring-playbook-sliding-sync-proxy.md b/docs/configuring-playbook-sliding-sync-proxy.md index 817458e6e..d862b5e2b 100644 --- a/docs/configuring-playbook-sliding-sync-proxy.md +++ b/docs/configuring-playbook-sliding-sync-proxy.md @@ -10,7 +10,7 @@ Element X iOS is [available on TestFlight](https://testflight.apple.com/join/uZb Element X Android is [available on the Github Releases page](https://github.com/element-hq/element-x-android/releases). -**Note**: The sliding-sync proxy is **not required** when using the **Conduit homeserver**. Starting from version `0.6.0` Conduit has native support for some sliding sync features. If there are issues with the native implementation, you might have a better experience when enabling the sliding-sync proxy anyway. +**Note**: The sliding-sync proxy is **not required** anymore as it's been replaced with a different method (called Simplified Sliding Sync) which is integrated into newer homeservers by default (**Conduit** homeserver from version `0.6.0` or **Synapse** from version `1.114`). ## Adjusting the playbook configuration From 4cd4835888fc534b1372c75e10ecf78f4e607680 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 5 Nov 2024 09:41:16 +0200 Subject: [PATCH 297/404] De-emphasize the old sliding-sync proxy further Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3735 --- docs/configuring-playbook.md | 4 ++-- docs/container-images.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 40bf3603e..51cf09bbf 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -218,8 +218,6 @@ Services that help you in administrating and monitoring your Matrix installation Various services that don't fit any other categories. -- [Setting up the Sliding Sync proxy](configuring-playbook-sliding-sync-proxy.md) for clients which require Sliding Sync support (like Element X) - - [Setting up Synapse Auto Invite Accept](configuring-playbook-synapse-auto-accept-invite.md) - [Setting up synapse-auto-compressor](configuring-playbook-synapse-auto-compressor.md) for compressing the database on Synapse homeservers @@ -242,6 +240,8 @@ Various services that don't fit any other categories. **Note**: since a deprecated or unmaintained service will not be updated, its bug or vulnerability will be unlikely to get patched. It is recommended to migrate from the service to an alternative if any, and make sure to do your own research before you decide to keep it running nonetheless. +- [Setting up the Sliding Sync proxy](configuring-playbook-sliding-sync-proxy.md) for clients which require Sliding Sync support (like old Element X versions, before it got switched to Simplified Sliding Sync) + - [Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (deprecated; the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md)) - [Setting up the Dimension integration manager](configuring-playbook-dimension.md) ([unmaintained](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2806#issuecomment-1673559299); after [installing](installing.md)) diff --git a/docs/container-images.md b/docs/container-images.md index 38f1fb32d..4658201bc 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -135,7 +135,7 @@ Various services that don't fit any other categories. | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | -| [sliding-sync](configuring-playbook-sliding-sync-proxy.md) | [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) | x | Sliding Sync support for clients which require it (e.g. Element X) | +| [sliding-sync](configuring-playbook-sliding-sync-proxy.md) | [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) | x | Sliding Sync support for clients which require it (like old Element X versions, before it got switched to Simplified Sliding Sync) | | [synapse_auto_accept_invite](configuring-playbook-synapse-auto-accept-invite.md) | (N/A) | x | A Synapse module to automatically accept invites. | | [synapse_auto_compressor](configuring-playbook-synapse-auto-compressor.md) | [etke.cc/rust-synapse-compress-state](https://gitlab.com/etke.cc/rust-synapse-compress-state/container_registry) | x | A cli tool that automatically compresses `state_groups` database table in background. | | [Matrix Corporal](configuring-playbook-matrix-corporal.md) (advanced) | [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal/) | x | Reconciliator and gateway for a managed Matrix server | From 9e5bb8629c5d387dc0e3b89d44fd692d86df8eee Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 5 Nov 2024 09:44:08 +0200 Subject: [PATCH 298/404] Move sliding-sync proxy Note to the top of its docs page People should be made aware of the status of this component as soon as possible. This is consitent with the positioning of Note messages we have for other deprecated components (e.g. bot-chatgpt, bot-go-neb, etc). Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3735 --- docs/configuring-playbook-sliding-sync-proxy.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-sliding-sync-proxy.md b/docs/configuring-playbook-sliding-sync-proxy.md index d862b5e2b..5bcd43146 100644 --- a/docs/configuring-playbook-sliding-sync-proxy.md +++ b/docs/configuring-playbook-sliding-sync-proxy.md @@ -1,5 +1,7 @@ # Setting up the Sliding Sync proxy (optional) +**Note**: The sliding-sync proxy is **not required** anymore as it's been replaced with a different method (called Simplified Sliding Sync) which is integrated into newer homeservers by default (**Conduit** homeserver from version `0.6.0` or **Synapse** from version `1.114`). This component and documentation remain here for historical purposes, but **installing this old sliding-sync proxy is generally not recommended anymore**. + The playbook can install and configure [sliding-sync](https://github.com/matrix-org/sliding-sync) proxy for you. Sliding Sync is an implementation of [MSC3575](https://github.com/matrix-org/matrix-spec-proposals/blob/kegan/sync-v3/proposals/3575-sync.md) and a prerequisite for running the new (**still beta**) Element X clients ([Element X iOS](https://github.com/element-hq/element-x-ios) and [Element X Android](https://github.com/element-hq/element-x-android)). @@ -10,7 +12,6 @@ Element X iOS is [available on TestFlight](https://testflight.apple.com/join/uZb Element X Android is [available on the Github Releases page](https://github.com/element-hq/element-x-android/releases). -**Note**: The sliding-sync proxy is **not required** anymore as it's been replaced with a different method (called Simplified Sliding Sync) which is integrated into newer homeservers by default (**Conduit** homeserver from version `0.6.0` or **Synapse** from version `1.114`). ## Adjusting the playbook configuration From c8c83252be1c65b632afbe3d82f14836a841af1b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 5 Nov 2024 10:39:05 +0200 Subject: [PATCH 299/404] Add "Getting started" section to main README We were linking to the "guided installation" even now, but there are so many links and no explicit "Getting started" link anywhere. This tries to make things better. Inspired by: - https://news.ycombinator.com/item?id=42039447 - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3744 --- README.md | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 2294730ca..62e0e961a 100644 --- a/README.md +++ b/README.md @@ -8,17 +8,24 @@ This [Ansible](https://www.ansible.com/) playbook is meant to help you run your That is, it lets you join the Matrix network using your own `@:example.com` identifier, all hosted on your own server (see [prerequisites](docs/prerequisites.md)). -We run all services in [Docker](https://www.docker.com/) containers (see [the container images we use](docs/container-images.md)), which lets us have a predictable and up-to-date setup, across multiple supported distros (see [prerequisites](docs/prerequisites.md)) and [architectures](docs/alternative-architectures.md) (x86/amd64 being recommended). - -[Installation](docs/README.md) (upgrades) and some maintenance tasks are automated using [Ansible](https://www.ansible.com/) (see [our Ansible guide](docs/ansible.md)). +We run all [supported services](#supported-services) in [Docker](https://www.docker.com/) containers (see [the container images we use](docs/container-images.md)), which lets us have a predictable and up-to-date setup, across multiple supported distros (see [prerequisites](docs/prerequisites.md)) and [architectures](docs/alternative-architectures.md) (x86/amd64 being recommended). +Installation (upgrades) and some maintenance tasks are automated using [Ansible](https://www.ansible.com/) (see [our Ansible guide](docs/ansible.md)). ## Self-hosting or Managed / SaaS -This Ansible playbook tries to make self-hosting and maintaining a Matrix server fairly easy. Still, running any service smoothly requires knowledge, time and effort. +This Ansible playbook tries to make self-hosting and maintaining a Matrix server fairly easy (see [Getting started](#getting-started)). Still, running any service smoothly requires knowledge, time and effort. If you like the [FOSS](https://en.wikipedia.org/wiki/Free_and_open-source_software) spirit of this Ansible playbook, but prefer to put the responsibility on someone else, you can also [get a managed Matrix server from etke.cc](https://etke.cc?utm_source=github&utm_medium=readme&utm_campaign=mdad) (both hosting and on-premises) - a service built on top of this Ansible playbook but with [additional components](https://etke.cc/help/extras/?utm_source=github&utm_medium=readme&utm_campaign=mdad) and [services](https://etke.cc/services/?utm_source=github&utm_medium=readme&utm_campaign=mdad) which all help you run a Matrix server with ease. Be advised that etke.cc operates on a subscription-based approach and there is no "just set up my server once and be done with it" option. +## Getting started + +We have detailed documentation in the [docs/](./docs) directory - see the Table of Contents in the [documentation README](./docs/README.md). + +While the [list of supported services](#supported-services) and documentation is very extensive, you don't need to read through everything. We recommend: + +- Starting with the basics. You can always add/remove or tweak services later on. +- Following our guided installation, starting with the [Prerequisites](./docs/prerequisites.md) documentation page ## Supported services From 3684e93a61d13513c6a99c6beee45367ffbbdbd8 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 5 Nov 2024 21:38:26 +0900 Subject: [PATCH 300/404] Add hard-coded breadcrumbs to documentation files about installation procedure for easier navigation (#3745) * Add hard-coded breadcrumbs to documentation files about installation procedure for easier navigation Since it is easy to get lost among these files, the breadcrumbs should be helpful to get the whole picture of the procedure. Hopefully they will be replaced with something else generated automatically. Please note that the usage of HTML tags on this context is not proper as the tag is intended to be used only for typographical reasons. Here tags should rather be used instead as long as we do not use CSS, but since GitHub strips these tags against its spec (https://github.github.com/gfm/#disallowed-raw-html-extension-) (also note: the HTML tags are not stripped on Codeberg for example), this commit intentionally uses to have those breadcrumbs rendered in small points. Signed-off-by: Suguru Hirahara * Update docs/configuring-playbook.md title The file is referred from other files as "Configuring the playbook" Signed-off-by: Suguru Hirahara * Add "Quick start" link with the thunder icon For now docs/README.md is linked Signed-off-by: Suguru Hirahara --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara --- docs/configuring-dns.md | 2 ++ docs/configuring-playbook.md | 6 ++++-- docs/getting-the-playbook.md | 2 ++ docs/installing.md | 2 ++ docs/prerequisites.md | 2 ++ 5 files changed, 12 insertions(+), 2 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 21132b36f..00c62fab9 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -1,5 +1,7 @@ # Configuring your DNS server +⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > Configuring your DNS server > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) + To set up Matrix on your domain, you'd need to do some DNS configuration. To use an identifier like `@:example.com`, you don't actually need to install anything on the actual `example.com` server. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 51cf09bbf..d1edd7c10 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -1,6 +1,8 @@ -# Configuring the Ansible playbook +# Configuring the playbook -To configure the playbook, you need to have done the following things: +⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > Configuring the playbook > [Installing](installing.md) + +To configure the Ansible playbook, you need to have done the following things: - have a server where Matrix services will run - [configured your DNS records](configuring-dns.md) diff --git a/docs/getting-the-playbook.md b/docs/getting-the-playbook.md index ea172a499..da155aeda 100644 --- a/docs/getting-the-playbook.md +++ b/docs/getting-the-playbook.md @@ -1,5 +1,7 @@ # Getting the playbook +⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > Getting the playbook > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) + This Ansible playbook is meant to be executed on your own computer (not the Matrix server). In special cases (if your computer cannot run Ansible, etc.) you may put the playbook on the server as well. diff --git a/docs/installing.md b/docs/installing.md index 010cede0c..61dd3041b 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -1,5 +1,7 @@ # Installing +⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > Installing + If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure. **Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `just roles`. `just roles` is a shortcut (a `roles` target defined in [`justfile`](../justfile) and executed by the [`just`](https://github.com/casey/just) utility) which ultimately runs [agru](https://github.com/etkecc/agru) or [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) (depending on what is available in your system) to download Ansible roles. If you don't have `just`, you can also manually run the `roles` commands seen in the `justfile`. diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 24baabedb..3fc3afbce 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -1,5 +1,7 @@ # Prerequisites +⚡️[Quick start](README.md) | Prerequisites > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) + To install Matrix services using this Ansible playbook, you need: - (Recommended) An **x86** server ([What kind of server specs do I need?](faq.md#what-kind-of-server-specs-do-i-need)) running one of these operating systems that make use of [systemd](https://systemd.io/): From 0a2198f754a452c33428934eea03d3fe1907be87 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 5 Nov 2024 22:29:54 +0900 Subject: [PATCH 301/404] Update docs/configuring-dns.md and docs/prerequisites.md: add the common horizontal line Signed-off-by: Suguru Hirahara --- docs/configuring-dns.md | 3 ++- docs/prerequisites.md | 2 ++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 00c62fab9..57f8ab366 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -97,5 +97,6 @@ This is an optional feature for the optionally-installed [ma1sd service](configu To make the [postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge enable its email sending features, you need to configure SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records ---- +--------------------------------------------- + When you're done with the DNS configuration and ready to proceed, continue with [Getting the playbook](getting-the-playbook.md). diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 3fc3afbce..51bc5b2f0 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -46,4 +46,6 @@ To install Matrix services using this Ansible playbook, you need: - the range `49152-49172/udp`: TURN over UDP - potentially some other ports, depending on the additional (non-default) services that you enable in the **configuring the playbook** step (later on). Consult each service's documentation page in `docs/` for that. +--------------------------------------------- + When ready to proceed, continue with [Configuring DNS](configuring-dns.md). From 261b5dee078295a7116e41cb949b3b528c790ecc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 5 Nov 2024 16:25:11 +0000 Subject: [PATCH 302/404] Update vectorim/element-web Docker tag to v1.11.84 --- roles/custom/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index e26c89393..17eb025ae 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -11,7 +11,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" # renovate: datasource=docker depName=vectorim/element-web -matrix_client_element_version: v1.11.83 +matrix_client_element_version: v1.11.84 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" From 1b4fa7959530f33ca48127ed1570c27ff6578cc5 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Wed, 6 Nov 2024 02:30:03 +0900 Subject: [PATCH 303/404] Update docs/registering-users.md: add configuration for enabling public user registration on Dendrite (#3748) * Update docs/registering-users.md: add configuration for enabling public user registration on Dendrite Per the suggestion on https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2545 Signed-off-by: Suguru Hirahara * Set matrix_dendrite_client_api_registration_disabled to false Mind "matrix_synapse_enable_registration" for Synapse is set to false by default. Signed-off-by: Suguru Hirahara --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara --- docs/registering-users.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/registering-users.md b/docs/registering-users.md index acb86a908..6aeece00f 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -100,10 +100,18 @@ If you'd rather **keep your server private** (public registration closed, as is To **open up user registration publicly** (usually **not recommended**), add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +For Synapse: + ```yaml matrix_synapse_enable_registration: true ``` +For Dendrite: + +```yaml +matrix_dendrite_client_api_registration_disabled: false +``` + After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` If you're opening up registrations publicly like this, you might also wish to [configure CAPTCHA protection](configuring-captcha.md). From db57c95cc0db0e550ba3528c37e238d336d56422 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 6 Nov 2024 09:17:55 +0200 Subject: [PATCH 304/404] Remove redundant Installation section from main README Superseded by the new "Getting started" section, which is higher up and gets more visibility. --- README.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/README.md b/README.md index 62e0e961a..4e7f691f9 100644 --- a/README.md +++ b/README.md @@ -155,7 +155,6 @@ Bots provide various additional functionality to your installation. Services that help you in administrating and monitoring your Matrix installation. - | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | | [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) | x | Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) client | [Link](docs/configuring-playbook-alertmanager-receiver.md) | @@ -184,11 +183,6 @@ Various services that don't fit any other categories. | [ntfy](https://ntfy.sh) | x | Push notifications server | [Link](docs/configuring-playbook-ntfy.md) | -## Installation - -To configure and install Matrix on your own server, follow the [README in the docs/ directory](docs/README.md). - - ## Changes This playbook evolves over time, sometimes with backward-incompatible changes. From 1a87f92647c583826920cb695ddfbdadce3e8d2d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 6 Nov 2024 09:24:46 +0200 Subject: [PATCH 305/404] Emojify main README MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ✓ and x indicators provide less visibility, as they're very similarly looking. Emojis (especially when colored) make it much easier to see which component is a default one and which isn't. Section headings are also prefixed with an emoji now to make decrease the "wall of text" feeling. --- README.md | 174 +++++++++++++++++++++++++++--------------------------- 1 file changed, 87 insertions(+), 87 deletions(-) diff --git a/README.md b/README.md index 4e7f691f9..cf5cd51ec 100644 --- a/README.md +++ b/README.md @@ -2,32 +2,32 @@ # Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker -## Purpose +## 🎯 Purpose This [Ansible](https://www.ansible.com/) playbook is meant to help you run your own [Matrix](http://matrix.org/) homeserver, along with the [various services](#supported-services) related to that. That is, it lets you join the Matrix network using your own `@:example.com` identifier, all hosted on your own server (see [prerequisites](docs/prerequisites.md)). -We run all [supported services](#supported-services) in [Docker](https://www.docker.com/) containers (see [the container images we use](docs/container-images.md)), which lets us have a predictable and up-to-date setup, across multiple supported distros (see [prerequisites](docs/prerequisites.md)) and [architectures](docs/alternative-architectures.md) (x86/amd64 being recommended). +We run all [supported services](#-supported-services) in [Docker](https://www.docker.com/) containers (see [the container images we use](docs/container-images.md)), which lets us have a predictable and up-to-date setup, across multiple supported distros (see [prerequisites](docs/prerequisites.md)) and [architectures](docs/alternative-architectures.md) (x86/amd64 being recommended). Installation (upgrades) and some maintenance tasks are automated using [Ansible](https://www.ansible.com/) (see [our Ansible guide](docs/ansible.md)). -## Self-hosting or Managed / SaaS +## ☁ Self-hosting or Managed / SaaS -This Ansible playbook tries to make self-hosting and maintaining a Matrix server fairly easy (see [Getting started](#getting-started)). Still, running any service smoothly requires knowledge, time and effort. +This Ansible playbook tries to make self-hosting and maintaining a Matrix server fairly easy (see [Getting started](#-getting-started)). Still, running any service smoothly requires knowledge, time and effort. If you like the [FOSS](https://en.wikipedia.org/wiki/Free_and_open-source_software) spirit of this Ansible playbook, but prefer to put the responsibility on someone else, you can also [get a managed Matrix server from etke.cc](https://etke.cc?utm_source=github&utm_medium=readme&utm_campaign=mdad) (both hosting and on-premises) - a service built on top of this Ansible playbook but with [additional components](https://etke.cc/help/extras/?utm_source=github&utm_medium=readme&utm_campaign=mdad) and [services](https://etke.cc/services/?utm_source=github&utm_medium=readme&utm_campaign=mdad) which all help you run a Matrix server with ease. Be advised that etke.cc operates on a subscription-based approach and there is no "just set up my server once and be done with it" option. -## Getting started +## 🚀 Getting started We have detailed documentation in the [docs/](./docs) directory - see the Table of Contents in the [documentation README](./docs/README.md). -While the [list of supported services](#supported-services) and documentation is very extensive, you don't need to read through everything. We recommend: +While the [list of supported services](#-supported-services) and documentation is very extensive, you don't need to read through everything. We recommend: - Starting with the basics. You can always add/remove or tweak services later on. - Following our guided installation, starting with the [Prerequisites](./docs/prerequisites.md) documentation page -## Supported services +## ✔ Supported services Using this playbook, you can get the following list of services configured on your server. Basically, this playbook aims to get you up-and-running with all the necessities around Matrix, without you having to do anything else. @@ -43,9 +43,9 @@ The homeserver is the backbone of your Matrix system. Choose one from the follow | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | -| [Synapse](https://github.com/element-hq/synapse) | ✓ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network | [Link](docs/configuring-playbook-synapse.md) | -| [Conduit](https://conduit.rs) | x | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Conduit is a lightweight open-source server implementation of the Matrix Specification with a focus on easy setup and low system requirements | [Link](docs/configuring-playbook-conduit.md) | -| [Dendrite](https://github.com/matrix-org/dendrite) | x | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Dendrite is a second-generation Matrix homeserver written in Go, an alternative to Synapse. | [Link](docs/configuring-playbook-dendrite.md) | +| [Synapse](https://github.com/element-hq/synapse) | ✅ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network | [Link](docs/configuring-playbook-synapse.md) | +| [Conduit](https://conduit.rs) | ❌ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Conduit is a lightweight open-source server implementation of the Matrix Specification with a focus on easy setup and low system requirements | [Link](docs/configuring-playbook-conduit.md) | +| [Dendrite](https://github.com/matrix-org/dendrite) | ❌ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Dendrite is a second-generation Matrix homeserver written in Go, an alternative to Synapse. | [Link](docs/configuring-playbook-dendrite.md) | ### Clients @@ -53,10 +53,10 @@ Web clients for Matrix that you can host on your own domains. | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | -| [Element](https://app.element.io/) | ✓ | Web UI, which is configured to connect to your own Synapse server by default | [Link](docs/configuring-playbook-client-element.md) | -| [Hydrogen](https://github.com/element-hq/hydrogen-web) | x | Lightweight Matrix client with legacy and mobile browser support | [Link](docs/configuring-playbook-client-hydrogen.md) | -| [Cinny](https://github.com/ajbura/cinny) | x | Simple, elegant and secure web client | [Link](docs/configuring-playbook-client-cinny.md) | -| [SchildiChat](https://schildi.chat/) | x | Based on Element, with a more traditional instant messaging experience | [Link](docs/configuring-playbook-client-schildichat.md) | +| [Element](https://app.element.io/) | ✅ | Web UI, which is configured to connect to your own Synapse server by default | [Link](docs/configuring-playbook-client-element.md) | +| [Hydrogen](https://github.com/element-hq/hydrogen-web) | ❌ | Lightweight Matrix client with legacy and mobile browser support | [Link](docs/configuring-playbook-client-hydrogen.md) | +| [Cinny](https://github.com/ajbura/cinny) | ❌ | Simple, elegant and secure web client | [Link](docs/configuring-playbook-client-cinny.md) | +| [SchildiChat](https://schildi.chat/) | ❌ | Based on Element, with a more traditional instant messaging experience | [Link](docs/configuring-playbook-client-schildichat.md) | @@ -66,13 +66,13 @@ Services that run on the server to make the various parts of your installation w | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | -| [PostgreSQL](https://www.postgresql.org/)| ✓ | Database for Synapse. [Using an external PostgreSQL server](docs/configuring-playbook-external-postgres.md) is also possible. | [Link](docs/configuring-playbook-external-postgres.md) | -| [Coturn](https://github.com/coturn/coturn) | ✓ | STUN/TURN server for WebRTC audio/video calls | [Link](docs/configuring-playbook-turn.md) | -| [Traefik](https://doc.traefik.io/traefik/) | ✓ | Web server, listening on ports 80, 443 and 8448 - standing in front of all the other services. Using your own webserver [is possible](docs/configuring-playbook-own-webserver.md) | [Link](docs/configuring-playbook-traefik.md) | -| [Let's Encrypt](https://letsencrypt.org/) | ✓ | Free SSL certificate, which secures the connection to all components | [Link](docs/configuring-playbook-ssl-certificates.md) | -| [Exim](https://www.exim.org/) | ✓ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | [Link](docs/configuring-playbook-email.md) | -| [ma1sd](https://github.com/ma1uta/ma1sd) | x | Matrix Identity Server | [Link](docs/configuring-playbook-ma1sd.md) -| [ddclient](https://github.com/linuxserver/docker-ddclient) | x | Dynamic DNS | [Link](docs/configuring-playbook-dynamic-dns.md) | +| [PostgreSQL](https://www.postgresql.org/)| ✅ | Database for Synapse. [Using an external PostgreSQL server](docs/configuring-playbook-external-postgres.md) is also possible. | [Link](docs/configuring-playbook-external-postgres.md) | +| [Coturn](https://github.com/coturn/coturn) | ✅ | STUN/TURN server for WebRTC audio/video calls | [Link](docs/configuring-playbook-turn.md) | +| [Traefik](https://doc.traefik.io/traefik/) | ✅ | Web server, listening on ports 80, 443 and 8448 - standing in front of all the other services. Using your own webserver [is possible](docs/configuring-playbook-own-webserver.md) | [Link](docs/configuring-playbook-traefik.md) | +| [Let's Encrypt](https://letsencrypt.org/) | ✅ | Free SSL certificate, which secures the connection to all components | [Link](docs/configuring-playbook-ssl-certificates.md) | +| [Exim](https://www.exim.org/) | ✅ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | [Link](docs/configuring-playbook-email.md) | +| [ma1sd](https://github.com/ma1uta/ma1sd) | ❌ | Matrix Identity Server | [Link](docs/configuring-playbook-ma1sd.md) +| [ddclient](https://github.com/linuxserver/docker-ddclient) | ❌ | Dynamic DNS | [Link](docs/configuring-playbook-dynamic-dns.md) | ### Authentication @@ -81,13 +81,13 @@ Extend and modify how users are authenticated on your homeserver. | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | -| [matrix-synapse-rest-auth](https://github.com/ma1uta/matrix-synapse-rest-password-provider) (advanced) | x | REST authentication password provider module | [Link](docs/configuring-playbook-rest-auth.md) | -|[matrix-synapse-shared-secret-auth](https://github.com/devture/matrix-synapse-shared-secret-auth) (advanced) | x | Password provider module | [Link](docs/configuring-playbook-shared-secret-auth.md) | -| [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3) (advanced) | x | LDAP Auth password provider module | [Link](docs/configuring-playbook-ldap-auth.md) | -| [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) (advanced) | x | A proxy that handles Matrix registration requests and forwards them to LDAP. | [Link](docs/configuring-playbook-matrix-ldap-registration-proxy.md) | -| [matrix-registration](https://github.com/ZerataX/matrix-registration) | x | A simple python application to have a token based Matrix registration | [Link](docs/configuring-playbook-matrix-registration.md) | -| [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) (UVS) | x | Service to verify details of a user based on an Open ID token | [Link](docs/configuring-playbook-user-verification-service.md) | -| [synapse-simple-antispam](https://github.com/t2bot/synapse-simple-antispam) (advanced) | x | A spam checker module | [Link](docs/configuring-playbook-synapse-simple-antispam.md) | +| [matrix-synapse-rest-auth](https://github.com/ma1uta/matrix-synapse-rest-password-provider) (advanced) | ❌ | REST authentication password provider module | [Link](docs/configuring-playbook-rest-auth.md) | +|[matrix-synapse-shared-secret-auth](https://github.com/devture/matrix-synapse-shared-secret-auth) (advanced) | ❌ | Password provider module | [Link](docs/configuring-playbook-shared-secret-auth.md) | +| [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3) (advanced) | ❌ | LDAP Auth password provider module | [Link](docs/configuring-playbook-ldap-auth.md) | +| [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) (advanced) | ❌ | A proxy that handles Matrix registration requests and forwards them to LDAP. | [Link](docs/configuring-playbook-matrix-ldap-registration-proxy.md) | +| [matrix-registration](https://github.com/ZerataX/matrix-registration) | ❌ | A simple python application to have a token based Matrix registration | [Link](docs/configuring-playbook-matrix-registration.md) | +| [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) (UVS) | ❌ | Service to verify details of a user based on an Open ID token | [Link](docs/configuring-playbook-user-verification-service.md) | +| [synapse-simple-antispam](https://github.com/t2bot/synapse-simple-antispam) (advanced) | ❌ | A spam checker module | [Link](docs/configuring-playbook-synapse-simple-antispam.md) | ### File Storage @@ -96,9 +96,9 @@ Use alternative file storage to the default `media_store` folder. | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | -| [Goofys](https://github.com/kahing/goofys) | x | [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files | [Link](docs/configuring-playbook-s3-goofys.md) | -| [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) | x | [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files | [Link](docs/configuring-playbook-s3.md) | -| [matrix-media-repo](https://github.com/turt2live/matrix-media-repo) | x | matrix-media-repo is a highly customizable multi-domain media repository for Matrix. Intended for medium to large deployments, this media repo de-duplicates media while being fully compliant with the specification. | [Link](docs/configuring-playbook-matrix-media-repo.md) | +| [Goofys](https://github.com/kahing/goofys) | ❌ | [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files | [Link](docs/configuring-playbook-s3-goofys.md) | +| [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) | ❌ | [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files | [Link](docs/configuring-playbook-s3.md) | +| [matrix-media-repo](https://github.com/turt2live/matrix-media-repo) | ❌ | matrix-media-repo is a highly customizable multi-domain media repository for Matrix. Intended for medium to large deployments, this media repo de-duplicates media while being fully compliant with the specification. | [Link](docs/configuring-playbook-matrix-media-repo.md) | ### Bridges @@ -106,34 +106,34 @@ Bridges can be used to connect your Matrix installation with third-party communi | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | -| [mautrix-discord](https://github.com/mautrix/discord) | x | Bridge to [Discord](https://discord.com/) | [Link](docs/configuring-playbook-bridge-mautrix-discord.md) | -| [mautrix-slack](https://github.com/mautrix/slack) | x | Bridge to [Slack](https://slack.com/) | [Link](docs/configuring-playbook-bridge-mautrix-slack.md) | -| [mautrix-telegram](https://github.com/mautrix/telegram) | x | Bridge to [Telegram](https://telegram.org/) | [Link](docs/configuring-playbook-bridge-mautrix-telegram.md) | -| [mautrix-gmessages](https://github.com/mautrix/gmessages) | x | Bridge to [Google Messages](https://messages.google.com/) | [Link](docs/configuring-playbook-bridge-mautrix-gmessages.md) | -| [mautrix-whatsapp](https://github.com/mautrix/whatsapp) | x | Bridge to [WhatsApp](https://www.whatsapp.com/) | [Link](docs/configuring-playbook-bridge-mautrix-whatsapp.md) | -| [mautrix-wsproxy](https://github.com/mautrix/wsproxy) | x | Bridge to Android SMS or Apple iMessage | [Link](docs/configuring-playbook-bridge-mautrix-wsproxy.md) | -| [mautrix-twitter](https://github.com/mautrix/twitter) | x | Bridge to [Twitter](https://twitter.com/) | [Link](docs/configuring-playbook-bridge-mautrix-twitter.md) | -| [mautrix-googlechat](https://github.com/mautrix/googlechat) | x | Bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) | [Link](docs/configuring-playbook-bridge-mautrix-googlechat.md) | -| [mautrix-meta](https://github.com/mautrix/instagram) | x | Bridge to [Messenger](https://messenger.com/) and [Instagram](https://instagram.com/) | Link for [Messenger](docs/configuring-playbook-bridge-mautrix-meta-messenger.md) / [Instagram](docs/configuring-playbook-bridge-mautrix-meta-instagram.md) | -| [mautrix-signal](https://github.com/mautrix/signal) | x | Bridge to [Signal](https://www.signal.org/) | [Link](docs/configuring-playbook-bridge-mautrix-signal.md) | -| [beeper-linkedin](https://github.com/beeper/linkedin) | x | Bridge to [LinkedIn](https://www.linkedin.com/) | [Link](docs/configuring-playbook-bridge-beeper-linkedin.md) | -| [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) | x | Bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-appservice-irc.md) | -| [matrix-appservice-kakaotalk](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) | x | Bridge to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) | [Link](docs/configuring-playbook-bridge-appservice-kakaotalk.md) | -| [matrix-appservice-discord](https://github.com/matrix-org/matrix-appservice-discord) | x | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-appservice-discord.md) | -| [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) | x | Bridge to [Slack](https://slack.com/) | [Link](docs/configuring-playbook-bridge-appservice-slack.md) | -| [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) | x | Bridge for generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular | [Link](docs/configuring-playbook-bridge-hookshot.md) | -| [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) | x | Bridge to SMS | [Link](docs/configuring-playbook-bridge-matrix-bridge-sms.md) | -| [matrix-wechat](https://github.com/duo/matrix-wechat) | x | Bridge to [WeChat](https://www.wechat.com/) | [Link](docs/configuring-playbook-bridge-wechat.md) | -| [Heisenbridge](https://github.com/hifi/heisenbridge) | x | Bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-heisenbridge.md) | -| [go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) | x | Bridge to [Skype](https://www.skype.com) | [Link](docs/configuring-playbook-bridge-go-skype-bridge.md) | -| [mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) | x | Bridge to [Slack](https://slack.com) | [Link](docs/configuring-playbook-bridge-mx-puppet-slack.md) | -| [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) | x | Bridge for Instagram-DMs ([Instagram](https://www.instagram.com/)) | [Link](docs/configuring-playbook-bridge-mx-puppet-instagram.md) | -| [mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) | x | Bridge for Twitter-DMs ([Twitter](https://twitter.com/)) | [Link](docs/configuring-playbook-bridge-mx-puppet-twitter.md) | -| [mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord) | x | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-discord.md) | -| [mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) | x | Bridge to [GroupMe](https://groupme.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-groupme.md) | -| [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) | x | Bridge to [Steam](https://steamapp.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-steam.md) | -| [Email2Matrix](https://github.com/devture/email2matrix) | x | Bridge for relaying emails to Matrix rooms | [Link](docs/configuring-playbook-email2matrix.md) | -| [Postmoogle](https://github.com/etkecc/postmoogle) | x | Email to Matrix bridge | [Link](docs/configuring-playbook-bridge-postmoogle.md) | +| [mautrix-discord](https://github.com/mautrix/discord) | ❌ | Bridge to [Discord](https://discord.com/) | [Link](docs/configuring-playbook-bridge-mautrix-discord.md) | +| [mautrix-slack](https://github.com/mautrix/slack) | ❌ | Bridge to [Slack](https://slack.com/) | [Link](docs/configuring-playbook-bridge-mautrix-slack.md) | +| [mautrix-telegram](https://github.com/mautrix/telegram) | ❌ | Bridge to [Telegram](https://telegram.org/) | [Link](docs/configuring-playbook-bridge-mautrix-telegram.md) | +| [mautrix-gmessages](https://github.com/mautrix/gmessages) | ❌ | Bridge to [Google Messages](https://messages.google.com/) | [Link](docs/configuring-playbook-bridge-mautrix-gmessages.md) | +| [mautrix-whatsapp](https://github.com/mautrix/whatsapp) | ❌ | Bridge to [WhatsApp](https://www.whatsapp.com/) | [Link](docs/configuring-playbook-bridge-mautrix-whatsapp.md) | +| [mautrix-wsproxy](https://github.com/mautrix/wsproxy) | ❌ | Bridge to Android SMS or Apple iMessage | [Link](docs/configuring-playbook-bridge-mautrix-wsproxy.md) | +| [mautrix-twitter](https://github.com/mautrix/twitter) | ❌ | Bridge to [Twitter](https://twitter.com/) | [Link](docs/configuring-playbook-bridge-mautrix-twitter.md) | +| [mautrix-googlechat](https://github.com/mautrix/googlechat) | ❌ | Bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) | [Link](docs/configuring-playbook-bridge-mautrix-googlechat.md) | +| [mautrix-meta](https://github.com/mautrix/instagram) | ❌ | Bridge to [Messenger](https://messenger.com/) and [Instagram](https://instagram.com/) | Link for [Messenger](docs/configuring-playbook-bridge-mautrix-meta-messenger.md) / [Instagram](docs/configuring-playbook-bridge-mautrix-meta-instagram.md) | +| [mautrix-signal](https://github.com/mautrix/signal) | ❌ | Bridge to [Signal](https://www.signal.org/) | [Link](docs/configuring-playbook-bridge-mautrix-signal.md) | +| [beeper-linkedin](https://github.com/beeper/linkedin) | ❌ | Bridge to [LinkedIn](https://www.linkedin.com/) | [Link](docs/configuring-playbook-bridge-beeper-linkedin.md) | +| [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) | ❌ | Bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-appservice-irc.md) | +| [matrix-appservice-kakaotalk](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) | ❌ | Bridge to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) | [Link](docs/configuring-playbook-bridge-appservice-kakaotalk.md) | +| [matrix-appservice-discord](https://github.com/matrix-org/matrix-appservice-discord) | ❌ | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-appservice-discord.md) | +| [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) | ❌ | Bridge to [Slack](https://slack.com/) | [Link](docs/configuring-playbook-bridge-appservice-slack.md) | +| [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) | ❌ | Bridge for generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular | [Link](docs/configuring-playbook-bridge-hookshot.md) | +| [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) | ❌ | Bridge to SMS | [Link](docs/configuring-playbook-bridge-matrix-bridge-sms.md) | +| [matrix-wechat](https://github.com/duo/matrix-wechat) | ❌ | Bridge to [WeChat](https://www.wechat.com/) | [Link](docs/configuring-playbook-bridge-wechat.md) | +| [Heisenbridge](https://github.com/hifi/heisenbridge) | ❌ | Bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-heisenbridge.md) | +| [go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) | ❌ | Bridge to [Skype](https://www.skype.com) | [Link](docs/configuring-playbook-bridge-go-skype-bridge.md) | +| [mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack) | ❌ | Bridge to [Slack](https://slack.com) | [Link](docs/configuring-playbook-bridge-mx-puppet-slack.md) | +| [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) | ❌ | Bridge for Instagram-DMs ([Instagram](https://www.instagram.com/)) | [Link](docs/configuring-playbook-bridge-mx-puppet-instagram.md) | +| [mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) | ❌ | Bridge for Twitter-DMs ([Twitter](https://twitter.com/)) | [Link](docs/configuring-playbook-bridge-mx-puppet-twitter.md) | +| [mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord) | ❌ | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-discord.md) | +| [mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) | ❌ | Bridge to [GroupMe](https://groupme.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-groupme.md) | +| [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) | ❌ | Bridge to [Steam](https://steamapp.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-steam.md) | +| [Email2Matrix](https://github.com/devture/email2matrix) | ❌ | Bridge for relaying emails to Matrix rooms | [Link](docs/configuring-playbook-email2matrix.md) | +| [Postmoogle](https://github.com/etkecc/postmoogle) | ❌ | Email to Matrix bridge | [Link](docs/configuring-playbook-bridge-postmoogle.md) | ### Bots @@ -142,14 +142,14 @@ Bots provide various additional functionality to your installation. | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | -| [baibot](https://github.com/etkecc/baibot) | x | A bot that exposes the power of [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) to you | [Link](docs/configuring-playbook-bot-baibot.md) | -| [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) | x | Bot for scheduling one-off & recurring reminders and alarms | [Link](docs/configuring-playbook-bot-matrix-reminder-bot.md) | -| [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) | x | Bot for invitations by creating and managing registration tokens | [Link](docs/configuring-playbook-bot-matrix-registration-bot.md) | -| [maubot](https://github.com/maubot/maubot) | x | A plugin-based Matrix bot system | [Link](docs/configuring-playbook-bot-maubot.md) | -| [Honoroit](https://github.com/etkecc/honoroit) | x | A helpdesk bot | [Link](docs/configuring-playbook-bot-honoroit.md) | -| [Mjolnir](https://github.com/matrix-org/mjolnir) | x | A moderation tool for Matrix | [Link](docs/configuring-playbook-bot-mjolnir.md) | -| [Draupnir](https://github.com/the-draupnir-project/Draupnir) | x | A moderation tool for Matrix (Fork of Mjolnir) | [Link](docs/configuring-playbook-bot-draupnir.md) (for [appservice mode](docs/configuring-playbook-appservice-draupnir-for-all.md))| -| [Buscarron](https://github.com/etkecc/buscarron) | x | Web forms (HTTP POST) to Matrix | [Link](docs/configuring-playbook-bot-buscarron.md) | +| [baibot](https://github.com/etkecc/baibot) | ❌ | A bot that exposes the power of [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) to you | [Link](docs/configuring-playbook-bot-baibot.md) | +| [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) | ❌ | Bot for scheduling one-off & recurring reminders and alarms | [Link](docs/configuring-playbook-bot-matrix-reminder-bot.md) | +| [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) | ❌ | Bot for invitations by creating and managing registration tokens | [Link](docs/configuring-playbook-bot-matrix-registration-bot.md) | +| [maubot](https://github.com/maubot/maubot) | ❌ | A plugin-based Matrix bot system | [Link](docs/configuring-playbook-bot-maubot.md) | +| [Honoroit](https://github.com/etkecc/honoroit) | ❌ | A helpdesk bot | [Link](docs/configuring-playbook-bot-honoroit.md) | +| [Mjolnir](https://github.com/matrix-org/mjolnir) | ❌ | A moderation tool for Matrix | [Link](docs/configuring-playbook-bot-mjolnir.md) | +| [Draupnir](https://github.com/the-draupnir-project/Draupnir) | ❌ | A moderation tool for Matrix (Fork of Mjolnir) | [Link](docs/configuring-playbook-bot-draupnir.md) (for [appservice mode](docs/configuring-playbook-appservice-draupnir-for-all.md))| +| [Buscarron](https://github.com/etkecc/buscarron) | ❌ | Web forms (HTTP POST) to Matrix | [Link](docs/configuring-playbook-bot-buscarron.md) | ### Administration @@ -157,13 +157,13 @@ Services that help you in administrating and monitoring your Matrix installation | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | -| [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) | x | Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) client | [Link](docs/configuring-playbook-alertmanager-receiver.md) | -| [Matrix Authentication Service](https://github.com/element-hq/matrix-authentication-service/) | x | OAuth 2.0 and OpenID Provider server | [Link](docs/configuring-playbook-matrix-authentication-service.md) | -| [synapse-admin](https://github.com/etkecc/synapse-admin) | x | A web UI tool for administrating users and rooms on your Matrix server | [Link](docs/configuring-playbook-synapse-admin.md) | -| Metrics and Graphs | x | Consists of the [Prometheus](https://prometheus.io) time-series database server, the Prometheus [node-exporter](https://prometheus.io/docs/guides/node-exporter/) host metrics exporter, and the [Grafana](https://grafana.com/) web UI, with [prometheus-nginxlog-exporter](https://github.com/martin-helmich/prometheus-nginxlog-exporter/) being available too | [Link](docs/configuring-playbook-prometheus-grafana.md) (for [prometheus-nginxlog-exporter](docs/configuring-playbook-prometheus-nginxlog.md)) | -| [Borg](https://borgbackup.org) | x | Backups | [Link](docs/configuring-playbook-backup-borg.md) | -| [rageshake](https://github.com/matrix-org/rageshake) | x | Bug report server | [Link](docs/configuring-playbook-rageshake.md) | -| [synapse-usage-exporter](https://github.com/loelkes/synapse-usage-exporter) | x | Export the usage statistics of a Synapse homeserver to be scraped by Prometheus. | [Link](docs/configuring-playbook-synapse-usage-exporter.md) | +| [matrix-alertmanager-receiver](https://github.com/metio/matrix-alertmanager-receiver) | ❌ | Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) client | [Link](docs/configuring-playbook-alertmanager-receiver.md) | +| [Matrix Authentication Service](https://github.com/element-hq/matrix-authentication-service/) | ❌ | OAuth 2.0 and OpenID Provider server | [Link](docs/configuring-playbook-matrix-authentication-service.md) | +| [synapse-admin](https://github.com/etkecc/synapse-admin) | ❌ | A web UI tool for administrating users and rooms on your Matrix server | [Link](docs/configuring-playbook-synapse-admin.md) | +| Metrics and Graphs | ❌ | Consists of the [Prometheus](https://prometheus.io) time-series database server, the Prometheus [node-exporter](https://prometheus.io/docs/guides/node-exporter/) host metrics exporter, and the [Grafana](https://grafana.com/) web UI, with [prometheus-nginxlog-exporter](https://github.com/martin-helmich/prometheus-nginxlog-exporter/) being available too | [Link](docs/configuring-playbook-prometheus-grafana.md) (for [prometheus-nginxlog-exporter](docs/configuring-playbook-prometheus-nginxlog.md)) | +| [Borg](https://borgbackup.org) | ❌ | Backups | [Link](docs/configuring-playbook-backup-borg.md) | +| [rageshake](https://github.com/matrix-org/rageshake) | ❌ | Bug report server | [Link](docs/configuring-playbook-rageshake.md) | +| [synapse-usage-exporter](https://github.com/loelkes/synapse-usage-exporter) | ❌ | Export the usage statistics of a Synapse homeserver to be scraped by Prometheus. | [Link](docs/configuring-playbook-synapse-usage-exporter.md) | ### Misc @@ -171,26 +171,26 @@ Various services that don't fit any other categories. | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | -| [sliding-sync](https://github.com/matrix-org/sliding-sync)| x | (Superseded by Simplified Sliding Sync integrated into Synapse > `1.114` and Conduit > `0.6.0`) Sliding Sync support for clients which require it (e.g. old Element X versions before Simplified Sliding Sync was developed) | [Link](docs/configuring-playbook-sliding-sync-proxy.md) | -| [synapse_auto_accept_invite](https://github.com/matrix-org/synapse-auto-accept-invite) | x | A Synapse module to automatically accept invites. | [Link](docs/configuring-playbook-synapse-auto-accept-invite.md) | -| [synapse_auto_compressor](https://github.com/matrix-org/rust-synapse-compress-state/#automated-tool-synapse_auto_compressor) | x | A cli tool that automatically compresses `state_groups` database table in background. | [Link](docs/configuring-playbook-synapse-auto-compressor.md) | -| [Matrix Corporal](https://github.com/devture/matrix-corporal) (advanced) | x | Reconciliator and gateway for a managed Matrix server | [Link](docs/configuring-playbook-matrix-corporal.md) | -| [Etherpad](https://etherpad.org) | x | An open source collaborative text editor | [Link](docs/configuring-playbook-etherpad.md) | -| [Jitsi](https://jitsi.org/) | x | An open source video-conferencing platform | [Link](docs/configuring-playbook-jitsi.md) | -| [Cactus Comments](https://cactus.chat) | x | A federated comment system built on Matrix | [Link](docs/configuring-playbook-cactus-comments.md) | -| [Pantalaimon](https://github.com/matrix-org/pantalaimon) | x | An E2EE aware proxy daemon | [Link](docs/configuring-playbook-pantalaimon.md) | -| [Sygnal](https://github.com/matrix-org/sygnal) | x | Push gateway | [Link](docs/configuring-playbook-sygnal.md) | -| [ntfy](https://ntfy.sh) | x | Push notifications server | [Link](docs/configuring-playbook-ntfy.md) | +| [sliding-sync](https://github.com/matrix-org/sliding-sync)| ❌ | (Superseded by Simplified Sliding Sync integrated into Synapse > `1.114` and Conduit > `0.6.0`) Sliding Sync support for clients which require it (e.g. old Element X versions before Simplified Sliding Sync was developed) | [Link](docs/configuring-playbook-sliding-sync-proxy.md) | +| [synapse_auto_accept_invite](https://github.com/matrix-org/synapse-auto-accept-invite) | ❌ | A Synapse module to automatically accept invites. | [Link](docs/configuring-playbook-synapse-auto-accept-invite.md) | +| [synapse_auto_compressor](https://github.com/matrix-org/rust-synapse-compress-state/#automated-tool-synapse_auto_compressor) | ❌ | A cli tool that automatically compresses `state_groups` database table in background. | [Link](docs/configuring-playbook-synapse-auto-compressor.md) | +| [Matrix Corporal](https://github.com/devture/matrix-corporal) (advanced) | ❌ | Reconciliator and gateway for a managed Matrix server | [Link](docs/configuring-playbook-matrix-corporal.md) | +| [Etherpad](https://etherpad.org) | ❌ | An open source collaborative text editor | [Link](docs/configuring-playbook-etherpad.md) | +| [Jitsi](https://jitsi.org/) | ❌ | An open source video-conferencing platform | [Link](docs/configuring-playbook-jitsi.md) | +| [Cactus Comments](https://cactus.chat) | ❌ | A federated comment system built on Matrix | [Link](docs/configuring-playbook-cactus-comments.md) | +| [Pantalaimon](https://github.com/matrix-org/pantalaimon) | ❌ | An E2EE aware proxy daemon | [Link](docs/configuring-playbook-pantalaimon.md) | +| [Sygnal](https://github.com/matrix-org/sygnal) | ❌ | Push gateway | [Link](docs/configuring-playbook-sygnal.md) | +| [ntfy](https://ntfy.sh) | ❌ | Push notifications server | [Link](docs/configuring-playbook-ntfy.md) | -## Changes +## 🆕 Changes This playbook evolves over time, sometimes with backward-incompatible changes. When updating the playbook, refer to [the changelog](CHANGELOG.md) to catch up with what's new. -## Support +## 🆘 Support - Matrix room: [#matrix-docker-ansible-deploy:devture.com](https://matrix.to/#/#matrix-docker-ansible-deploy:devture.com) @@ -199,7 +199,7 @@ When updating the playbook, refer to [the changelog](CHANGELOG.md) to catch up w - GitHub issues: [spantaleev/matrix-docker-ansible-deploy/issues](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues) -## Related +## 🤝 Related You may also be interested in [mash-playbook](https://github.com/mother-of-all-self-hosting/mash-playbook) - another Ansible playbook for self-hosting non-Matrix services (see its [List of supported services](https://github.com/mother-of-all-self-hosting/mash-playbook/blob/main/docs/supported-services.md)). From 1da02aee3dbf4487b7ab06a567e333bf2b8b1e7f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 6 Nov 2024 11:08:07 +0000 Subject: [PATCH 306/404] Update dependency prometheus to v2.55.1-0 --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index ea3743462..5f8f9dbe1 100644 --- a/requirements.yml +++ b/requirements.yml @@ -49,7 +49,7 @@ version: v16-0 name: postgres_backup - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git - version: v2.54.1-1 + version: v2.55.1-0 name: prometheus - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-node-exporter.git version: v1.8.2-2 From fa2ba3e04cb8423434ca0484633752271bfa8165 Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Thu, 7 Nov 2024 09:47:31 +0200 Subject: [PATCH 307/404] Update aux role --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 5f8f9dbe1..b53b3793a 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,7 +1,7 @@ --- - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-aux.git - version: v1.0.0-3 + version: v1.0.0-4 name: auxiliary - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git version: v1.4.0-1.9.0-2 From fc2f09d1247fc200bf2db210a83d1aba9e4fcde6 Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Thu, 7 Nov 2024 10:56:24 +0200 Subject: [PATCH 308/404] another aux role update --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index b53b3793a..83a85adc0 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,7 +1,7 @@ --- - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-aux.git - version: v1.0.0-4 + version: v1.0.0-5 name: auxiliary - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git version: v1.4.0-1.9.0-2 From 95aaf76d0df0de0f812258275673dcc7ad96df36 Mon Sep 17 00:00:00 2001 From: Aine Date: Thu, 7 Nov 2024 11:08:40 +0200 Subject: [PATCH 309/404] add matrix_synapse_oembed_additional_providers var --- roles/custom/matrix-synapse/defaults/main.yml | 3 +++ .../custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 1 + 2 files changed, 4 insertions(+) diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index d6527b7a8..c6e2db9be 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -362,6 +362,9 @@ matrix_synapse_media_retention_local_media_lifetime: # should be empty to disable matrix_synapse_media_retention_remote_media_lifetime: +# Controls the list of additional oembed providers to be added to the homeserver. +matrix_synapse_oembed_additional_providers: [] + # The tmpfs at /tmp needs to be large enough to handle multiple concurrent file uploads. matrix_synapse_tmp_directory_size_mb: "{{ matrix_synapse_max_upload_size_mb * 50 }}" diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 89681142d..5a20fea4f 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1235,6 +1235,7 @@ oembed: # #additional_providers: # - oembed/my_providers.json + additional_providers: {{ matrix_synapse_oembed_additional_providers|to_json }} ## Captcha ## From 8308a91afaaefb578e8e694d82fabb4ea13fe404 Mon Sep 17 00:00:00 2001 From: Aine Date: Thu, 7 Nov 2024 13:05:09 +0200 Subject: [PATCH 310/404] synapse-admin v0.10.3-etke29 --- roles/custom/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index bd033e259..85c7007c7 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git" # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin -matrix_synapse_admin_version: v0.10.3-etke26 +matrix_synapse_admin_version: v0.10.3-etke29 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From b04b6587356e0d9be1b782538083c8ccce8eac51 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 7 Nov 2024 23:31:26 +0900 Subject: [PATCH 311/404] Add "Web" to Element and SchildiChat web application (#3755) * Replace "Element" with "Element Web" - If Element indicates the web application, then it is changed to Element Web. - If it indicates clients branded with Element such as Element desktop, web, mobile clients, then it is changed to Element clients. - If it is combined with location sharing functionality, it is not changed. with other some changes, including: - Change "app.element.io" anchor link to "https://github.com/element-hq/element-web" on README.md, following other documentation files Signed-off-by: Suguru Hirahara * Replace "SchildiChat" with "SchildiChat Web" - If SchildiChat indicates the web application, then it is changed to SchildiChat Web. - If it indicates clients branded with SchildiChat such as SchildiChat desktop, web, mobile clients, then it is changed to SchildiChat clients. - If it is combined with location sharing functionality, it is not changed. Signed-off-by: Suguru Hirahara * Rename configuring-playbook-client-schildichat.md to configuring-playbook-client-schildichat-web.md Signed-off-by: Suguru Hirahara * Rename configuring-playbook-client-element.md to configuring-playbook-client-element-web.md Signed-off-by: Suguru Hirahara --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara --- CHANGELOG.md | 22 +++++++------- README.md | 4 +-- YEAR-IN-REVIEW.md | 2 +- ...obtain_admin_access_token_element_web.png} | Bin docs/configuring-dns.md | 6 ++-- ...ng-playbook-appservice-draupnir-for-all.md | 6 ++-- docs/configuring-playbook-bot-draupnir.md | 2 +- docs/configuring-playbook-bot-maubot.md | 2 +- docs/configuring-playbook-bot-mjolnir.md | 2 +- ...guring-playbook-bridge-appservice-slack.md | 2 +- docs/configuring-playbook-client-cinny.md | 2 +- ...onfiguring-playbook-client-element-web.md} | 26 ++++++++-------- docs/configuring-playbook-client-hydrogen.md | 2 +- ...guring-playbook-client-schildichat-web.md} | 28 +++++++++--------- docs/configuring-playbook-conduit.md | 2 +- docs/configuring-playbook-dimension.md | 6 ++-- docs/configuring-playbook-etherpad.md | 4 +-- docs/configuring-playbook-jitsi.md | 6 ++-- ...-playbook-matrix-authentication-service.md | 4 +-- docs/configuring-playbook-ntfy.md | 6 ++-- docs/configuring-playbook-riot-web.md | 10 +++---- docs/configuring-playbook.md | 4 +-- docs/configuring-well-known.md | 4 +-- docs/container-images.md | 4 +-- docs/faq.md | 10 +++---- docs/installing.md | 2 +- docs/obtaining-access-tokens.md | 8 ++--- docs/registering-users.md | 2 +- docs/updating-users-passwords.md | 2 +- examples/reverse-proxies/apache/README.md | 2 +- .../apache/matrix-client-element.conf | 2 +- .../caddy2-in-container/README.md | 2 +- examples/reverse-proxies/nginx/README.md | 2 +- group_vars/matrix_servers | 2 +- roles/custom/matrix-base/defaults/main.yml | 4 +-- .../defaults/main.yml | 2 +- .../matrix-client-element/defaults/main.yml | 20 ++++++------- .../tasks/prepare_themes.yml | 14 ++++----- .../tasks/self_check.yml | 10 +++---- .../tasks/setup_install.yml | 16 +++++----- .../tasks/setup_uninstall.yml | 2 +- .../tasks/validate_config.yml | 4 +-- .../systemd/matrix-client-element.service.j2 | 2 +- .../defaults/main.yml | 24 +++++++-------- .../tasks/prepare_themes.yml | 14 ++++----- .../tasks/self_check.yml | 10 +++---- .../tasks/setup_install.yml | 16 +++++----- .../tasks/setup_uninstall.yml | 2 +- .../tasks/validate_config.yml | 6 ++-- .../matrix-client-schildichat.service.j2 | 2 +- .../matrix-dimension/templates/config.yaml.j2 | 2 +- .../matrix-static-files/defaults/main.yml | 14 ++++----- 52 files changed, 177 insertions(+), 177 deletions(-) rename docs/assets/{obtain_admin_access_token_element.png => obtain_admin_access_token_element_web.png} (100%) rename docs/{configuring-playbook-client-element.md => configuring-playbook-client-element-web.md} (74%) rename docs/{configuring-playbook-client-schildichat.md => configuring-playbook-client-schildichat-web.md} (71%) diff --git a/CHANGELOG.md b/CHANGELOG.md index bc6e2bf82..31c69ad74 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -731,7 +731,7 @@ Here are **actions you may wish to take** as a result of this change: - (recommended) embrace the new default. If your Matrix server is federating, your public rooms have always been joinable across federation anyway. Exposing the list of public rooms does no harm and more-so does good by contributing to the usefulness of the Matrix network by facilitating room discovery. -- (switch to a better way of doings things on your semi-private server) The problem that the Synapse team appears to have solved by flipping the `allow_public_rooms_over_federation` default in Synapse v1.7.0 seems to for "mostly private" servers, which federate and have a bunch of rooms made public (and published in their room directory) in an effort to allow people on the same homeserver to easily find and join them (self-onboarding). With the introduction of Matrix Spaces, you can reorganize your flow around spaces - you can auto-join your users to a Matrix Space (via Synapse's `auto_join_rooms` setting - controlled by our `matrix_synapse_auto_join_rooms` variable), then add a bunch of rooms to the space and make them joinable by people belonging to the space. That is to say, do not make rooms public and do not publish them to the room directory unless they are really public. Instead, use other mechanisms for semi-public rooms or private rooms. One alternative is to stick to what you're doing (public rooms published to your rooms directory) but having a `m.federate: true` flag set during creation (clients like Element have a nice UI checkbox for this) to explicitly disable federation for them. +- (switch to a better way of doings things on your semi-private server) The problem that the Synapse team appears to have solved by flipping the `allow_public_rooms_over_federation` default in Synapse v1.7.0 seems to for "mostly private" servers, which federate and have a bunch of rooms made public (and published in their room directory) in an effort to allow people on the same homeserver to easily find and join them (self-onboarding). With the introduction of Matrix Spaces, you can reorganize your flow around spaces - you can auto-join your users to a Matrix Space (via Synapse's `auto_join_rooms` setting - controlled by our `matrix_synapse_auto_join_rooms` variable), then add a bunch of rooms to the space and make them joinable by people belonging to the space. That is to say, do not make rooms public and do not publish them to the room directory unless they are really public. Instead, use other mechanisms for semi-public rooms or private rooms. One alternative is to stick to what you're doing (public rooms published to your rooms directory) but having a `m.federate: true` flag set during creation (clients like Element Web have a nice UI checkbox for this) to explicitly disable federation for them. - (keeping the old behavior) if you wish to keep doing what you're doing (keeping your Matrix server federating, but hiding its public rooms list), add `matrix_synapse_allow_public_rooms_over_federation: false` to your `vars.yml` configuration. This restores the old behavior. You may also consider [disabling federation](docs/configuring-playbook-federation.md#disabling-federation) completely instead of relying on security-by-obscurity measures. @@ -751,11 +751,11 @@ People who [enable load-balancing with Synapse workers](docs/configuring-playboo # 2023-08-31 -## SchildiChat support +## SchildiChat Web support -Thanks to [Aine](https://gitlab.com/etke.cc) of [etke.cc](https://etke.cc/), the playbook can now set up the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) client. +Thanks to [Aine](https://gitlab.com/etke.cc) of [etke.cc](https://etke.cc/), the playbook can now set up the [SchildiChat Web](https://github.com/SchildiChat/schildichat-desktop) client. -See our [Configuring SchildiChat](docs/configuring-playbook-client-schildichat.md) documentation to get started. +See our [Configuring SchildiChat Web](docs/configuring-playbook-client-schildichat-web.md) documentation to get started. # 2023-08-23 @@ -1826,9 +1826,9 @@ The playbook *could* correct these permissions automatically, but that requires The playbook no longer installs the [ma1sd](https://github.com/ma1uta/ma1sd) identity server by default. The next time you run the playbook, ma1sd will be uninstalled from your server, unless you explicitly enable the ma1sd service (see how below). -The main reason we used to install ma1sd by default in the past was to prevent Element from talking to the `matrix.org` / `vector.im` identity servers, by forcing it to talk to our own self-hosted (but otherwise useless) identity server instead, thus preventing contact list leaks. +The main reason we used to install ma1sd by default in the past was to prevent Element clients from talking to the `matrix.org` / `vector.im` identity servers, by forcing it to talk to our own self-hosted (but otherwise useless) identity server instead, thus preventing contact list leaks. -Since Element no longer defaults to using a public identity server if another one is not provided, we can stop installing ma1sd. +Since Element clients no longer default to using a public identity server if another one is not provided, we can stop installing ma1sd. If you need to install the ma1sd identity server for some reason, you can explicitly enable it by adding this to your `vars.yml` file: @@ -1917,7 +1917,7 @@ See our [Setting up Honoroit](docs/configuring-playbook-bot-honoroit.md) documen Thanks to [Aine](https://gitlab.com/etke.cc) of [etke.cc](https://etke.cc/), the playbook now supports [Cinny](https://cinny.in/) - a new simple, elegant and secure Matrix client. -By default, we still install Element. Still, people who'd like to try Cinny out can now install it via the playbook. +By default, we still install Element Web. Still, people who'd like to try Cinny out can now install it via the playbook. Additional details are available in [Setting up Cinny](docs/configuring-playbook-client-cinny.md). @@ -1989,7 +1989,7 @@ If you need to downgrade to the previous version, changing `matrix_sygnal_versio Thanks to [Aaron Raimist](https://github.com/aaronraimist), the playbook now supports [Hydrogen](https://github.com/vector-im/hydrogen-web) - a new lightweight Matrix client with legacy and mobile browser support. -By default, we still install Element, as Hydrogen is still not fully-featured. Still, people who'd like to try Hydrogen out can now install it via the playbook. +By default, we still install Element Web, as Hydrogen is still not fully-featured. Still, people who'd like to try Hydrogen out can now install it via the playbook. Additional details are available in [Setting up Hydrogen](docs/configuring-playbook-client-hydrogen.md). @@ -2427,9 +2427,9 @@ To learn more, follow our [Dynamic DNS docs page](docs/configuring-playbook-dyna Until now, we used to serve a static page coming from Synapse at `https://matrix.example.com/`. This page was not very useful to anyone. -Since `matrix.example.com` may be accessed by regular users in certain conditions, it's probably better to redirect them to a better place (e.g. to the [Element](docs/configuring-playbook-client-element.md) client). +Since `matrix.example.com` may be accessed by regular users in certain conditions, it's probably better to redirect them to a better place (e.g. to [Element Web](docs/configuring-playbook-client-element-web.md)). -If Element is installed (`matrix_client_element_enabled: true`, which it is by default), we now redirect people to it, instead of showing them a Synapse static page. +If Element Web is installed (`matrix_client_element_enabled: true`, which it is by default), we now redirect people to it, instead of showing them a Synapse static page. If you'd like to control where the redirect goes, use the `matrix_nginx_proxy_proxy_matrix_client_redirect_root_uri_to_domain` variable. To restore the old behavior of not redirecting anywhere and serving the Synapse static page, set it to an empty value (`matrix_nginx_proxy_proxy_matrix_client_redirect_root_uri_to_domain: ""`). @@ -2514,7 +2514,7 @@ As per the official announcement, [Riot has been rebraned to Element](https://el The playbook follows suit. Existing installations have a few options for how to handle this. -See our [Migrating to Element](docs/configuring-playbook-riot-web.md#migrating-to-element) documentation page for more details. +See our [Migrating to Element Web](docs/configuring-playbook-riot-web.md#migrating-to-element) documentation page for more details. # 2020-07-03 diff --git a/README.md b/README.md index cf5cd51ec..b1fcec35f 100644 --- a/README.md +++ b/README.md @@ -53,10 +53,10 @@ Web clients for Matrix that you can host on your own domains. | Name | Default? | Description | Documentation | | ---- | -------- | ----------- | ------------- | -| [Element](https://app.element.io/) | ✅ | Web UI, which is configured to connect to your own Synapse server by default | [Link](docs/configuring-playbook-client-element.md) | +| [Element Web](https://github.com/element-hq/element-web) | ✅ | Default Matrix web client, configured to connect to your own Synapse server | [Link](docs/configuring-playbook-client-element-web.md) | | [Hydrogen](https://github.com/element-hq/hydrogen-web) | ❌ | Lightweight Matrix client with legacy and mobile browser support | [Link](docs/configuring-playbook-client-hydrogen.md) | | [Cinny](https://github.com/ajbura/cinny) | ❌ | Simple, elegant and secure web client | [Link](docs/configuring-playbook-client-cinny.md) | -| [SchildiChat](https://schildi.chat/) | ❌ | Based on Element, with a more traditional instant messaging experience | [Link](docs/configuring-playbook-client-schildichat.md) | +| [SchildiChat Web](https://schildi.chat/) | ❌ | Based on Element Web, with a more traditional instant messaging experience | [Link](docs/configuring-playbook-client-schildichat-web.md) | diff --git a/YEAR-IN-REVIEW.md b/YEAR-IN-REVIEW.md index 3c756e81b..cf48fc095 100644 --- a/YEAR-IN-REVIEW.md +++ b/YEAR-IN-REVIEW.md @@ -37,7 +37,7 @@ A few other **major components and changes** landed in 2023: * (2023-03-07) [Sliding Sync proxy](https://github.com/matrix-org/sliding-sync) (currently a necessary component for [Element X](https://element.io/labs/element-x) to work), thanks to: [Benjamin Kampmann](https://github.com/gnunicorn) and [FSG-Cat](https://github.com/FSG-Cat) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#sliding-sync-proxy-element-x-support)) * (2023-03-12) synapse-auto-compressor to periodically and automatically run [rust-synapse-compress-state](https://github.com/matrix-org/rust-synapse-compress-state), thanks to a PR by [Aine](https://gitlab.com/etke.cc) from [etke.cc](https://etke.cc/) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#synapse-auto-compressor-support)) * (2023-07-17) [matrix-media-repo](https://github.com/turt2live/matrix-media-repo),  thanks to a PR by [Michael Hollister](https://github.com/Michael-Hollister) from [FUTO](https://www.futo.org/), the creators of the [Circles app](https://circu.li/) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#matrix-media-repo-support)) -* (2023-08-31) [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) client app (fork of [element-web)](https://github.com/element-hq/element-web), thanks to a PR by [Aine](https://gitlab.com/etke.cc) from [etke.cc](https://etke.cc/) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#schildichat-support)) +* (2023-08-31) [SchildiChat Web](https://github.com/SchildiChat/schildichat-desktop) client app (fork of [Element Web)](https://github.com/element-hq/element-web), thanks to a PR by [Aine](https://gitlab.com/etke.cc) from [etke.cc](https://etke.cc/) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#schildichat-support)) * (2023-10-18) Postgres parameters auto-tuning, thanks to a PR by [Aine](https://gitlab.com/etke.cc) from [etke.cc](https://etke.cc/) (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#postgres-parameters-are-automatically-tuned-now)) * (2023-10-23) Enabling federation of the room directory for Synapse (see the [changelog entry](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/850078b7e37401ce91a0f9b686f60b945f6c3a96/CHANGELOG.md#enabling-allow_public_rooms_over_federation-by-default-for-synapse)) diff --git a/docs/assets/obtain_admin_access_token_element.png b/docs/assets/obtain_admin_access_token_element_web.png similarity index 100% rename from docs/assets/obtain_admin_access_token_element.png rename to docs/assets/obtain_admin_access_token_element_web.png diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 57f8ab366..203590c97 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -40,7 +40,7 @@ If you are using Cloudflare DNS, make sure to disable the proxy and set all reco | [Etherpad](configuring-playbook-etherpad.md) collaborative text editor | CNAME | `etherpad` | - | - | - | `matrix.example.com` | | [Hydrogen](configuring-playbook-client-hydrogen.md) web client | CNAME | `hydrogen` | - | - | - | `matrix.example.com` | | [Cinny](configuring-playbook-client-cinny.md) web client | CNAME | `cinny` | - | - | - | `matrix.example.com` | -| [SchildiChat](configuring-playbook-client-schildichat.md) web client | CNAME | `schildichat` | - | - | - | `matrix.example.com` | +| [SchildiChat Web](configuring-playbook-client-schildichat-web.md) client | CNAME | `schildichat` | - | - | - | `matrix.example.com` | | [wsproxy](configuring-playbook-bridge-mautrix-wsproxy.md) sms bridge | CNAME | `wsproxy` | - | - | - | `matrix.example.com` | | [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.example.com` | | [rageshake](docs/configuring-playbook-rageshake.md) bug report server | CNAME | `rageshake` | - | - | - | `matrix.example.com` | @@ -55,7 +55,7 @@ When setting up a SRV record, if you are asked for a service and protocol instea As the table above illustrates, you need to create 2 subdomains (`matrix.example.com` and `element.example.com`) and point both of them to your new server's IP address (DNS `A` record or `CNAME` record is fine). -The `element.example.com` subdomain may be necessary, because this playbook installs the [Element](https://github.com/element-hq/element-web) web client for you. If you'd rather instruct the playbook not to install Element (`matrix_client_element_enabled: false` when [Configuring the playbook](configuring-playbook.md) later), feel free to skip the `element.example.com` DNS record. +The `element.example.com` subdomain may be necessary, because this playbook installs the [Element Web](https://github.com/element-hq/element-web) client for you. If you'd rather instruct the playbook not to install Element Web (`matrix_client_element_enabled: false` when [Configuring the playbook](configuring-playbook.md) later), feel free to skip the `element.example.com` DNS record. The `dimension.example.com` subdomain may be necessary, because this playbook could install the [Dimension integration manager](http://dimension.t2bot.io/) for you. The installation of Dimension is disabled by default, because it's only possible to install it after the other Matrix services are working (see [Setting up Dimension integration manager](configuring-playbook-dimension.md) later). If you do not wish to set up Dimension, feel free to skip the `dimension.example.com` DNS record. @@ -75,7 +75,7 @@ The `hydrogen.example.com` subdomain may be necessary, because this playbook cou The `cinny.example.com` subdomain may be necessary, because this playbook could install the [Cinny](https://github.com/ajbura/cinny) web client. The installation of Cinny is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Cinny guide](configuring-playbook-client-cinny.md). If you do not wish to set up Cinny, feel free to skip the `cinny.example.com` DNS record. -The `schildichat.example.com` subdomain may be necessary, because this playbook could install the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) web client. The installation of SchildiChat is disabled by default, it is not a core required component. To learn how to install it, see our [configuring SchildiChat guide](configuring-playbook-client-schildichat.md). If you do not wish to set up SchildiChat, feel free to skip the `schildichat.example.com` DNS record. +The `schildichat.example.com` subdomain may be necessary, because this playbook could install the [SchildiChat Web](https://github.com/SchildiChat/schildichat-desktop) client. The installation of SchildiChat Web is disabled by default, it is not a core required component. To learn how to install it, see our [configuring SchildiChat Web guide](configuring-playbook-client-schildichat-web.md). If you do not wish to set up SchildiChat Web, feel free to skip the `schildichat.example.com` DNS record. The `wsproxy.example.com` subdomain may be necessary, because this playbook could install the [wsproxy](https://github.com/mautrix/wsproxy) web client. The installation of wsproxy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring wsproxy guide](configuring-playbook-bridge-mautrix-wsproxy.md). If you do not wish to set up wsproxy, feel free to skip the `wsproxy.example.com` DNS record. diff --git a/docs/configuring-playbook-appservice-draupnir-for-all.md b/docs/configuring-playbook-appservice-draupnir-for-all.md index 59b60e9d5..862bf3dd7 100644 --- a/docs/configuring-playbook-appservice-draupnir-for-all.md +++ b/docs/configuring-playbook-appservice-draupnir-for-all.md @@ -13,7 +13,7 @@ Draupnir for all is the way to go if you need more than 1 Draupnir instance, but Draupnir for all in the playbook is rate-limit-exempt automatically as its appservice configuration file does not specify any rate limits. -Normal Draupnir does come with the benefit of access to Synapse Admin features. You are also able to more easily customise your normal Draupnir than D4A as D4A even on the branch with the Avatar command (To be Upstreamed to Mainline Draupnir) that command is clunky as it requires the use of things like Element devtools. In normal Draupnir this is a quick operation where you login to Draupnir with a normal client and set Avatar and Display name normally. +Normal Draupnir does come with the benefit of access to Synapse Admin features. You are also able to more easily customise your normal Draupnir than D4A as D4A even on the branch with the Avatar command (To be Upstreamed to Mainline Draupnir) that command is clunky as it requires the use of things like Element Web devtools. In normal Draupnir this is a quick operation where you login to Draupnir with a normal client and set Avatar and Display name normally. Draupnir for all does not support external tooling like [MRU](https://mru.rory.gay) as it can't access Draupnir's user account. @@ -26,7 +26,7 @@ The playbook does not create a management room for your Main Draupnir. This task The management room has to be given an alias and be public when you are setting up the bot for the first time as the bot does not differentiate between invites and invites to the management room. -This management room is used to control who has access to your D4A deployment. The room stores this data inside of the control room state so your bot must have sufficient powerlevel to send custom state events. This is default 50 or moderator as Element calls this powerlevel. +This management room is used to control who has access to your D4A deployment. The room stores this data inside of the control room state so your bot must have sufficient powerlevel to send custom state events. This is default 50 or moderator as Element clients call this powerlevel. As noted in the Draupnir install instructions the control room is sensitive. The following is said about the control room in the Draupnir install instructions. >Anyone in this room can control the bot so it is important that you only invite trusted users to this room. The room must be unencrypted since the playbook does not support installing Pantalaimon yet. @@ -72,7 +72,7 @@ To allow users or whole homeservers you type /plain @draupnir-main:example.com a ### 2. How to provision a D4A once you are allowed to. -Open a DM with @draupnir-main:example.com and if using Element send a message into this DM to finalise creating it. The bot will reject this invite and you will shortly get invited to the Draupnir control room for your newly provisioned Draupnir. From here its just a normal Draupnir experience. +Open a DM with @draupnir-main:example.com and if using an Element client send a message into this DM to finalise creating it. The bot will reject this invite and you will shortly get invited to the Draupnir control room for your newly provisioned Draupnir. From here its just a normal Draupnir experience. Congratulations if you made it all the way here because you now have a fully working Draupnir for all deployment. diff --git a/docs/configuring-playbook-bot-draupnir.md b/docs/configuring-playbook-bot-draupnir.md index 533fcc706..837e8230a 100644 --- a/docs/configuring-playbook-bot-draupnir.md +++ b/docs/configuring-playbook-bot-draupnir.md @@ -47,7 +47,7 @@ Using your own account, create a new invite only room that you will use to manag If you make the management room encrypted (E2EE), then you MUST enable and use Pantalaimon (see below). -Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!qporfwt:example.com`. +Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element Web you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!qporfwt:example.com`. Finally invite the `@bot.draupnir:example.com` account you created earlier into the room. diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index 31714e38a..05320d7bb 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -68,4 +68,4 @@ You should start in the following order This can be done via `mbc login` then `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). To run these commands, you'll first need to `exec` into the maubot container with `docker exec -it matrix-bot-maubot sh`. -Alternatively, you can follow our generic [obtain an access token](obtaining-access-tokens.md) documentation. Be aware that you'd better use the **Obtain an access token via curl** method (not **Obtain an access token via Element**) as the latter will give your bot issues in encrypted rooms. Read [more](https://docs.mau.fi/maubot/usage/basic.html#creating-clients). +Alternatively, you can follow our generic [obtain an access token](obtaining-access-tokens.md) documentation. Be aware that you'd better use the **Obtain an access token via curl** method (not **Obtain an access token via Element Web**) as the latter will give your bot issues in encrypted rooms. Read [more](https://docs.mau.fi/maubot/usage/basic.html#creating-clients). diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index be2e6060e..28a1a5b3a 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -41,7 +41,7 @@ Using your own account, create a new invite only room that you will use to manag If you make the management room encrypted (E2EE), then you MUST enable and use Pantalaimon (see below). -Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!qporfwt:example.com`. +Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element Web you can do this by going to the room's settings, clicking Advanced, and then copying the internal room ID. The room ID will look something like `!qporfwt:example.com`. Finally invite the `@bot.mjolnir:example.com` account you created earlier into the room. diff --git a/docs/configuring-playbook-bridge-appservice-slack.md b/docs/configuring-playbook-bridge-appservice-slack.md index 30bdedf1d..af6d896d6 100644 --- a/docs/configuring-playbook-bridge-appservice-slack.md +++ b/docs/configuring-playbook-bridge-appservice-slack.md @@ -12,7 +12,7 @@ See the project's [documentation](https://github.com/matrix-org/matrix-appservic loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Setup) -1. Create a new Matrix room to act as the administration control room. Note its internal room ID. This can be done in Element by sending a message, opening the options for that message and choosing "view source". The room ID will be displayed near the top. +1. Create a new Matrix room to act as the administration control room. Note its internal room ID. This can be done in Element Web by sending a message, opening the options for that message and choosing "view source". The room ID will be displayed near the top. 2. Enable the bridge by adding the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: diff --git a/docs/configuring-playbook-client-cinny.md b/docs/configuring-playbook-client-cinny.md index b24c72474..7badf52d6 100644 --- a/docs/configuring-playbook-client-cinny.md +++ b/docs/configuring-playbook-client-cinny.md @@ -2,7 +2,7 @@ This playbook can install the [Cinny](https://github.com/ajbura/cinny) Matrix web client for you. -Cinny is a web client focusing primarily on simple, elegant and secure interface. It can be installed alongside or instead of Element. +Cinny is a web client focusing primarily on simple, elegant and secure interface. It can be installed alongside or instead of Element Web. ## Adjusting the playbook configuration diff --git a/docs/configuring-playbook-client-element.md b/docs/configuring-playbook-client-element-web.md similarity index 74% rename from docs/configuring-playbook-client-element.md rename to docs/configuring-playbook-client-element-web.md index c0f7c348c..2065aa738 100644 --- a/docs/configuring-playbook-client-element.md +++ b/docs/configuring-playbook-client-element-web.md @@ -1,11 +1,11 @@ -# Configuring Element (optional) +# Configuring Element Web (optional) -By default, this playbook installs the [Element](https://github.com/element-hq/element-web) Matrix web client for you. If that's okay, you can skip this document. +By default, this playbook installs the [Element Web](https://github.com/element-hq/element-web) Matrix client for you. If that's okay, you can skip this document. -## Disabling Element +## Disabling Element Web -If you'd like for the playbook to not install Element (or to uninstall it if it was previously installed), add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +If you'd like for the playbook to not install Element Web (or to uninstall it if it was previously installed), add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_client_element_enabled: false @@ -14,15 +14,15 @@ matrix_client_element_enabled: false ## Adjusting the playbook configuration -The playbook provides some customization variables you could use to change Element's settings. +The playbook provides some customization variables you could use to change Element Web's settings. Their defaults are defined in [`roles/custom/matrix-client-element/defaults/main.yml`](../roles/custom/matrix-client-element/defaults/main.yml) and they ultimately end up in the generated `/matrix/element/config.json` file (on the server). This file is generated from the [`roles/custom/matrix-client-element/templates/config.json.j2`](../roles/custom/matrix-client-element/templates/config.json.j2) template. **If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`) and [re-run the playbook](installing.md) to apply the changes. -Alternatively, **if there is no pre-defined variable** for an Element setting you wish to change: +Alternatively, **if there is no pre-defined variable** for an Element Web setting you wish to change: -- you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of Element's various settings that rarely get used. +- you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of Element Web's various settings that rarely get used. - or, you can **extend and override the default configuration** ([`config.json.j2`](../roles/custom/matrix-client-element/templates/config.json.j2)) by making use of the `matrix_client_element_configuration_extension_json_` variable. You can find information about this in [`roles/custom/matrix-client-element/defaults/main.yml`](../roles/custom/matrix-client-element/defaults/main.yml). @@ -31,17 +31,17 @@ Alternatively, **if there is no pre-defined variable** for an Element setting yo ### Themes -To change the look of Element, you can define your own themes manually by using the `matrix_client_element_setting_defaults_custom_themes` setting. +To change the look of Element Web, you can define your own themes manually by using the `matrix_client_element_setting_defaults_custom_themes` setting. Or better yet, you can automatically pull it all themes provided by the [aaronraimist/element-themes](https://github.com/aaronraimist/element-themes) project by simply flipping a flag (`matrix_client_element_themes_enabled: true`). If you make your own theme, we encourage you to submit it to the **aaronraimist/element-themes** project, so that the whole community could easily enjoy it. -Note that for a custom theme to work well, all Element instances that you use must have the same theme installed. +Note that for a custom theme to work well, all Element Web instances that you use must have the same theme installed. -### Adjusting the Element URL +### Adjusting the Element Web URL -By default, this playbook installs Element on the `element.` subdomain (`element.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). +By default, this playbook installs Element Web on the `element.` subdomain (`element.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). By tweaking the `matrix_client_element_hostname` and `matrix_client_element_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. @@ -49,7 +49,7 @@ Example additional configuration for your `inventory/host_vars/matrix.example.co ```yaml # Switch to the domain used for Matrix services (`matrix.example.com`), -# so we won't need to add additional DNS records for Element. +# so we won't need to add additional DNS records for Element Web. matrix_client_element_hostname: "{{ matrix_server_fqn_matrix }}" # Expose under the /element subpath @@ -58,7 +58,7 @@ matrix_client_element_path_prefix: /element ## Adjusting DNS records -Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Element domain to the Matrix server. +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the Element Web domain to the Matrix server. By default, you will need to create a CNAME record for `element`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. diff --git a/docs/configuring-playbook-client-hydrogen.md b/docs/configuring-playbook-client-hydrogen.md index 6c4570acd..1715c9804 100644 --- a/docs/configuring-playbook-client-hydrogen.md +++ b/docs/configuring-playbook-client-hydrogen.md @@ -2,7 +2,7 @@ This playbook can install the [Hydrogen](https://github.com/element-hq/hydrogen-web) Matrix web client for you. -Hydrogen is a lightweight web client that supports mobile and legacy web browsers. It can be installed alongside or instead of Element. +Hydrogen is a lightweight web client that supports mobile and legacy web browsers. It can be installed alongside or instead of Element Web. ## Adjusting the playbook configuration diff --git a/docs/configuring-playbook-client-schildichat.md b/docs/configuring-playbook-client-schildichat-web.md similarity index 71% rename from docs/configuring-playbook-client-schildichat.md rename to docs/configuring-playbook-client-schildichat-web.md index acaa0dd35..77c231fce 100644 --- a/docs/configuring-playbook-client-schildichat.md +++ b/docs/configuring-playbook-client-schildichat-web.md @@ -1,28 +1,28 @@ -# Setting up SchildiChat (optional) +# Setting up SchildiChat Web (optional) -This playbook can install the [SchildiChat](https://github.com/SchildiChat/schildichat-desktop) Matrix web client for you. +This playbook can install the [SchildiChat Web](https://github.com/SchildiChat/schildichat-desktop) Matrix client for you. -SchildiChat is a feature-rich messenger for Matrix based on Element with some extras and tweaks. It can be installed alongside or instead of Element. +SchildiChat Web is a feature-rich messenger for Matrix based on Element Web with some extras and tweaks. It can be installed alongside or instead of Element Web. -**WARNING**: SchildiChat Web is based on Element-web, but its releases are lagging behind. As an example (from 2024-02-26), SchildiChat Web is 22 releases behind (it being based on element-web `v1.11.36`, while element-web is now on `v1.11.58`). Element-web frequently suffers from security issues, so running something based on an ancient Element-web release is **dangerous**. Use SchildiChat Web at your own risk! +**WARNING**: SchildiChat Web is based on Element Web, but its releases are lagging behind. As an example (from 2024-02-26), SchildiChat Web is 22 releases behind (it being based on Element Web `v1.11.36`, while Element Web is now on `v1.11.58`). Element Web frequently suffers from security issues, so running something based on an ancient Element Web release is **dangerous**. Use SchildiChat Web at your own risk! ## Adjusting the playbook configuration -To enable SchildiChat, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To enable SchildiChat Web, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_client_schildichat_enabled: true ``` -The playbook provides some customization variables you could use to change SchildiChat's settings. +The playbook provides some customization variables you could use to change SchildiChat Web's settings. Their defaults are defined in [`roles/custom/matrix-client-schildichat/defaults/main.yml`](../roles/custom/matrix-client-schildichat/defaults/main.yml) and they ultimately end up in the generated `/matrix/schildichat/config.json` file (on the server). This file is generated from the [`roles/custom/matrix-client-schildichat/templates/config.json.j2`](../roles/custom/matrix-client-schildichat/templates/config.json.j2) template. **If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`) and [re-run the playbook](installing.md) to apply the changes. -Alternatively, **if there is no pre-defined variable** for a SchildiChat setting you wish to change: +Alternatively, **if there is no pre-defined variable** for a SchildiChat Web setting you wish to change: -- you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of SchildiChat's various settings that rarely get used. +- you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of SchildiChat Web's various settings that rarely get used. - or, you can **extend and override the default configuration** ([`config.json.j2`](../roles/custom/matrix-client-schildichat/templates/config.json.j2)) by making use of the `matrix_client_schildichat_configuration_extension_json_` variable. You can find information about this in [`roles/custom/matrix-client-schildichat/defaults/main.yml`](../roles/custom/matrix-client-schildichat/defaults/main.yml). @@ -30,17 +30,17 @@ Alternatively, **if there is no pre-defined variable** for a SchildiChat setting ### Themes -To change the look of SchildiChat, you can define your own themes manually by using the `matrix_client_schildichat_setting_defaults_custom_themes` setting. +To change the look of SchildiChat Web, you can define your own themes manually by using the `matrix_client_schildichat_setting_defaults_custom_themes` setting. Or better yet, you can automatically pull it all themes provided by the [aaronraimist/element-themes](https://github.com/aaronraimist/element-themes) project by simply flipping a flag (`matrix_client_schildichat_themes_enabled: true`). If you make your own theme, we encourage you to submit it to the **aaronraimist/element-themes** project, so that the whole community could easily enjoy it. -Note that for a custom theme to work well, all SchildiChat instances that you use must have the same theme installed. +Note that for a custom theme to work well, all SchildiChat Web instances that you use must have the same theme installed. -### Adjusting the SchildiChat URL +### Adjusting the SchildiChat Web URL -By default, this playbook installs SchildiChat on the `schildichat.` subdomain (`schildichat.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). +By default, this playbook installs SchildiChat Web on the `schildichat.` subdomain (`schildichat.example.com`) and requires you to [adjust your DNS records](#adjusting-dns-records). By tweaking the `matrix_client_schildichat_hostname` and `matrix_client_schildichat_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. @@ -48,7 +48,7 @@ Example additional configuration for your `inventory/host_vars/matrix.example.co ```yaml # Switch to the domain used for Matrix services (`matrix.example.com`), -# so we won't need to add additional DNS records for SchildiChat. +# so we won't need to add additional DNS records for SchildiChat Web. matrix_client_schildichat_hostname: "{{ matrix_server_fqn_matrix }}" # Expose under the /schildichat subpath @@ -57,7 +57,7 @@ matrix_client_schildichat_path_prefix: /schildichat ## Adjusting DNS records -Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the SchildiChat domain to the Matrix server. +Once you've decided on the domain and path, **you may need to adjust your DNS** records to point the SchildiChat Web domain to the Matrix server. By default, you will need to create a CNAME record for `schildichat`. See [Configuring DNS](configuring-dns.md) for details about DNS changes. diff --git a/docs/configuring-playbook-conduit.md b/docs/configuring-playbook-conduit.md index 3707e7fe4..909c1ce0e 100644 --- a/docs/configuring-playbook-conduit.md +++ b/docs/configuring-playbook-conduit.md @@ -22,7 +22,7 @@ Since it is difficult to create the first user account on Conduit (see [famedly/ 1. Add `matrix_conduit_allow_registration: true` to your `vars.yml` the first time around, temporarily 2. Run the playbook (`ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` - see [Installing](installing.md)) -3. Create your first user via Element or any other client which supports creating users +3. Create your first user via Element Web or any other client which supports creating users 4. Get rid of `matrix_conduit_allow_registration: true` from your `vars.yml` 5. Run the playbook again (`ansible-playbook -i inventory/hosts setup.yml --tags=setup-conduit,start` would be enough this time) 6. You can now use your server safely. Additional users can be created by messaging the internal Conduit bot diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index aa18edfa3..06abd3097 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -24,7 +24,7 @@ matrix_dimension_admins: - "@user2:{{ matrix_domain }}" ``` -The admin interface is accessible within Element by accessing it in any room and clicking the cog wheel/settings icon in the top right. Currently, Dimension can be opened in Element by the "Add widgets, bridges, & bots" link in the room information. +The admin interface is accessible within Element Web by accessing it in any room and clicking the cog wheel/settings icon in the top right. Currently, Dimension can be opened in Element Web by the "Add widgets, bridges, & bots" link in the room information. ### Access token @@ -75,14 +75,14 @@ After configuring the playbook and potentially [adjusting your DNS records](#adj ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ``` -After Dimension has been installed you may need to log out and log back in for it to pick up the new integration manager. Then you can access integrations in Element by opening a room, clicking the Room info button (`i`) button in the top right corner of the screen, and then clicking Add widgets, bridges & bots. +After Dimension has been installed you may need to log out and log back in for it to pick up the new integration manager. Then you can access integrations in Element Web by opening a room, clicking the Room info button (`i`) button in the top right corner of the screen, and then clicking Add widgets, bridges & bots. ## Jitsi domain By default Dimension will use [jitsi.riot.im](https://jitsi.riot.im/) as the `conferenceDomain` of [Jitsi](https://jitsi.org/) audio/video conference widgets. For users running [a self-hosted Jitsi instance](./configuring-playbook-jitsi.md), you will likely want the widget to use your own Jitsi instance. Currently there is no way to configure this via the playbook, see [this issue](https://github.com/turt2live/matrix-dimension/issues/345) for details. -In the interim until the above limitation is resolved, an admin user needs to configure the domain via the admin ui once dimension is running. In Element, go to *Manage Integrations* → *Settings* → *Widgets* → *Jitsi Conference Settings* and set *Jitsi Domain* and *Jitsi Script URL* appropriately. +In the interim until the above limitation is resolved, an admin user needs to configure the domain via the admin ui once dimension is running. In Element Web, go to *Manage Integrations* → *Settings* → *Widgets* → *Jitsi Conference Settings* and set *Jitsi Domain* and *Jitsi Script URL* appropriately. ## Additional features diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index ea758afec..c32b60dda 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -62,7 +62,7 @@ Then from the plugin manager page (`https://etherpad.example.com/admin/plugins`, ### How to use Etherpad widgets without an integration manager (like Dimension) -This is how it works in Element, it might work quite similar with other clients: +This is how it works in Element Web, it might work quite similar with other clients: To integrate a standalone Etherpad in a room, create your pad by visiting `https://etherpad.example.com`. When the pad opens, copy the URL and send a command like this to the room: `/addwidget URL`. You will then find your integrated Etherpad within the right sidebar in the `Widgets` section. @@ -71,7 +71,7 @@ To integrate a standalone Etherpad in a room, create your pad by visiting `https If you decided to install [Dimension integration manager](configuring-playbook-dimension.md) alongside Etherpad, the Dimension administrator users can configure the default URL template. -The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. +The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element Web. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. #### Removing the integrated Etherpad chat diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 48f362443..19225bfe9 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -1,6 +1,6 @@ # Setting up the Jitsi video-conferencing platform (optional) -The playbook can install the [Jitsi](https://jitsi.org/) video-conferencing platform and integrate it with [Element](configuring-playbook-client-element.md). +The playbook can install the [Jitsi](https://jitsi.org/) video-conferencing platform and integrate it with Element clients ([Element Web](configuring-playbook-client-element-web.md)/Desktop, Android and iOS). Jitsi installation is **not enabled by default**, because it's not a core component of Matrix services. @@ -257,7 +257,7 @@ traefik_provider_configuration_extension_yaml: | ## (Optional) Enable Gravatar -In the default Jisti Meet configuration, gravatar.com is enabled as an avatar service. This results in third party request leaking data to gravatar. Since element already sends the url of configured Matrix avatars to Jitsi, we disabled gravatar. +In the default Jisti Meet configuration, gravatar.com is enabled as an avatar service. This results in third party request leaking data to gravatar. Since Element clients already send the url of configured Matrix avatars to Jitsi, we disabled gravatar. To enable Gravatar set: @@ -279,7 +279,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start You can use the self-hosted Jitsi server in multiple ways: -- **by adding a widget to a room via Element** (the one configured by the playbook at `https://element.example.com`). Just start a voice or a video call in a room containing more than 2 members and that would create a Jitsi widget which utilizes your self-hosted Jitsi server. +- **by adding a widget to a room via Element Web** (the one configured by the playbook at `https://element.example.com`). Just start a voice or a video call in a room containing more than 2 members and that would create a Jitsi widget which utilizes your self-hosted Jitsi server. - **by adding a widget to a room via the Dimension integration manager**. You'll have to point the widget to your own Jitsi server manually. See our [Dimension integration manager](./configuring-playbook-dimension.md) documentation page for more details. Naturally, Dimension would need to be installed first (the playbook doesn't install it by default). diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index 570f316da..73b6f1e85 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -76,9 +76,9 @@ This section details what you can expect when switching to the Matrix Authentica - ✅ Your **existing login sessions will continue to work** (you won't get logged out). Migration will require a bit of manual work and minutes of downtime, but it's not too bad. -- ✅ Various clients ([Cinny](./configuring-playbook-client-cinny.md), [Element-web](./configuring-playbook-client-element.md), Element X, FluffyChat) will be able to use the **new SSO-based login flow** provided by Matrix Authentication Service +- ✅ Various clients ([Cinny](./configuring-playbook-client-cinny.md), [Element Web](./configuring-playbook-client-element-web.md), Element X, FluffyChat) will be able to use the **new SSO-based login flow** provided by Matrix Authentication Service -- ✅ The **old login flow** (called `m.login.password`) **will still continue to work**, so clients (old Element, etc.) and bridges/bots that don't support the new OIDC-based login flow will still work. Going through the old login flow does not require users to have a verified email address, as [is the case](https://github.com/element-hq/matrix-authentication-service/issues/1505) for the new SSO-based login flow. +- ✅ The **old login flow** (called `m.login.password`) **will still continue to work**, so clients (old Element Web, etc.) and bridges/bots that don't support the new OIDC-based login flow will still work. Going through the old login flow does not require users to have a verified email address, as [is the case](https://github.com/element-hq/matrix-authentication-service/issues/1505) for the new SSO-based login flow. - ✅ [Registering users](./registering-users.md) via **the playbook's `register-user` tag remains unchanged**. The playbook automatically does the right thing regardless of homeserver implementation (Synapse, Dendrite, etc.) and whether MAS is enabled or not. When MAS is enabled, the playbook will forward user-registration requests to MAS. Registering users via the command-line is no longer done via the `/matrix/synapse/bin/register` script, but via `/matrix/matrix-authentication-service/bin/register-user`. diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index 27671cd68..abd10feed 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -109,10 +109,10 @@ First check that the Matrix client app you are using supports UnifiedPush. There Set the ntfy server's log level to 'DEBUG', as shown in the example settings above, and watch the server's logs with `sudo journalctl -fu matrix-ntfy`. -To check if UnifiedPush is correctly configured on the client device, look at "Settings -> Notifications -> Notification Targets" in Element-Android or SchildiChat, or "Settings -> Notifications -> Devices" in FluffyChat. There should be one entry for each Matrix client app that has enabled push notifications, and when that client is using UnifiedPush you should see a URL that begins with your ntfy server's URL. +To check if UnifiedPush is correctly configured on the client device, look at "Settings -> Notifications -> Notification Targets" in Element Android or SchildiChat Android, or "Settings -> Notifications -> Devices" in FluffyChat. There should be one entry for each Matrix client app that has enabled push notifications, and when that client is using UnifiedPush you should see a URL that begins with your ntfy server's URL. -In the "Notification Targets" screen in Element-Android or SchildiChat, two relevant URLs are shown, "push\_key" and "Url", and both should begin with your ntfy server's URL. If "push\_key" shows your server but "Url" shows an external server such as `up.schildi.chat` then push notifications will still work but are being routed through that external server before they reach your ntfy server. To rectify that, in SchildiChat (at least around version 1.4.20.sc55) you must enable the `Force custom push gateway` setting as described in the "Usage" section above. +In the "Notification Targets" screen in Element Android or SchildiChat Android, two relevant URLs are shown, "push\_key" and "Url", and both should begin with your ntfy server's URL. If "push\_key" shows your server but "Url" shows an external server such as `up.schildi.chat` then push notifications will still work but are being routed through that external server before they reach your ntfy server. To rectify that, in SchildiChat (at least around version 1.4.20.sc55) you must enable the `Force custom push gateway` setting as described in the "Usage" section above. -If it is not working, useful tools are "Settings -> Notifications -> Re-register push distributor" and "Settings -> Notifications -> Troubleshoot Notifications" in SchildiChat (possibly also Element-Android). In particular the "Endpoint/FCM" step of that troubleshooter should display your ntfy server's URL that it has discovered from the ntfy client app. +If it is not working, useful tools are "Settings -> Notifications -> Re-register push distributor" and "Settings -> Notifications -> Troubleshoot Notifications" in SchildiChat Android (possibly also Element Android). In particular the "Endpoint/FCM" step of that troubleshooter should display your ntfy server's URL that it has discovered from the ntfy client app. The simple [UnifiedPush troubleshooting](https://unifiedpush.org/users/troubleshooting/) app [UP-Example](https://f-droid.org/en/packages/org.unifiedpush.example/) can be used to manually test UnifiedPush registration and operation on an Android device. diff --git a/docs/configuring-playbook-riot-web.md b/docs/configuring-playbook-riot-web.md index f2ffb869a..eb05e0267 100644 --- a/docs/configuring-playbook-riot-web.md +++ b/docs/configuring-playbook-riot-web.md @@ -4,11 +4,11 @@ By default, this playbook **used to install** the [Riot-web](https://github.com/ Riot has since been [renamed to Element](https://element.io/blog/welcome-to-element/). -- to learn more about Element and its configuration, see our dedicated [Configuring Element](configuring-playbook-client-element.md) documentation page -- to learn how to migrate from Riot to Element, see [Migrating to Element](#migrating-to-element) below +- to learn more about Element Web and its configuration, see our dedicated [Configuring Element Web](configuring-playbook-client-element-web.md) documentation page +- to learn how to migrate from Riot to Element Web, see [Migrating to Element Web](#migrating-to-element-web) below -## Migrating to Element +## Migrating to Element Web ### Migrating your custom settings @@ -19,11 +19,11 @@ Some other playbook variables (but not all) with `riot` in their name are also r ### Domain migration -We used to set up Riot at the `riot.example.com` domain. The playbook now sets up Element at `element.example.com` by default. +We used to set up Riot at the `riot.example.com` domain. The playbook now sets up Element Web at `element.example.com` by default. There are a few options for handling this: -- (**avoiding changes** - using the old `riot.example.com` domain and avoiding DNS changes) -- to keep using `riot.example.com` instead of `element.example.com`, override the domain at which the playbook serves Element: `matrix_server_fqn_element: "riot.{{ matrix_domain }}"` +- (**avoiding changes** - using the old `riot.example.com` domain and avoiding DNS changes) -- to keep using `riot.example.com` instead of `element.example.com`, override the domain at which the playbook serves Element Web: `matrix_server_fqn_element: "riot.{{ matrix_domain }}"` - (**embracing changes** - using only `element.example.com`) - set up the `element.example.com` DNS record (see [Configuring DNS](configuring-dns.md)). You can drop the `riot.example.com` in this case. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index d1edd7c10..008acb934 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -70,13 +70,13 @@ When you're done with all the configuration you'd like to do, continue with [Ins Web clients for Matrix that you can host on your own domains. -- [Configuring Element](configuring-playbook-client-element.md), if you're going with the default/recommended client +- [Configuring Element Web](configuring-playbook-client-element-web.md), if you're going with the default/recommended client - [Setting up Hydrogen](configuring-playbook-client-hydrogen.md), if you've enabled [Hydrogen](https://github.com/element-hq/hydrogen-web), a lightweight Matrix client with legacy and mobile browser support - [Setting up Cinny](configuring-playbook-client-cinny.md), if you've enabled [Cinny](https://github.com/ajbura/cinny), a web client focusing primarily on simple, elegant and secure interface -- [Setting up SchildiChat](configuring-playbook-client-schildichat.md), if you've enabled [SchildiChat](https://schildi.chat/), a web client based on [Element](https://element.io/) with some extras and tweaks +- [Setting up SchildiChat Web](configuring-playbook-client-schildichat-web.md), if you've enabled [SchildiChat Web](https://schildi.chat/), a web client based on [Element Web](https://element.io/) with some extras and tweaks ### Authentication and user-related diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index e453814d9..cc62bc922 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -6,7 +6,7 @@ There are 2 types of well-known service discovery that Matrix makes use of: - (important) **Federation Server discovery** (`/.well-known/matrix/server`) -- assists other servers in the Matrix network with finding your server. Without a proper configuration, your server will effectively not be part of the Matrix network. Learn more in [Introduction to Federation Server Discovery](#introduction-to-federation-server-discovery) -- (not that important) **Client Server discovery** (`/.well-known/matrix/client`) -- assists programs that you use to connect to your server (e.g. Element), so that they can make it more convenient for you by automatically configuring the "Homeserver URL" and "Identity Server URL" addresses. Learn more in [Introduction to Client Server Discovery](#introduction-to-client-server-discovery) +- (not that important) **Client Server discovery** (`/.well-known/matrix/client`) -- assists programs that you use to connect to your server (e.g. Element Web), so that they can make it more convenient for you by automatically configuring the "Homeserver URL" and "Identity Server URL" addresses. Learn more in [Introduction to Client Server Discovery](#introduction-to-client-server-discovery) ## Introduction to Federation Server Discovery @@ -86,7 +86,7 @@ All you need to do is: - copy `/.well-known/matrix/server` and `/.well-known/matrix/client` from the Matrix server (e.g. `matrix.example.com`) to your base domain's server (`example.com`). You can find these files in the `/matrix/static-files/.well-known/matrix` directory on the Matrix server. They are also accessible on URLs like this: `https://matrix.example.com/.well-known/matrix/server` (same for `client`). -- set up the server at your base domain (e.g. `example.com`) so that it adds an extra HTTP header when serving the `/.well-known/matrix/client` file. [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS), the `Access-Control-Allow-Origin` header should be set with a value of `*`. If you don't do this step, web-based Matrix clients (like Element) may fail to work. Setting up headers for the `/.well-known/matrix/server` file is not necessary, as this file is only consumed by non-browsers, which don't care about CORS. +- set up the server at your base domain (e.g. `example.com`) so that it adds an extra HTTP header when serving the `/.well-known/matrix/client` file. [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS), the `Access-Control-Allow-Origin` header should be set with a value of `*`. If you don't do this step, web-based Matrix clients (like Element Web) may fail to work. Setting up headers for the `/.well-known/matrix/server` file is not necessary, as this file is only consumed by non-browsers, which don't care about CORS. This is relatively easy to do and possibly your only choice if you can only host static files from the base domain's server. It is, however, **a little fragile**, as future updates performed by this playbook may regenerate the well-known files and you may need to notice that and copy them over again. diff --git a/docs/container-images.md b/docs/container-images.md index 4658201bc..1b1efbe22 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -19,10 +19,10 @@ Web clients for Matrix that you can host on your own domains. | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | -| [Element](configuring-playbook-client-element.md) | [vectorim/element-web](https://hub.docker.com/r/vectorim/element-web/) | ✓ | Web UI, which is configured to connect to your own Synapse server by default | +| [Element Web](configuring-playbook-client-element-web.md) | [vectorim/element-web](https://hub.docker.com/r/vectorim/element-web/) | ✓ | Default Matrix web client, configured to connect to your own Synapse server | | [Hydrogen](configuring-playbook-client-hydrogen.md) | [element-hq/hydrogen-web](https://ghcr.io/element-hq/hydrogen-web) | x | Lightweight Matrix client with legacy and mobile browser support | | [Cinny](configuring-playbook-client-cinny.md) | [ajbura/cinny](https://hub.docker.com/r/ajbura/cinny) | x | Simple, elegant and secure web client | -| [SchildiChat](configuring-playbook-client-schildichat.md) | [etke.cc/schildichat-web](https://ghcr.io/etkecc/schildichat-web) | x | Based on Element, with a more traditional instant messaging experience | +| [SchildiChat Web](configuring-playbook-client-schildichat-web.md) | [etke.cc/schildichat-web](https://ghcr.io/etkecc/schildichat-web) | x | Based on Element Web, with a more traditional instant messaging experience | ## Server Components diff --git a/docs/faq.md b/docs/faq.md index 5939decc5..740c2f297 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -23,11 +23,11 @@ For a lot more generic questions and answers, see the [matrix.org FAQ](https://m You don't just use the "email" protocols (SMTP, POP3, IMAP) directly though. There's a *server* somewhere which stores your data (`@gmail.com`, `@yahoo.com`, `@hotmail.com`, `@your-company.com`) and you access it by using these "email" protocols via some *client* program (Outlook, Thunderbird, some website, etc). -In the world of the Matrix chat protocol, there are various client programs. The first and currently most full-featured one is called [Element](https://element.io/) (used to be called Riot.im and Vector.im in the past). There are [many other clients](https://matrix.org/clients/). You can switch clients as much as you want until you find the one that is right for you on a given platform (you may use Element on your desktop, but Fluffychat on your phone, etc). +In the world of the Matrix chat protocol, there are various client programs. The first and currently most full-featured one is called [Element](https://element.io/) (used to be called Riot.im and Vector.im in the past). There are [many other clients](https://matrix.org/clients/). You can switch clients as much as you want until you find the one that is right for you on a given platform (you may use Element Desktop on your desktop, but Fluffychat on your phone, etc). Matrix is also like email due to the fact that there are many servers around the world which can all talk to each other (you can send email from `@gmail.com` addresses to `@yahoo.com` and `@hotmail.com` addresses). It's the same with Matrix (`@bob:example.com` can talk to `@alice:example.org`). -If someone else is hosting your Matrix server (you being `@user:matrix.org` or some other public server like this), all you need is a Matrix client program, like Element. +If someone else is hosting your Matrix server (you being `@user:matrix.org` or some other public server like this), all you need is a Matrix client program, like Element Web or Element X Android. If you'd like to host your own server (you being `@user:example.com`), you'd need to set up a Matrix server program, like Synapse. @@ -53,9 +53,9 @@ One of [Matrix](https://matrix.org/)'s distinguishing strengths (compared to oth There are 3 ways to get into Matrix, depending on your technical ability and needs: -- **using the existing default server** - the easiest way is to use an existing server. The largest public Matrix server is `matrix.org` and it's configured as a default server in clients such as [Element](https://element.io) and many others. Just use Element on the browser via that link (or download the Element app on a smartphone), create an account and start chatting. +- **using the existing default server** - the easiest way is to use an existing server. The largest public Matrix server is `matrix.org` and it's configured as a default server in clients such as [Element Web](https://app.element.io) and many others. Just use Element Web on the browser via that link (or [download client apps for your Desktop or smartphone](https://element.io/app-for-productivity)), create an account and start chatting. -- **using some other server** - instead of using the largest public server (`matrix.org`), you can use another public one. Here's a [list of public Matrix servers](https://joinmatrix.org/servers/) to choose from. Again, you download [Element](https://element.io) or [some other client](https://matrix.org/clients/) of your choosing and adjust the homeserver URL during login. +- **using some other server** - instead of using the largest public server (`matrix.org`), you can use another public one. Here's a [list of public Matrix servers](https://joinmatrix.org/servers/) to choose from. Go to [Element Web](https://app.element.io) or download [some other client](https://matrix.org/clients/) of your choosing and adjust the homeserver URL during login. - **using your own server** - running your own server puts you in ultimate control of your data. It also lets you have your own user identifiers (e.g. `@bob:example.com`). See [How do I set up my own Matrix server](#how-do-i-set-up-my-own-matrix-server). @@ -251,7 +251,7 @@ matrix_domain: "matrix.example.com" # This is where Matrix services matrix_server_fqn_matrix: "matrix.example.com" -# This is where you access the Element web UI from (if enabled via `matrix_client_element_enabled: true`; enabled by default). +# This is where you access the Element Web from (if enabled via `matrix_client_element_enabled: true`; enabled by default). # This and the Matrix FQN (see above) are expected to be on the same server. # # Feel free to use `element.matrix.example.com`, if you'd prefer that. diff --git a/docs/installing.md b/docs/installing.md index 61dd3041b..4bae27d8f 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -111,6 +111,6 @@ After you have started the services and **finalized the installation process** ( - or learn how to [upgrade services when new versions are released](maintenance-upgrading-services.md) - or learn how to [maintain your server](faq.md#maintenance) - or join some Matrix rooms: - * via the *Explore rooms* feature in Element or some other client, or by discovering them using this [matrix-static list](https://view.matrix.org). **Note**: joining large rooms may overload small servers. + * via the *Explore rooms* feature in Element Web or some other clients, or by discovering them using this [matrix-static list](https://view.matrix.org). **Note**: joining large rooms may overload small servers. * or come say Hi in our support room - [#matrix-docker-ansible-deploy:devture.com](https://matrix.to/#/#matrix-docker-ansible-deploy:devture.com). You might learn something or get to help someone else new to Matrix hosting. - or help make this playbook better by contributing (code, documentation, or [coffee/beer](https://liberapay.com/s.pantaleev/donate)) diff --git a/docs/obtaining-access-tokens.md b/docs/obtaining-access-tokens.md index 301ea8db2..ba9381a82 100644 --- a/docs/obtaining-access-tokens.md +++ b/docs/obtaining-access-tokens.md @@ -8,17 +8,17 @@ When setting up some optional features like bots and bridges you will need to pr The user for whom you want to obtain an access token needs to already exist. You can use this playbook to [register a new user](registering-users.md), if you have not already. -Below, we describe 2 ways to generate an access token for a user - using [Element](#obtain-an-access-token-via-element) or [curl](#obtain-an-access-token-via-curl). For both ways you need the user's password. +Below, we describe 2 ways to generate an access token for a user - using [Element Web](#obtain-an-access-token-via-element-web) or [curl](#obtain-an-access-token-via-curl). For both ways you need the user's password. -## Obtain an access token via Element +## Obtain an access token via Element Web -1. In a private browsing session (incognito window), open Element. +1. In a private browsing session (incognito window), open Element Web. 2. Log in with the user's credentials. 3. In the settings page, choose "Help & About", scroll down to the bottom and expand the `Access Token` section (see screenshot below). 4. Copy the access token to your configuration. 5. Close the private browsing session. **Do not log out**. Logging out will invalidate the token, making it not work. -![Obtaining an access token with Element](assets/obtain_admin_access_token_element.png) +![Obtaining an access token with Element Web](assets/obtain_admin_access_token_element_web.png) ## Obtain an access token via curl diff --git a/docs/registering-users.md b/docs/registering-users.md index 6aeece00f..b28a19409 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -16,7 +16,7 @@ Table of contents: **Note**: in the commands below, `` is just a plain username (like `john`), not your full `@:example.com` identifier. -After registering a user (using one of the methods below), **you can log in with that user** via the [Element](configuring-playbook-client-element.md) service that this playbook has installed for you at a URL like this: `https://element.example.com/`. +After registering a user (using one of the methods below), **you can log in with that user** via the [Element Web](configuring-playbook-client-element-web.md) service that this playbook has installed for you at a URL like this: `https://element.example.com/`. ### Registering users via the Ansible playbook diff --git a/docs/updating-users-passwords.md b/docs/updating-users-passwords.md index efc2c9b36..d4b3b1ec0 100644 --- a/docs/updating-users-passwords.md +++ b/docs/updating-users-passwords.md @@ -10,7 +10,7 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=` is just a plain username (like `john`), not your full `@:example.com` identifier. -**You can then log in with that user** via the Element service that this playbook has created for you at a URL like this: `https://element.example.com/`. +**You can then log in with that user** via Element Web that this playbook has created for you at a URL like this: `https://element.example.com/`. ## Option 2 (if you are using an external Postgres server): diff --git a/examples/reverse-proxies/apache/README.md b/examples/reverse-proxies/apache/README.md index da349db74..b4608c87c 100644 --- a/examples/reverse-proxies/apache/README.md +++ b/examples/reverse-proxies/apache/README.md @@ -10,5 +10,5 @@ To get started, first follow the [front the integrated reverse-proxy webserver w `matrix-domain.conf` contains configuration for the Matrix domain, which handles both the Client-Server API (port `443`) and the Matrix Federation API (port `8448`). -`matrix-client-element.conf` is an example for when you're hosting Element at `element.example.com`. +`matrix-client-element.conf` is an example for when you're hosting Element Web at `element.example.com`. This configuration can also be used as an example for handling other domains, depending on the services you enable with the playbook (e.g. `dimension.example.com`, etc). diff --git a/examples/reverse-proxies/apache/matrix-client-element.conf b/examples/reverse-proxies/apache/matrix-client-element.conf index 6ae104ea4..d4321c2bd 100644 --- a/examples/reverse-proxies/apache/matrix-client-element.conf +++ b/examples/reverse-proxies/apache/matrix-client-element.conf @@ -1,5 +1,5 @@ # This is a sample file demonstrating how to set up reverse-proxy for element.example.com. -# If you're not using Element (`matrix_client_element_enabled: false`), you won't need this. +# If you're not using Element Web (`matrix_client_element_enabled: false`), you won't need this. ServerName element.example.com diff --git a/examples/reverse-proxies/caddy2-in-container/README.md b/examples/reverse-proxies/caddy2-in-container/README.md index be654f0d5..51881ac60 100644 --- a/examples/reverse-proxies/caddy2-in-container/README.md +++ b/examples/reverse-proxies/caddy2-in-container/README.md @@ -16,4 +16,4 @@ Then, adjust your Caddy `docker-compose.yaml` file (if you're using docker-comp You can either just use the [Caddyfile](Caddyfile) directly or append its content to your own Caddyfile. In both cases make sure to replace all the `example.com` domains with your own domain. -This example does not include additional services like Element, but you should be able copy the first block and replace the `matrix.` subdomain with the subdomain of the some other service (e.g. `element.`). +This example does not include additional services like Element Web, but you should be able copy the first block and replace the `matrix.` subdomain with the subdomain of the some other service (e.g. `element.`). diff --git a/examples/reverse-proxies/nginx/README.md b/examples/reverse-proxies/nginx/README.md index 67381c4f2..dfe53057c 100644 --- a/examples/reverse-proxies/nginx/README.md +++ b/examples/reverse-proxies/nginx/README.md @@ -14,4 +14,4 @@ Copy the [matrix.conf](matrix.conf) file to your nginx server's filesystem, modi This configuration **disables SSL certificate retrieval**, so you will **need to obtain SSL certificates manually** (e.g. by using [certbot](https://certbot.eff.org/)) and set the appropriate path in `matrix.conf`. In the example nginx configuration, a single certificate is used for all subdomains (`matrix.example.com`, `element.example.com`, etc.). For your setup, may wish to change this and use separate `server` blocks and separate certificate files for each host. -Also note that your copy of the `matrix.conf` file has to be adapted to whatever services you are using. For example, remove `element.example.com` from the `server_name` list if you don't use [Element](../../../docs/configuring-playbook-client-element.md) web client or add `dimension.example.com` to it if you do use the [Dimension](../../../docs/configuring-playbook-dimension.md) integration manager. +Also note that your copy of the `matrix.conf` file has to be adapted to whatever services you are using. For example, remove `element.example.com` from the `server_name` list if you don't use [Element Web](../../../docs/configuring-playbook-client-element-web.md) client or add `dimension.example.com` to it if you do use the [Dimension](../../../docs/configuring-playbook-dimension.md) integration manager. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index b274251b8..108954f77 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -4445,7 +4445,7 @@ keydb_arch: |- # ###################################################################### -# By default, this playbook installs the Element web UI on the `matrix_server_fqn_element` domain. +# By default, this playbook installs the Element Web on the `matrix_server_fqn_element` domain. # If you wish to connect to your Matrix server by other means, you may wish to disable this. matrix_client_element_enabled: true diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index a8a668925..592837020 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -67,7 +67,7 @@ matrix_server_fqn_matrix: "matrix.{{ matrix_domain }}" # This is where you access federation API. matrix_server_fqn_matrix_federation: '{{ matrix_server_fqn_matrix }}' -# This is where you access the Element web UI from (if enabled via matrix_client_element_enabled; enabled by default). +# This is where you access the Element Web from (if enabled via matrix_client_element_enabled; enabled by default). # This and the Matrix FQN (see above) are expected to be on the same server. matrix_server_fqn_element: "element.{{ matrix_domain }}" @@ -77,7 +77,7 @@ matrix_server_fqn_hydrogen: "hydrogen.{{ matrix_domain }}" # This is where you access the Cinny web client from (if enabled via matrix_client_cinny_enabled; disabled by default). matrix_server_fqn_cinny: "cinny.{{ matrix_domain }}" -# This is where you access the SchildiChat web client from (if enabled via matrix_client_schildichat_enabled; disabled by default). +# This is where you access the SchildiChat Web from (if enabled via matrix_client_schildichat_enabled; disabled by default). matrix_server_fqn_schildichat: "schildichat.{{ matrix_domain }}" # This is where you access the Buscarron bot from (if enabled via matrix_bot_buscarron_enabled; disabled by default). diff --git a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml index 21f2061c5..f44196d43 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml @@ -23,7 +23,7 @@ matrix_bot_matrix_registration_bot_bot_server: "{{ matrix_homeserver_url }}" matrix_bot_matrix_registration_bot_api_base_url: "{{ matrix_homeserver_url }}" -# The bot's password (can also be used to login via a client like element) +# The bot's password (can also be used to login via a client like Element Web) matrix_bot_matrix_registration_bot_bot_password: '' # Optional variable that only needs to be set if the bot account is not admin diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index 17eb025ae..645410841 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -130,14 +130,14 @@ matrix_client_element_floc_optout_enabled: true matrix_client_element_hsts_preload_enabled: false matrix_client_element_scheme: https -# The hostname at which Element is served. +# The hostname at which Element Web is served. matrix_client_element_hostname: "{{ matrix_server_fqn_element }}" -# The path at which Element is exposed. +# The path at which Element Web is exposed. # This value must either be `/` or not end with a slash (e.g. `/element`). matrix_client_element_path_prefix: / -# Element config.json customizations +# Element Web config.json customizations matrix_client_element_default_server_name: "{{ matrix_domain }}" matrix_client_element_default_hs_url: "" matrix_client_element_default_is_url: ~ @@ -177,7 +177,7 @@ matrix_client_element_branding_welcome_background_url: ~ # noqa var-naming matrix_client_element_page_template_welcome_path: "{{ role_path }}/templates/welcome.html.j2" -# By default, there's no Element homepage (when logged in). If you wish to have one, +# By default, there's no Element Web homepage (when logged in). If you wish to have one, # point this to a `home.html` template file on your local filesystem. matrix_client_element_embedded_pages_home_path: ~ @@ -195,7 +195,7 @@ matrix_client_element_default_country_code: "GB" # Controls whether presence will be enabled matrix_client_element_enable_presence_by_hs_url: ~ -# Controls whether custom Element themes will be installed. +# Controls whether custom Element Web themes will be installed. # When enabled, all themes found in the `matrix_client_element_themes_repository_url` repository # will be installed and enabled automatically. matrix_client_element_themes_enabled: false @@ -205,16 +205,16 @@ matrix_client_element_themes_repository_version: master # Controls the default theme matrix_client_element_default_theme: 'light' -# Controls the `setting_defaults.custom_themes` setting of the Element configuration. +# Controls the `setting_defaults.custom_themes` setting of the Element Web configuration. # You can use this setting to define custom themes. # # Also, look at `matrix_client_element_themes_enabled` for a way to pull in a bunch of custom themes automatically. # If you define your own themes here and set `matrix_client_element_themes_enabled: true`, your themes will be preserved as well. # -# Note that for a custom theme to work well, all Element instances that you use must have the same theme installed. +# Note that for a custom theme to work well, all Element Web instances that you use must have the same theme installed. matrix_client_element_setting_defaults_custom_themes: [] # noqa var-naming -# Default Element configuration template which covers the generic use case. +# Default Element Web configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # # For a more advanced customization, you can extend the default (see `matrix_client_element_configuration_extension_json`) @@ -224,7 +224,7 @@ matrix_client_element_setting_defaults_custom_themes: [] # noqa var-naming # This is unlike what it does when looking up YAML template files (no automatic parsing there). matrix_client_element_configuration_default: "{{ lookup('template', 'templates/config.json.j2') }}" -# Your custom JSON configuration for Element should go to `matrix_client_element_configuration_extension_json`. +# Your custom JSON configuration for Element Web should go to `matrix_client_element_configuration_extension_json`. # This configuration extends the default starting configuration (`matrix_client_element_configuration_default`). # # You can override individual variables from the default configuration, or introduce new ones. @@ -243,7 +243,7 @@ matrix_client_element_configuration_extension_json: '{}' matrix_client_element_configuration_extension: "{{ matrix_client_element_configuration_extension_json | from_json if matrix_client_element_configuration_extension_json | from_json is mapping else {} }}" -# Holds the final Element configuration (a combination of the default and its extension). +# Holds the final Element Web configuration (a combination of the default and its extension). # You most likely don't need to touch this variable. Instead, see `matrix_client_element_configuration_default`. matrix_client_element_configuration: "{{ matrix_client_element_configuration_default | combine(matrix_client_element_configuration_extension, recursive=True) }}" diff --git a/roles/custom/matrix-client-element/tasks/prepare_themes.yml b/roles/custom/matrix-client-element/tasks/prepare_themes.yml index 194335b2f..cb3bf2bd4 100644 --- a/roles/custom/matrix-client-element/tasks/prepare_themes.yml +++ b/roles/custom/matrix-client-element/tasks/prepare_themes.yml @@ -1,7 +1,7 @@ --- # -# Tasks related to setting up Element themes +# Tasks related to setting up Element Web themes # - when: matrix_client_element_themes_enabled | bool @@ -9,35 +9,35 @@ delegate_to: 127.0.0.1 become: false block: - - name: Ensure Element themes repository is pulled + - name: Ensure Element Web themes repository is pulled ansible.builtin.git: repo: "{{ matrix_client_element_themes_repository_url }}" version: "{{ matrix_client_element_themes_repository_version }}" dest: "{{ role_path }}/files/scratchpad/themes" - - name: Find all Element theme files + - name: Find all Element Web theme files ansible.builtin.find: paths: "{{ role_path }}/files/scratchpad/themes" patterns: "*.json" recurse: true register: matrix_client_element_theme_file_list - - name: Read Element theme + - name: Read Element Web theme ansible.builtin.slurp: path: "{{ item.path }}" register: "matrix_client_element_theme_file_contents" with_items: "{{ matrix_client_element_theme_file_list.files }}" - - name: Load Element theme + - name: Load Element Web theme ansible.builtin.set_fact: matrix_client_element_setting_defaults_custom_themes: "{{ matrix_client_element_setting_defaults_custom_themes + [item['content'] | b64decode | from_json] }}" # noqa var-naming with_items: "{{ matrix_client_element_theme_file_contents.results }}" # -# Tasks related to getting rid of Element themes (if it was previously enabled) +# Tasks related to getting rid of Element Web themes (if it was previously enabled) # -- name: Ensure Element themes repository is removed +- name: Ensure Element Web themes repository is removed ansible.builtin.file: path: "{{ role_path }}/files/scratchpad/themes" state: absent diff --git a/roles/custom/matrix-client-element/tasks/self_check.yml b/roles/custom/matrix-client-element/tasks/self_check.yml index 619727b97..8a08d8d04 100644 --- a/roles/custom/matrix-client-element/tasks/self_check.yml +++ b/roles/custom/matrix-client-element/tasks/self_check.yml @@ -3,7 +3,7 @@ - ansible.builtin.set_fact: matrix_client_element_url_endpoint_public: "{{ matrix_client_element_scheme }}://{{ matrix_client_element_hostname }}/config.json" -- name: Check Element +- name: Check Element Web ansible.builtin.uri: url: "{{ matrix_client_element_url_endpoint_public }}" follow_redirects: none @@ -14,11 +14,11 @@ delegate_to: 127.0.0.1 become: false -- name: Fail if Element not working +- name: Fail if Element Web not working ansible.builtin.fail: - msg: "Failed checking Element is up at `{{ matrix_server_fqn_element }}` (checked endpoint: `{{ matrix_client_element_url_endpoint_public }}`). Is Element running? Is port 443 open in your firewall? Full error: {{ matrix_client_element_self_check_result }}" + msg: "Failed checking Element Web is up at `{{ matrix_server_fqn_element }}` (checked endpoint: `{{ matrix_client_element_url_endpoint_public }}`). Is Element Web running? Is port 443 open in your firewall? Full error: {{ matrix_client_element_self_check_result }}" when: "matrix_client_element_self_check_result.failed or 'json' not in matrix_client_element_self_check_result" -- name: Report working Element +- name: Report working Element Web ansible.builtin.debug: - msg: "Element at `{{ matrix_server_fqn_element }}` is working (checked endpoint: `{{ matrix_client_element_url_endpoint_public }}`)" + msg: "Element Web at `{{ matrix_server_fqn_element }}` is working (checked endpoint: `{{ matrix_client_element_url_endpoint_public }}`)" diff --git a/roles/custom/matrix-client-element/tasks/setup_install.yml b/roles/custom/matrix-client-element/tasks/setup_install.yml index 974e3d421..e528faa8b 100644 --- a/roles/custom/matrix-client-element/tasks/setup_install.yml +++ b/roles/custom/matrix-client-element/tasks/setup_install.yml @@ -1,6 +1,6 @@ --- -- name: Ensure Element paths exists +- name: Ensure Element Web paths exists ansible.builtin.file: path: "{{ item.path }}" state: directory @@ -12,7 +12,7 @@ - {path: "{{ matrix_client_element_docker_src_files_path }}", when: "{{ matrix_client_element_container_image_self_build }}"} when: "item.when | bool" -- name: Ensure Element Docker image is pulled +- name: Ensure Element Web Docker image is pulled community.docker.docker_image: name: "{{ matrix_client_element_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" @@ -24,7 +24,7 @@ delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed -- name: Ensure Element repository is present on self-build +- name: Ensure Element Web repository is present on self-build ansible.builtin.git: repo: "{{ matrix_client_element_container_image_self_build_repo }}" dest: "{{ matrix_client_element_docker_src_files_path }}" @@ -49,7 +49,7 @@ mode: '0644' when: "matrix_client_element_container_image_self_build | bool and matrix_client_element_container_image_self_build_low_memory_system_patch_enabled | bool" -- name: Ensure Element Docker image is built +- name: Ensure Element Web Docker image is built ansible.builtin.command: cmd: |- {{ devture_systemd_docker_base_host_command_docker }} buildx build @@ -59,7 +59,7 @@ changed_when: true when: matrix_client_element_container_image_self_build | bool -- name: Ensure Element configuration installed +- name: Ensure Element Web configuration installed ansible.builtin.copy: content: "{{ matrix_client_element_configuration | to_nice_json }}" dest: "{{ matrix_client_element_data_path }}/config.json" @@ -76,7 +76,7 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" -- name: Ensure Element config files installed +- name: Ensure Element Web config files installed ansible.builtin.template: src: "{{ item.src }}" dest: "{{ matrix_client_element_data_path }}/{{ item.name }}" @@ -90,7 +90,7 @@ - {src: "{{ matrix_client_element_embedded_pages_home_path }}", name: "home.html"} when: "item.src is not none" -- name: Ensure Element config files removed +- name: Ensure Element Web config files removed ansible.builtin.file: path: "{{ matrix_client_element_data_path }}/{{ item.name }}" state: absent @@ -98,7 +98,7 @@ - {src: "{{ matrix_client_element_embedded_pages_home_path }}", name: "home.html"} when: "item.src is none" -- name: Ensure Element container network is created +- name: Ensure Element Web container network is created community.general.docker_network: enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}" name: "{{ matrix_client_element_container_network }}" diff --git a/roles/custom/matrix-client-element/tasks/setup_uninstall.yml b/roles/custom/matrix-client-element/tasks/setup_uninstall.yml index e0930cc11..279dd8166 100644 --- a/roles/custom/matrix-client-element/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-client-element/tasks/setup_uninstall.yml @@ -19,7 +19,7 @@ path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-element.service" state: absent - - name: Ensure Element path doesn't exist + - name: Ensure Element Web path doesn't exist ansible.builtin.file: path: "{{ matrix_client_element_data_path }}" state: absent diff --git a/roles/custom/matrix-client-element/tasks/validate_config.yml b/roles/custom/matrix-client-element/tasks/validate_config.yml index bf90b3d03..81e00ddac 100644 --- a/roles/custom/matrix-client-element/tasks/validate_config.yml +++ b/roles/custom/matrix-client-element/tasks/validate_config.yml @@ -1,9 +1,9 @@ --- -- name: Fail if required Element settings not defined +- name: Fail if required Element Web settings not defined ansible.builtin.fail: msg: > - You need to define a required configuration setting (`{{ item }}`) for using Element. + You need to define a required configuration setting (`{{ item }}`) for using Element Web. when: "vars[item] == ''" with_items: - matrix_client_element_default_hs_url diff --git a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 index e70869db2..9748cfe7c 100644 --- a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 +++ b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Element server +Description=Matrix Element Web server {% for service in matrix_client_element_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/custom/matrix-client-schildichat/defaults/main.yml b/roles/custom/matrix-client-schildichat/defaults/main.yml index 83145dc4c..bd7ab05d8 100644 --- a/roles/custom/matrix-client-schildichat/defaults/main.yml +++ b/roles/custom/matrix-client-schildichat/defaults/main.yml @@ -124,14 +124,14 @@ matrix_client_schildichat_floc_optout_enabled: true matrix_client_schildichat_hsts_preload_enabled: false matrix_client_schildichat_scheme: https -# The hostname at which SchildiChat is served. +# The hostname at which SchildiChat Web is served. matrix_client_schildichat_hostname: "{{ matrix_server_fqn_schildichat }}" -# The path at which SchildiChat is exposed. +# The path at which SchildiChat Web is exposed. # This value must either be `/` or not end with a slash (e.g. `/schildichat`). matrix_client_schildichat_path_prefix: / -# SchildiChat config.json customizations +# SchildiChat Web config.json customizations matrix_client_schildichat_default_server_name: "{{ matrix_domain }}" matrix_client_schildichat_default_hs_url: "" matrix_client_schildichat_default_is_url: ~ @@ -145,9 +145,9 @@ matrix_client_schildichat_integrations_jitsi_widget_url: "https://scalar.vector. matrix_client_schildichat_permalink_prefix: "https://matrix.to" # noqa var-naming matrix_client_schildichat_bug_report_endpoint_url: "https://element.io/bugreports/submit" matrix_client_schildichat_show_lab_settings: true # noqa var-naming -# SchildiChat public room directory server(s) +# SchildiChat Web public room directory server(s) matrix_client_schildichat_room_directory_servers: ['matrix.org'] -# Branding of SchildiChat +# Branding of SchildiChat Web matrix_client_schildichat_brand: "schildichat" # URL to Logo on welcome page @@ -171,7 +171,7 @@ matrix_client_schildichat_branding_welcome_background_url: ~ # noqa var-naming matrix_client_schildichat_page_template_welcome_path: "{{ role_path }}/templates/welcome.html.j2" -# By default, there's no SchildiChat homepage (when logged in). If you wish to have one, +# By default, there's no SchildiChat Web homepage (when logged in). If you wish to have one, # point this to a `home.html` template file on your local filesystem. matrix_client_schildichat_embedded_pages_home_path: ~ @@ -189,7 +189,7 @@ matrix_client_schildichat_default_country_code: "GB" # Controls whether presence will be enabled matrix_client_schildichat_enable_presence_by_hs_url: ~ -# Controls whether custom SchildiChat themes will be installed. +# Controls whether custom SchildiChat Web themes will be installed. # When enabled, all themes found in the `matrix_client_schildichat_themes_repository_url` repository # will be installed and enabled automatically. matrix_client_schildichat_themes_enabled: false @@ -199,16 +199,16 @@ matrix_client_schildichat_themes_repository_version: master # Controls the default theme matrix_client_schildichat_default_theme: 'light' -# Controls the `setting_defaults.custom_themes` setting of the SchildiChat configuration. +# Controls the `setting_defaults.custom_themes` setting of the SchildiChat Web configuration. # You can use this setting to define custom themes. # # Also, look at `matrix_client_schildichat_themes_enabled` for a way to pull in a bunch of custom themes automatically. # If you define your own themes here and set `matrix_client_schildichat_themes_enabled: true`, your themes will be preserved as well. # -# Note that for a custom theme to work well, all SchildiChat instances that you use must have the same theme installed. +# Note that for a custom theme to work well, all SchildiChat Web instances that you use must have the same theme installed. matrix_client_schildichat_setting_defaults_custom_themes: [] # noqa var-naming -# Default SchildiChat configuration template which covers the generic use case. +# Default SchildiChat Web configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # # For a more advanced customization, you can extend the default (see `matrix_client_schildichat_configuration_extension_json`) @@ -218,7 +218,7 @@ matrix_client_schildichat_setting_defaults_custom_themes: [] # noqa var-naming # This is unlike what it does when looking up YAML template files (no automatic parsing there). matrix_client_schildichat_configuration_default: "{{ lookup('template', 'templates/config.json.j2') }}" -# Your custom JSON configuration for SchildiChat should go to `matrix_client_schildichat_configuration_extension_json`. +# Your custom JSON configuration for SchildiChat Web should go to `matrix_client_schildichat_configuration_extension_json`. # This configuration extends the default starting configuration (`matrix_client_schildichat_configuration_default`). # # You can override individual variables from the default configuration, or introduce new ones. @@ -237,7 +237,7 @@ matrix_client_schildichat_configuration_extension_json: '{}' matrix_client_schildichat_configuration_extension: "{{ matrix_client_schildichat_configuration_extension_json | from_json if matrix_client_schildichat_configuration_extension_json | from_json is mapping else {} }}" -# Holds the final SchildiChat configuration (a combination of the default and its extension). +# Holds the final SchildiChat Web configuration (a combination of the default and its extension). # You most likely don't need to touch this variable. Instead, see `matrix_client_schildichat_configuration_default`. matrix_client_schildichat_configuration: "{{ matrix_client_schildichat_configuration_default | combine(matrix_client_schildichat_configuration_extension, recursive=True) }}" diff --git a/roles/custom/matrix-client-schildichat/tasks/prepare_themes.yml b/roles/custom/matrix-client-schildichat/tasks/prepare_themes.yml index cd3f3ecb1..521679bc0 100644 --- a/roles/custom/matrix-client-schildichat/tasks/prepare_themes.yml +++ b/roles/custom/matrix-client-schildichat/tasks/prepare_themes.yml @@ -1,7 +1,7 @@ --- # -# Tasks related to setting up SchildiChat themes +# Tasks related to setting up SchildiChat Web themes # - when: matrix_client_schildichat_themes_enabled | bool @@ -9,35 +9,35 @@ delegate_to: 127.0.0.1 become: false block: - - name: Ensure SchildiChat themes repository is pulled + - name: Ensure SchildiChat Web themes repository is pulled ansible.builtin.git: repo: "{{ matrix_client_schildichat_themes_repository_url }}" version: "{{ matrix_client_schildichat_themes_repository_version }}" dest: "{{ role_path }}/files/scratchpad/themes" - - name: Find all SchildiChat theme files + - name: Find all SchildiChat Web theme files ansible.builtin.find: paths: "{{ role_path }}/files/scratchpad/themes" patterns: "*.json" recurse: true register: matrix_client_schildichat_theme_file_list - - name: Read SchildiChat theme + - name: Read SchildiChat Web theme ansible.builtin.slurp: path: "{{ item.path }}" register: "matrix_client_schildichat_theme_file_contents" with_items: "{{ matrix_client_schildichat_theme_file_list.files }}" - - name: Load SchildiChat theme + - name: Load SchildiChat Web theme ansible.builtin.set_fact: matrix_client_schildichat_setting_defaults_custom_themes: "{{ matrix_client_schildichat_setting_defaults_custom_themes + [item['content'] | b64decode | from_json] }}" # noqa var-naming with_items: "{{ matrix_client_schildichat_theme_file_contents.results }}" # -# Tasks related to getting rid of SchildiChat themes (if it was previously enabled) +# Tasks related to getting rid of SchildiChat Web themes (if it was previously enabled) # -- name: Ensure SchildiChat themes repository is removed +- name: Ensure SchildiChat Web themes repository is removed ansible.builtin.file: path: "{{ role_path }}/files/scratchpad/themes" state: absent diff --git a/roles/custom/matrix-client-schildichat/tasks/self_check.yml b/roles/custom/matrix-client-schildichat/tasks/self_check.yml index 11895e8c6..5e8771111 100644 --- a/roles/custom/matrix-client-schildichat/tasks/self_check.yml +++ b/roles/custom/matrix-client-schildichat/tasks/self_check.yml @@ -3,7 +3,7 @@ - ansible.builtin.set_fact: matrix_client_schildichat_url_endpoint_public: "{{ matrix_client_schildichat_scheme }}://{{ matrix_client_schildichat_hostname }}/config.json" -- name: Check SchildiChat +- name: Check SchildiChat Web ansible.builtin.uri: url: "{{ matrix_client_schildichat_url_endpoint_public }}" follow_redirects: none @@ -14,11 +14,11 @@ delegate_to: 127.0.0.1 become: false -- name: Fail if SchildiChat not working +- name: Fail if SchildiChat Web not working ansible.builtin.fail: - msg: "Failed checking SchildiChat is up at `{{ matrix_server_fqn_schildichat }}` (checked endpoint: `{{ matrix_client_schildichat_url_endpoint_public }}`). Is SchildiChat running? Is port 443 open in your firewall? Full error: {{ matrix_client_schildichat_self_check_result }}" + msg: "Failed checking SchildiChat Web is up at `{{ matrix_server_fqn_schildichat }}` (checked endpoint: `{{ matrix_client_schildichat_url_endpoint_public }}`). Is SchildiChat Web running? Is port 443 open in your firewall? Full error: {{ matrix_client_schildichat_self_check_result }}" when: "matrix_client_schildichat_self_check_result.failed or 'json' not in matrix_client_schildichat_self_check_result" -- name: Report working SchildiChat +- name: Report working SchildiChat Web ansible.builtin.debug: - msg: "SchildiChat at `{{ matrix_server_fqn_schildichat }}` is working (checked endpoint: `{{ matrix_client_schildichat_url_endpoint_public }}`)" + msg: "SchildiChat Web at `{{ matrix_server_fqn_schildichat }}` is working (checked endpoint: `{{ matrix_client_schildichat_url_endpoint_public }}`)" diff --git a/roles/custom/matrix-client-schildichat/tasks/setup_install.yml b/roles/custom/matrix-client-schildichat/tasks/setup_install.yml index 77c1b45c5..6dc9222c4 100644 --- a/roles/custom/matrix-client-schildichat/tasks/setup_install.yml +++ b/roles/custom/matrix-client-schildichat/tasks/setup_install.yml @@ -1,6 +1,6 @@ --- -- name: Ensure SchildiChat paths exists +- name: Ensure SchildiChat Web paths exists ansible.builtin.file: path: "{{ item.path }}" state: directory @@ -12,7 +12,7 @@ - {path: "{{ matrix_client_schildichat_docker_src_files_path }}", when: "{{ matrix_client_schildichat_container_image_self_build }}"} when: "item.when | bool" -- name: Ensure SchildiChat Docker image is pulled +- name: Ensure SchildiChat Web Docker image is pulled community.docker.docker_image: name: "{{ matrix_client_schildichat_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" @@ -24,7 +24,7 @@ delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed -- name: Ensure SchildiChat repository is present on self-build +- name: Ensure SchildiChat Web repository is present on self-build ansible.builtin.git: repo: "{{ matrix_client_schildichat_container_image_self_build_repo }}" dest: "{{ matrix_client_schildichat_docker_src_files_path }}" @@ -49,7 +49,7 @@ mode: '0644' when: "matrix_client_schildichat_container_image_self_build | bool and matrix_client_schildichat_container_image_self_build_low_memory_system_patch_enabled | bool" -- name: Ensure SchildiChat Docker image is built +- name: Ensure SchildiChat Web Docker image is built ansible.builtin.command: cmd: |- {{ devture_systemd_docker_base_host_command_docker }} buildx build @@ -59,7 +59,7 @@ changed_when: true when: matrix_client_schildichat_container_image_self_build | bool -- name: Ensure SchildiChat configuration installed +- name: Ensure SchildiChat Web configuration installed ansible.builtin.copy: content: "{{ matrix_client_schildichat_configuration | to_nice_json }}" dest: "{{ matrix_client_schildichat_data_path }}/config.json" @@ -76,7 +76,7 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" -- name: Ensure SchildiChat config files installed +- name: Ensure SchildiChat Web config files installed ansible.builtin.template: src: "{{ item.src }}" dest: "{{ matrix_client_schildichat_data_path }}/{{ item.name }}" @@ -89,7 +89,7 @@ - {src: "{{ matrix_client_schildichat_embedded_pages_home_path }}", name: "home.html"} when: "item.src is not none" -- name: Ensure SchildiChat config files removed +- name: Ensure SchildiChat Web config files removed ansible.builtin.file: path: "{{ matrix_client_schildichat_data_path }}/{{ item.name }}" state: absent @@ -97,7 +97,7 @@ - {src: "{{ matrix_client_schildichat_embedded_pages_home_path }}", name: "home.html"} when: "item.src is none" -- name: Ensure SchildiChat container network is created +- name: Ensure SchildiChat Web container network is created community.general.docker_network: enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}" name: "{{ matrix_client_schildichat_container_network }}" diff --git a/roles/custom/matrix-client-schildichat/tasks/setup_uninstall.yml b/roles/custom/matrix-client-schildichat/tasks/setup_uninstall.yml index 98a4ae494..67f6856ff 100644 --- a/roles/custom/matrix-client-schildichat/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-client-schildichat/tasks/setup_uninstall.yml @@ -19,7 +19,7 @@ path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-schildichat.service" state: absent - - name: Ensure SchildiChat path doesn't exist + - name: Ensure SchildiChat Web path doesn't exist ansible.builtin.file: path: "{{ matrix_client_schildichat_data_path }}" state: absent diff --git a/roles/custom/matrix-client-schildichat/tasks/validate_config.yml b/roles/custom/matrix-client-schildichat/tasks/validate_config.yml index 0e3b832a7..a9cb7358c 100644 --- a/roles/custom/matrix-client-schildichat/tasks/validate_config.yml +++ b/roles/custom/matrix-client-schildichat/tasks/validate_config.yml @@ -1,6 +1,6 @@ --- -- name: (Deprecation) Catch and report renamed Schildichat settings +- name: (Deprecation) Catch and report renamed SchildiChat Web settings ansible.builtin.fail: msg: >- Your configuration contains a variable, which now has a different name. @@ -9,10 +9,10 @@ with_items: - {'old': 'matrix_client_schildichat_welcome_user_id', 'new': ''} -- name: Fail if required SchildiChat settings not defined +- name: Fail if required SchildiChat Web settings not defined ansible.builtin.fail: msg: > - You need to define a required configuration setting (`{{ item }}`) for using SchildiChat. + You need to define a required configuration setting (`{{ item }}`) for using SchildiChat Web. when: "vars[item] == ''" with_items: - matrix_client_schildichat_default_hs_url diff --git a/roles/custom/matrix-client-schildichat/templates/systemd/matrix-client-schildichat.service.j2 b/roles/custom/matrix-client-schildichat/templates/systemd/matrix-client-schildichat.service.j2 index 74111ffa8..98941d47e 100644 --- a/roles/custom/matrix-client-schildichat/templates/systemd/matrix-client-schildichat.service.j2 +++ b/roles/custom/matrix-client-schildichat/templates/systemd/matrix-client-schildichat.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix SchildiChat server +Description=Matrix SchildiChat Web server {% for service in matrix_client_schildichat_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/custom/matrix-dimension/templates/config.yaml.j2 b/roles/custom/matrix-dimension/templates/config.yaml.j2 index c387c91b6..7a426ad63 100644 --- a/roles/custom/matrix-dimension/templates/config.yaml.j2 +++ b/roles/custom/matrix-dimension/templates/config.yaml.j2 @@ -31,7 +31,7 @@ homeserver: accessToken: {{ matrix_dimension_access_token | to_json }} # These users can modify the integrations this Dimension supports. -# To access the admin interface, open Dimension in Element and click the settings icon. +# To access the admin interface, open Dimension in Element Web and click the settings icon. admins: {{ matrix_dimension_admins | to_json }} # IPs and CIDR ranges listed here will be blocked from being widgets. diff --git a/roles/custom/matrix-static-files/defaults/main.yml b/roles/custom/matrix-static-files/defaults/main.yml index 105af4447..916b26a2b 100644 --- a/roles/custom/matrix-static-files/defaults/main.yml +++ b/roles/custom/matrix-static-files/defaults/main.yml @@ -169,26 +169,26 @@ matrix_static_files_file_matrix_client_property_m_tile_server_map_style_url: "" matrix_static_files_file_matrix_client_property_io_element_e2ee_entries_enabled: "{{ not matrix_static_files_file_matrix_client_property_io_element_e2ee_default or matrix_static_files_file_matrix_client_property_io_element_e2ee_secure_backup_required or matrix_static_files_file_matrix_client_property_io_element_e2ee_secure_backup_setup_methods | length > 0 }}" # Controls the io.element.e2ee/default property in the /.well-known/matrix/client file, -# which instructs Element whether it should use End-to-End Encryption by default. +# which instructs Element clients whether they should use End-to-End Encryption by default. # Setting this to false will update `/.well-known/matrix/client` and tell Element clients to avoid E2EE. # See: https://github.com/element-hq/element-web/blob/develop/docs/e2ee.md matrix_static_files_file_matrix_client_property_io_element_e2ee_default: true # Controls the io.element.e2ee/secure_backup_required property in the /.well-known/matrix/client file, -# which instructs Element whether it should require a secure backup set up before Element can be used. -# Setting this to true will update `/.well-known/matrix/client` and tell Element require a secure backup. +# which instructs Element clients whether they should require a secure backup set up before they can be used. +# Setting this to true will update `/.well-known/matrix/client` and tell Element clients require a secure backup. # See: https://github.com/element-hq/element-web/blob/develop/docs/e2ee.md matrix_static_files_file_matrix_client_property_io_element_e2ee_secure_backup_required: false # Controls the io.element.e2ee/secure_backup_setup_methods property in the /.well-known/matrix/client file, -# which instructs Element which backup methods from ["key", "passphrase"] should be used. -# When an empty list is provided, Element defaults to using both. -# Setting this to other than empty will update `/.well-known/matrix/client` and tell Element which method to use. +# which instructs Element clients which backup methods from ["key", "passphrase"] should be used. +# When an empty list is provided, Element clients default to using both. +# Setting this to other than empty will update `/.well-known/matrix/client` and tell Element clients which method to use. # See: https://github.com/element-hq/element-web/blob/develop/docs/e2ee.md matrix_static_files_file_matrix_client_property_io_element_e2ee_secure_backup_setup_methods: [] # Controls the io.element.e2ee/force_disable property in the /.well-known/matrix/client file, -# which can be set to `true` to instruct Element whether to disable End-to-End Encryption by default +# which can be set to `true` to instruct Element clients whether to disable End-to-End Encryption by default # and to not show encryption related-settings in room settings. # See: https://github.com/element-hq/element-web/blob/develop/docs/e2ee.md matrix_static_files_file_matrix_client_property_io_element_e2ee_force_disable: false From 02a2b4d4d18f297c45f81ef77316e2116dc4fccb Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 7 Nov 2024 18:46:39 +0900 Subject: [PATCH 312/404] Update docs/configuring-playbook-sliding-sync-proxy.md: Element X is no longer beta Since 2023-09-21, Element X is no longer beta. See https://element.io/blog/element-x-ignition/ Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-sliding-sync-proxy.md | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/docs/configuring-playbook-sliding-sync-proxy.md b/docs/configuring-playbook-sliding-sync-proxy.md index 5bcd43146..52a9ee07c 100644 --- a/docs/configuring-playbook-sliding-sync-proxy.md +++ b/docs/configuring-playbook-sliding-sync-proxy.md @@ -4,13 +4,7 @@ The playbook can install and configure [sliding-sync](https://github.com/matrix-org/sliding-sync) proxy for you. -Sliding Sync is an implementation of [MSC3575](https://github.com/matrix-org/matrix-spec-proposals/blob/kegan/sync-v3/proposals/3575-sync.md) and a prerequisite for running the new (**still beta**) Element X clients ([Element X iOS](https://github.com/element-hq/element-x-ios) and [Element X Android](https://github.com/element-hq/element-x-android)). - -See the project's [documentation](https://github.com/matrix-org/sliding-sync) to learn more. - -Element X iOS is [available on TestFlight](https://testflight.apple.com/join/uZbeZCOi). - -Element X Android is [available on the Github Releases page](https://github.com/element-hq/element-x-android/releases). +Sliding Sync is an implementation of [MSC3575](https://github.com/matrix-org/matrix-spec-proposals/blob/kegan/sync-v3/proposals/3575-sync.md) and a prerequisite for running Element X clients ([Element X iOS](https://github.com/element-hq/element-x-ios) and [Element X Android](https://github.com/element-hq/element-x-android)). See the project's [documentation](https://github.com/matrix-org/sliding-sync) to learn more. ## Adjusting the playbook configuration From d8cacb9cde9d25c11d9474b090a9e063c1e2577f Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 8 Nov 2024 11:55:20 +0900 Subject: [PATCH 313/404] Update docs/container-images.md: use emoji Follow-up to 1a87f92647c583826920cb695ddfbdadce3e8d2d. Signed-off-by: Suguru Hirahara --- docs/container-images.md | 182 +++++++++++++++++++-------------------- 1 file changed, 91 insertions(+), 91 deletions(-) diff --git a/docs/container-images.md b/docs/container-images.md index 1b1efbe22..27034d8cd 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -9,9 +9,9 @@ We try to stick to official images (provided by their respective projects) as mu | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | -| [Synapse](configuring-playbook-synapse.md) | [element-hq/synapse](https://ghcr.io/element-hq/synapse) | ✓ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network | -| [Conduit](configuring-playbook-conduit.md) | [matrixconduit/matrix-conduit](https://hub.docker.com/r/matrixconduit/matrix-conduit) | x | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Conduit is a lightweight open-source server implementation of the Matrix Specification with a focus on easy setup and low system requirements | -| [Dendrite](configuring-playbook-dendrite.md) | [matrixdotorg/dendrite-monolith](https://hub.docker.com/r/matrixdotorg/dendrite-monolith/) | x | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Dendrite is a second-generation Matrix homeserver written in Go, an alternative to Synapse. | +| [Synapse](configuring-playbook-synapse.md) | [element-hq/synapse](https://ghcr.io/element-hq/synapse) | ✅ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network | +| [Conduit](configuring-playbook-conduit.md) | [matrixconduit/matrix-conduit](https://hub.docker.com/r/matrixconduit/matrix-conduit) | ❌ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Conduit is a lightweight open-source server implementation of the Matrix Specification with a focus on easy setup and low system requirements | +| [Dendrite](configuring-playbook-dendrite.md) | [matrixdotorg/dendrite-monolith](https://hub.docker.com/r/matrixdotorg/dendrite-monolith/) | ❌ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Dendrite is a second-generation Matrix homeserver written in Go, an alternative to Synapse. | ## Clients @@ -19,10 +19,10 @@ Web clients for Matrix that you can host on your own domains. | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | -| [Element Web](configuring-playbook-client-element-web.md) | [vectorim/element-web](https://hub.docker.com/r/vectorim/element-web/) | ✓ | Default Matrix web client, configured to connect to your own Synapse server | -| [Hydrogen](configuring-playbook-client-hydrogen.md) | [element-hq/hydrogen-web](https://ghcr.io/element-hq/hydrogen-web) | x | Lightweight Matrix client with legacy and mobile browser support | -| [Cinny](configuring-playbook-client-cinny.md) | [ajbura/cinny](https://hub.docker.com/r/ajbura/cinny) | x | Simple, elegant and secure web client | -| [SchildiChat Web](configuring-playbook-client-schildichat-web.md) | [etke.cc/schildichat-web](https://ghcr.io/etkecc/schildichat-web) | x | Based on Element Web, with a more traditional instant messaging experience | +| [Element Web](configuring-playbook-client-element-web.md) | [vectorim/element-web](https://hub.docker.com/r/vectorim/element-web/) | ✅ | Default Matrix web client, configured to connect to your own Synapse server | +| [Hydrogen](configuring-playbook-client-hydrogen.md) | [element-hq/hydrogen-web](https://ghcr.io/element-hq/hydrogen-web) | ❌ | Lightweight Matrix client with legacy and mobile browser support | +| [Cinny](configuring-playbook-client-cinny.md) | [ajbura/cinny](https://hub.docker.com/r/ajbura/cinny) | ❌ | Simple, elegant and secure web client | +| [SchildiChat Web](configuring-playbook-client-schildichat-web.md) | [etke.cc/schildichat-web](https://ghcr.io/etkecc/schildichat-web) | ❌ | Based on Element Web, with a more traditional instant messaging experience | ## Server Components @@ -30,13 +30,13 @@ Services that run on the server to make the various parts of your installation w | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | -| [PostgreSQL](configuring-playbook-external-postgres.md) | [postgres](https://hub.docker.com/_/postgres/) | ✓ | Database for Synapse. [Using an external PostgreSQL server](configuring-playbook-external-postgres.md) is also possible. | -| [Coturn](configuring-playbook-turn.md) | [coturn/coturn](https://hub.docker.com/r/coturn/coturn/) | ✓ | STUN/TURN server for WebRTC audio/video calls | -| [Traefik](configuring-playbook-traefik.md) | [Traefik](https://hub.docker.com/_/traefik/) | ✓ | Web server, listening on ports 80, 443 and 8448 - standing in front of all the other services. Using your own webserver [is possible](configuring-playbook-own-webserver.md) | -| [Let's Encrypt](configuring-playbook-ssl-certificates.md) | [certbot/certbot](https://hub.docker.com/r/certbot/certbot/) | ✓ | The [certbot](https://certbot.eff.org/) tool for obtaining SSL certificates from [Let's Encrypt](https://letsencrypt.org/) | -| [Exim](configuring-playbook-email.md) | [devture/exim-relay](https://hub.docker.com/r/devture/exim-relay/) | ✓ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | -| [ma1sd](configuring-playbook-ma1sd.md) | [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) | x | Matrix Identity Server | -| [ddclient](configuring-playbook-dynamic-dns.md) | [linuxserver/ddclient](https://hub.docker.com/r/linuxserver/ddclient) | x | Update dynamic DNS entries for accounts on Dynamic DNS Network Service Provider | +| [PostgreSQL](configuring-playbook-external-postgres.md) | [postgres](https://hub.docker.com/_/postgres/) | ✅ | Database for Synapse. [Using an external PostgreSQL server](configuring-playbook-external-postgres.md) is also possible. | +| [Coturn](configuring-playbook-turn.md) | [coturn/coturn](https://hub.docker.com/r/coturn/coturn/) | ✅ | STUN/TURN server for WebRTC audio/video calls | +| [Traefik](configuring-playbook-traefik.md) | [Traefik](https://hub.docker.com/_/traefik/) | ✅ | Web server, listening on ports 80, 443 and 8448 - standing in front of all the other services. Using your own webserver [is possible](configuring-playbook-own-webserver.md) | +| [Let's Encrypt](configuring-playbook-ssl-certificates.md) | [certbot/certbot](https://hub.docker.com/r/certbot/certbot/) | ✅ | The [certbot](https://certbot.eff.org/) tool for obtaining SSL certificates from [Let's Encrypt](https://letsencrypt.org/) | +| [Exim](configuring-playbook-email.md) | [devture/exim-relay](https://hub.docker.com/r/devture/exim-relay/) | ✅ | Mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server) | +| [ma1sd](configuring-playbook-ma1sd.md) | [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) | ❌ | Matrix Identity Server | +| [ddclient](configuring-playbook-dynamic-dns.md) | [linuxserver/ddclient](https://hub.docker.com/r/linuxserver/ddclient) | ❌ | Update dynamic DNS entries for accounts on Dynamic DNS Network Service Provider | ## Authentication @@ -44,13 +44,13 @@ Extend and modify how users are authenticated on your homeserver. | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | -| [matrix-synapse-rest-auth](configuring-playbook-rest-auth.md) | (N/A) | x | REST authentication password provider module | -| [matrix-synapse-shared-secret-auth](configuring-playbook-shared-secret-auth.md) | (N/A) | x | Password provider module | -| [matrix-synapse-ldap3](configuring-playbook-ldap-auth.md) (advanced) | (N/A) | x | LDAP Auth password provider module | -| [matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) | [activism.international/matrix_ldap_registration_proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/container_registry) | x | A proxy that handles Matrix registration requests and forwards them to LDAP. | -| [matrix-registration](configuring-playbook-matrix-registration.md) | [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) | x | A simple python application to have a token based Matrix registration | -| [Matrix User Verification Service](configuring-playbook-user-verification-service.md) (UVS) | [matrixdotorg/matrix-user-verification-service](https://hub.docker.com/r/atrixdotorg/matrix-user-verification-service) | x | Service to verify details of a user based on an Open ID token | -| [synapse-simple-antispam](configuring-playbook-synapse-simple-antispam.md) (advanced) | (N/A) | x | A spam checker module | +| [matrix-synapse-rest-auth](configuring-playbook-rest-auth.md) | (N/A) | ❌ | REST authentication password provider module | +| [matrix-synapse-shared-secret-auth](configuring-playbook-shared-secret-auth.md) | (N/A) | ❌ | Password provider module | +| [matrix-synapse-ldap3](configuring-playbook-ldap-auth.md) (advanced) | (N/A) | ❌ | LDAP Auth password provider module | +| [matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) | [activism.international/matrix_ldap_registration_proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/container_registry) | ❌ | A proxy that handles Matrix registration requests and forwards them to LDAP. | +| [matrix-registration](configuring-playbook-matrix-registration.md) | [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) | ❌ | A simple python application to have a token based Matrix registration | +| [Matrix User Verification Service](configuring-playbook-user-verification-service.md) (UVS) | [matrixdotorg/matrix-user-verification-service](https://hub.docker.com/r/atrixdotorg/matrix-user-verification-service) | ❌ | Service to verify details of a user based on an Open ID token | +| [synapse-simple-antispam](configuring-playbook-synapse-simple-antispam.md) (advanced) | (N/A) | ❌ | A spam checker module | ## File Storage @@ -58,9 +58,9 @@ Use alternative file storage to the default `media_store` folder. | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | -| [Goofys](configuring-playbook-s3-goofys.md) | [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) | x | [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files | -| [synapse-s3-storage-provider](configuring-playbook-s3.md) | (N/A) | x | [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files | -| [matrix-media-repo](configuring-playbook-matrix-media-repo.md) | [t2bot/matrix-media-repo](https://ghcr.io/t2bot/matrix-media-repo) | x | matrix-media-repo is a highly customizable multi-domain media repository for Matrix. Intended for medium to large deployments, this media repo de-duplicates media while being fully compliant with the specification. | +| [Goofys](configuring-playbook-s3-goofys.md) | [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) | ❌ | [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files | +| [synapse-s3-storage-provider](configuring-playbook-s3.md) | (N/A) | ❌ | [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files | +| [matrix-media-repo](configuring-playbook-matrix-media-repo.md) | [t2bot/matrix-media-repo](https://ghcr.io/t2bot/matrix-media-repo) | ❌ | matrix-media-repo is a highly customizable multi-domain media repository for Matrix. Intended for medium to large deployments, this media repo de-duplicates media while being fully compliant with the specification. | # Bridges @@ -68,34 +68,34 @@ Bridges can be used to connect your Matrix installation with third-party communi | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | -| [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) | [mautrix/discord](https://mau.dev/mautrix/discord/container_registry) | x | Bridge to [Discord](https://discord.com/) | -| [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) | [mautrix/slack](https://mau.dev/mautrix/slack/container_registry) | x | Bridge to [Slack](https://slack.com/) | -| [mautrix-telegram](configuring-playbook-bridge-mautrix-telegram.md) | [mautrix/telegram](https://mau.dev/mautrix/telegram/container_registry) | x | Bridge to [Telegram](https://telegram.org/) | -| [mautrix-gmessages](configuring-playbook-bridge-mautrix-gmessages.md) | [mautrix/gmessages](https://mau.dev/mautrix/gmessages/container_registry) | x | Bridge to [Google Messages](https://messages.google.com/) | -| [mautrix-whatsapp](configuring-playbook-bridge-mautrix-whatsapp.md) | [mautrix/whatsapp](https://mau.dev/mautrix/whatsapp/container_registry) | x | Bridge to [WhatsApp](https://www.whatsapp.com/) | -| [mautrix-wsproxy](configuring-playbook-bridge-mautrix-wsproxy.md) | [mautrix/wsproxy](https://mau.dev/mautrix/wsproxy/container_registry) | x | Bridge to Android SMS or Apple iMessage | -| [mautrix-twitter](configuring-playbook-bridge-mautrix-twitter.md) | [mautrix/twitter](https://mau.dev/mautrix/twitter/container_registry) | x | Bridge to [Twitter](https://twitter.com/) | -| [mautrix-googlechat](configuring-playbook-bridge-mautrix-googlechat.md) | [mautrix/googlechat](https://mau.dev/mautrix/googlechat/container_registry) | x | Bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) | -| mautrix-meta (for [Messenger](configuring-playbook-bridge-mautrix-meta-messenger.md) and [Instagram](configuring-playbook-bridge-mautrix-meta-instagram.md)) | [mautrix/meta](https://mau.dev/mautrix/meta/container_registry) | x | Bridge to [Messenger](https://messenger.com/) and [Instagram](https://instagram.com/) | -| [mautrix-signal](configuring-playbook-bridge-mautrix-signal.md) | [mautrix/signal](https://mau.dev/mautrix/signal/container_registry) | x | Bridge to [Signal](https://www.signal.org/) | -| [beeper-linkedin](configuring-playbook-bridge-beeper-linkedin.md) | [beeper/linkedin](https://ghcr.io/beeper/linkedin) | x | Bridge to [LinkedIn](https://www.linkedin.com/) | -| [matrix-appservice-irc](configuring-playbook-bridge-appservice-irc.md) | [matrixdotorg/matrix-appservice-irc](https://hub.docker.com/r/matrixdotorg/matrix-appservice-irc) | x | Bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | -| [matrix-appservice-kakaotalk](configuring-playbook-bridge-appservice-kakaotalk.md) | Self-building | x | Bridge to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) | -| [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) | [matrix-org/matrix-appservice-discord](https://ghcr.io/matrix-org/matrix-appservice-discord) | x | Bridge to [Discord](https://discordapp.com/) | -| [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) | [matrixdotorg/matrix-appservice-slack](https://hub.docker.com/r/matrixdotorg/matrix-appservice-slack) | x | Bridge to [Slack](https://slack.com/) | -| [matrix-hookshot](configuring-playbook-bridge-hookshot.md) | [halfshot/matrix-hookshot](https://hub.docker.com/r/halfshot/matrix-hookshot) | x | Bridge for generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular | -| [matrix-sms-bridge](configuring-playbook-bridge-matrix-bridge-sms.md) | [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) | x | Bridge to SMS | -| [matrix-wechat](configuring-playbook-bridge-wechat.md) | [lxduo/matrix-wechat](https://hub.docker.com/r/lxduo/matrix-wechat) | x | Bridge to [WeChat](https://www.wechat.com/) | -| [Heisenbridge](configuring-playbook-bridge-heisenbridge.md) | [hif1/heisenbridge](https://hub.docker.com/r/hif1/heisenbridge) | x | Bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | -| [go-skype-bridge](configuring-playbook-bridge-go-skype-bridge.md) | [nodefyme/go-skype-bridge](https://hub.docker.com/r/nodefyme/go-skype-bridge) | x | Bridge to [Skype](https://www.skype.com) | -| [mx-puppet-slack](configuring-playbook-bridge-mx-puppet-slack.md) | [mx-puppet/slack/mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack/container_registry) | x | Bridge to [Slack](https://slack.com) | -| [mx-puppet-instagram](configuring-playbook-bridge-mx-puppet-instagram.md) | [sorunome/mx-puppet-instagram](https://hub.docker.com/r/sorunome/mx-puppet-instagram) | x | Bridge for Instagram-DMs ([Instagram](https://www.instagram.com/)) | -| [mx-puppet-twitter](configuring-playbook-bridge-mx-puppet-twitter.md) | [sorunome/mx-puppet-twitter](https://hub.docker.com/r/sorunome/mx-puppet-twitter) | x | Bridge for Twitter-DMs ([Twitter](https://twitter.com/)) | -| [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) | [mx-puppet/discord/mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord/container_registry) | x | Bridge to [Discord](https://discordapp.com/) | -| [mx-puppet-groupme](configuring-playbook-bridge-mx-puppet-groupme.md) | [xangelix/mx-puppet-groupme](https://hub.docker.com/r/xangelix/mx-puppet-groupme) | x | Bridge to [GroupMe](https://groupme.com/) | -| [mx-puppet-steam](configuring-playbook-bridge-mx-puppet-steam.md) | [icewind1991/mx-puppet-steam](https://hub.docker.com/r/icewind1991/mx-puppet-steam) | x | Bridge to [Steam](https://steamapp.com/) | -| [Email2Matrix](configuring-playbook-email2matrix.md) | [devture/email2matrix](https://hub.docker.com/r/devture/email2matrix/) | x | Bridge for relaying emails to Matrix rooms | -| [Postmoogle](docs/configuring-playbook-bridge-postmoogle.md) | [etke.cc/postmoogle](https://github.com/etkecc/postmoogle/container_registry) | x | Email to Matrix bridge | +| [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) | [mautrix/discord](https://mau.dev/mautrix/discord/container_registry) | ❌ | Bridge to [Discord](https://discord.com/) | +| [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) | [mautrix/slack](https://mau.dev/mautrix/slack/container_registry) | ❌ | Bridge to [Slack](https://slack.com/) | +| [mautrix-telegram](configuring-playbook-bridge-mautrix-telegram.md) | [mautrix/telegram](https://mau.dev/mautrix/telegram/container_registry) | ❌ | Bridge to [Telegram](https://telegram.org/) | +| [mautrix-gmessages](configuring-playbook-bridge-mautrix-gmessages.md) | [mautrix/gmessages](https://mau.dev/mautrix/gmessages/container_registry) | ❌ | Bridge to [Google Messages](https://messages.google.com/) | +| [mautrix-whatsapp](configuring-playbook-bridge-mautrix-whatsapp.md) | [mautrix/whatsapp](https://mau.dev/mautrix/whatsapp/container_registry) | ❌ | Bridge to [WhatsApp](https://www.whatsapp.com/) | +| [mautrix-wsproxy](configuring-playbook-bridge-mautrix-wsproxy.md) | [mautrix/wsproxy](https://mau.dev/mautrix/wsproxy/container_registry) | ❌ | Bridge to Android SMS or Apple iMessage | +| [mautrix-twitter](configuring-playbook-bridge-mautrix-twitter.md) | [mautrix/twitter](https://mau.dev/mautrix/twitter/container_registry) | ❌ | Bridge to [Twitter](https://twitter.com/) | +| [mautrix-googlechat](configuring-playbook-bridge-mautrix-googlechat.md) | [mautrix/googlechat](https://mau.dev/mautrix/googlechat/container_registry) | ❌ | Bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) | +| mautrix-meta (for [Messenger](configuring-playbook-bridge-mautrix-meta-messenger.md) and [Instagram](configuring-playbook-bridge-mautrix-meta-instagram.md)) | [mautrix/meta](https://mau.dev/mautrix/meta/container_registry) | ❌ | Bridge to [Messenger](https://messenger.com/) and [Instagram](https://instagram.com/) | +| [mautrix-signal](configuring-playbook-bridge-mautrix-signal.md) | [mautrix/signal](https://mau.dev/mautrix/signal/container_registry) | ❌ | Bridge to [Signal](https://www.signal.org/) | +| [beeper-linkedin](configuring-playbook-bridge-beeper-linkedin.md) | [beeper/linkedin](https://ghcr.io/beeper/linkedin) | ❌ | Bridge to [LinkedIn](https://www.linkedin.com/) | +| [matrix-appservice-irc](configuring-playbook-bridge-appservice-irc.md) | [matrixdotorg/matrix-appservice-irc](https://hub.docker.com/r/matrixdotorg/matrix-appservice-irc) | ❌ | Bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | +| [matrix-appservice-kakaotalk](configuring-playbook-bridge-appservice-kakaotalk.md) | Self-building | ❌ | Bridge to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) | +| [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) | [matrix-org/matrix-appservice-discord](https://ghcr.io/matrix-org/matrix-appservice-discord) | ❌ | Bridge to [Discord](https://discordapp.com/) | +| [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) | [matrixdotorg/matrix-appservice-slack](https://hub.docker.com/r/matrixdotorg/matrix-appservice-slack) | ❌ | Bridge to [Slack](https://slack.com/) | +| [matrix-hookshot](configuring-playbook-bridge-hookshot.md) | [halfshot/matrix-hookshot](https://hub.docker.com/r/halfshot/matrix-hookshot) | ❌ | Bridge for generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular | +| [matrix-sms-bridge](configuring-playbook-bridge-matrix-bridge-sms.md) | [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) | ❌ | Bridge to SMS | +| [matrix-wechat](configuring-playbook-bridge-wechat.md) | [lxduo/matrix-wechat](https://hub.docker.com/r/lxduo/matrix-wechat) | ❌ | Bridge to [WeChat](https://www.wechat.com/) | +| [Heisenbridge](configuring-playbook-bridge-heisenbridge.md) | [hif1/heisenbridge](https://hub.docker.com/r/hif1/heisenbridge) | ❌ | Bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | +| [go-skype-bridge](configuring-playbook-bridge-go-skype-bridge.md) | [nodefyme/go-skype-bridge](https://hub.docker.com/r/nodefyme/go-skype-bridge) | ❌ | Bridge to [Skype](https://www.skype.com) | +| [mx-puppet-slack](configuring-playbook-bridge-mx-puppet-slack.md) | [mx-puppet/slack/mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack/container_registry) | ❌ | Bridge to [Slack](https://slack.com) | +| [mx-puppet-instagram](configuring-playbook-bridge-mx-puppet-instagram.md) | [sorunome/mx-puppet-instagram](https://hub.docker.com/r/sorunome/mx-puppet-instagram) | ❌ | Bridge for Instagram-DMs ([Instagram](https://www.instagram.com/)) | +| [mx-puppet-twitter](configuring-playbook-bridge-mx-puppet-twitter.md) | [sorunome/mx-puppet-twitter](https://hub.docker.com/r/sorunome/mx-puppet-twitter) | ❌ | Bridge for Twitter-DMs ([Twitter](https://twitter.com/)) | +| [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) | [mx-puppet/discord/mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord/container_registry) | ❌ | Bridge to [Discord](https://discordapp.com/) | +| [mx-puppet-groupme](configuring-playbook-bridge-mx-puppet-groupme.md) | [xangelix/mx-puppet-groupme](https://hub.docker.com/r/xangelix/mx-puppet-groupme) | ❌ | Bridge to [GroupMe](https://groupme.com/) | +| [mx-puppet-steam](configuring-playbook-bridge-mx-puppet-steam.md) | [icewind1991/mx-puppet-steam](https://hub.docker.com/r/icewind1991/mx-puppet-steam) | ❌ | Bridge to [Steam](https://steamapp.com/) | +| [Email2Matrix](configuring-playbook-email2matrix.md) | [devture/email2matrix](https://hub.docker.com/r/devture/email2matrix/) | ❌ | Bridge for relaying emails to Matrix rooms | +| [Postmoogle](docs/configuring-playbook-bridge-postmoogle.md) | [etke.cc/postmoogle](https://github.com/etkecc/postmoogle/container_registry) | ❌ | Email to Matrix bridge | ## Bots @@ -103,14 +103,14 @@ Bots provide various additional functionality to your installation. | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | -| [baibot](configuring-playbook-bot-baibot.md) | [etke.cc/baibot](https://ghcr.io/etkecc/baibot) | x | A bot that exposes the power of [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) to you | -| [matrix-reminder-bot](configuring-playbook-bot-matrix-reminder-bot.md) | [anoa/matrix-reminder-bot](https://hub.docker.com/r/anoa/matrix-reminder-bot) | x | Bot for scheduling one-off & recurring reminders and alarms | -| [matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md) | [moanos/matrix-registration-bot](https://hub.docker.com/r/moanos/matrix-registration-bot/) | x | Bot for invitations by creating and managing registration tokens | -| [maubot](configuring-playbook-bot-maubot.md) | [dock.mau.dev/maubot/maubot](https://mau.dev/maubot/maubot/container_registry) | x | A plugin-based Matrix bot system | -| [Honoroit](configuring-playbook-bot-honoroit.md) | [etke.cc/honoroit](https://github.com/etkecc/honoroit/container_registry) | x | A helpdesk bot | -| [Mjolnir](configuring-playbook-bot-mjolnir.md) | [matrixdotorg/mjolnir](https://hub.docker.com/r/matrixdotorg/mjolnir) | x | A moderation tool for Matrix | -| [Draupnir](configuring-playbook-bot-draupnir.md) | [gnuxie/draupnir](https://hub.docker.com/r/gnuxie/draupnir) | x | A moderation tool for Matrix (Fork of Mjolnir) | -| [Buscarron](configuring-playbook-bot-buscarron.md) | [etke.cc/buscarron](https://ghcr.io/etkecc/buscarron) | x | Web forms (HTTP POST) to Matrix | +| [baibot](configuring-playbook-bot-baibot.md) | [etke.cc/baibot](https://ghcr.io/etkecc/baibot) | ❌ | A bot that exposes the power of [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) to you | +| [matrix-reminder-bot](configuring-playbook-bot-matrix-reminder-bot.md) | [anoa/matrix-reminder-bot](https://hub.docker.com/r/anoa/matrix-reminder-bot) | ❌ | Bot for scheduling one-off & recurring reminders and alarms | +| [matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md) | [moanos/matrix-registration-bot](https://hub.docker.com/r/moanos/matrix-registration-bot/) | ❌ | Bot for invitations by creating and managing registration tokens | +| [maubot](configuring-playbook-bot-maubot.md) | [dock.mau.dev/maubot/maubot](https://mau.dev/maubot/maubot/container_registry) | ❌ | A plugin-based Matrix bot system | +| [Honoroit](configuring-playbook-bot-honoroit.md) | [etke.cc/honoroit](https://github.com/etkecc/honoroit/container_registry) | ❌ | A helpdesk bot | +| [Mjolnir](configuring-playbook-bot-mjolnir.md) | [matrixdotorg/mjolnir](https://hub.docker.com/r/matrixdotorg/mjolnir) | ❌ | A moderation tool for Matrix | +| [Draupnir](configuring-playbook-bot-draupnir.md) | [gnuxie/draupnir](https://hub.docker.com/r/gnuxie/draupnir) | ❌ | A moderation tool for Matrix (Fork of Mjolnir) | +| [Buscarron](configuring-playbook-bot-buscarron.md) | [etke.cc/buscarron](https://ghcr.io/etkecc/buscarron) | ❌ | Web forms (HTTP POST) to Matrix | ## Administration @@ -118,16 +118,16 @@ Services that help you in administrating and monitoring your Matrix installation | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | -| [matrix-alertmanager-receiver](configuring-playbook-alertmanager-receiver.md) | [metio/matrix-alertmanager-receiver](https://hub.docker.com/r/metio/matrix-alertmanager-receiver) | x | Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) client | -| [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md) | [element-hq/matrix-authentication-service](https://ghcr.io/element-hq/matrix-authentication-service) | x | OAuth 2.0 and OpenID Provider server | -| [synapse-admin](configuring-playbook-synapse-admin.md) | [etke.cc/synapse-admin](https://ghcr.io/etkecc/synapse-admin) | x | A web UI tool for administrating users and rooms on your Matrix server | -| [Metrics and Graphs](configuring-playbook-prometheus-grafana.md) | [prom/prometheus](https://hub.docker.com/r/prom/prometheus/) | x | [Prometheus](https://prometheus.io) time-series database server | -| [Metrics and Graphs](configuring-playbook-prometheus-grafana.md) | [prom/node-exporter](https://hub.docker.com/r/prom/node-exporter/) | x | Prometheus [node-exporter](https://prometheus.io/docs/guides/node-exporter/) host metrics exporter | -| [Metrics and Graphs](configuring-playbook-prometheus-grafana.md) | [grafana/grafana](https://hub.docker.com/r/grafana/grafana/) | x | Graphing tool that works well with the above two images. Our playbook also adds two dashboards for [Synapse](https://github.com/element-hq/synapse/tree/master/contrib/grafana) and [Node Exporter](https://github.com/rfrail3/grafana-dashboards) | -| [Metrics and Graphs](configuring-playbook-prometheus-nginxlog.md) | [martin-helmich/prometheus-nginxlog-exporter/exporter](https://ghcr.io/martin-helmich/prometheus-nginxlog-exporter/exporter) | x | Addon for Prometheus that gathers access logs from various nginx reverse-proxies | -| [Borg](configuring-playbook-backup-borg.md) | (N/A) | x | Backups | -| [rageshake](configuring-playbook-rageshake.md) | [matrix-org/rageshake](https://ghcr.io/matrix-org/rageshake) | x | Bug report server | -| [synapse-usage-exporter](configuring-playbook-synapse-usage-exporter.md) | Self-building | x | Export the usage statistics of a Synapse homeserver to be scraped by Prometheus. | +| [matrix-alertmanager-receiver](configuring-playbook-alertmanager-receiver.md) | [metio/matrix-alertmanager-receiver](https://hub.docker.com/r/metio/matrix-alertmanager-receiver) | ❌ | Prometheus' [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/) client | +| [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md) | [element-hq/matrix-authentication-service](https://ghcr.io/element-hq/matrix-authentication-service) | ❌ | OAuth 2.0 and OpenID Provider server | +| [synapse-admin](configuring-playbook-synapse-admin.md) | [etke.cc/synapse-admin](https://ghcr.io/etkecc/synapse-admin) | ❌ | A web UI tool for administrating users and rooms on your Matrix server | +| [Metrics and Graphs](configuring-playbook-prometheus-grafana.md) | [prom/prometheus](https://hub.docker.com/r/prom/prometheus/) | ❌ | [Prometheus](https://prometheus.io) time-series database server | +| [Metrics and Graphs](configuring-playbook-prometheus-grafana.md) | [prom/node-exporter](https://hub.docker.com/r/prom/node-exporter/) | ❌ | Prometheus [node-exporter](https://prometheus.io/docs/guides/node-exporter/) host metrics exporter | +| [Metrics and Graphs](configuring-playbook-prometheus-grafana.md) | [grafana/grafana](https://hub.docker.com/r/grafana/grafana/) | ❌ | Graphing tool that works well with the above two images. Our playbook also adds two dashboards for [Synapse](https://github.com/element-hq/synapse/tree/master/contrib/grafana) and [Node Exporter](https://github.com/rfrail3/grafana-dashboards) | +| [Metrics and Graphs](configuring-playbook-prometheus-nginxlog.md) | [martin-helmich/prometheus-nginxlog-exporter/exporter](https://ghcr.io/martin-helmich/prometheus-nginxlog-exporter/exporter) | ❌ | Addon for Prometheus that gathers access logs from various nginx reverse-proxies | +| [Borg](configuring-playbook-backup-borg.md) | (N/A) | ❌ | Backups | +| [rageshake](configuring-playbook-rageshake.md) | [matrix-org/rageshake](https://ghcr.io/matrix-org/rageshake) | ❌ | Bug report server | +| [synapse-usage-exporter](configuring-playbook-synapse-usage-exporter.md) | Self-building | ❌ | Export the usage statistics of a Synapse homeserver to be scraped by Prometheus. | ## Misc @@ -135,20 +135,20 @@ Various services that don't fit any other categories. | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | -| [sliding-sync](configuring-playbook-sliding-sync-proxy.md) | [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) | x | Sliding Sync support for clients which require it (like old Element X versions, before it got switched to Simplified Sliding Sync) | -| [synapse_auto_accept_invite](configuring-playbook-synapse-auto-accept-invite.md) | (N/A) | x | A Synapse module to automatically accept invites. | -| [synapse_auto_compressor](configuring-playbook-synapse-auto-compressor.md) | [etke.cc/rust-synapse-compress-state](https://gitlab.com/etke.cc/rust-synapse-compress-state/container_registry) | x | A cli tool that automatically compresses `state_groups` database table in background. | -| [Matrix Corporal](configuring-playbook-matrix-corporal.md) (advanced) | [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal/) | x | Reconciliator and gateway for a managed Matrix server | -| [Etherpad](configuring-playbook-etherpad.md) | [etherpad/etherpad](https://hub.docker.com/r/etherpad/etherpad/) | x | An open source collaborative text editor | -| [Jitsi](configuring-playbook-jitsi.md) | [jitsi/web](https://hub.docker.com/r/jitsi/web) | x | the [Jitsi](https://jitsi.org/) web UI | -| [Jitsi](configuring-playbook-jitsi.md) | [jitsi/jicofo](https://hub.docker.com/r/jitsi/jicofo) | x | the [Jitsi](https://jitsi.org/) Focus component | -| [Jitsi](configuring-playbook-jitsi.md) | [jitsi/prosody](https://hub.docker.com/r/jitsi/prosody) | x | the [Jitsi](https://jitsi.org/) Prosody XMPP server component | -| [Jitsi](configuring-playbook-jitsi.md) | [jitsi/jvb](https://hub.docker.com/r/jitsi/jvb) | x | the [Jitsi](https://jitsi.org/) Video Bridge component | -| [Cactus Comments](configuring-playbook-cactus-comments.md) | [cactuscomments/cactus-appservice](https://hub.docker.com/r/cactuscomments/cactus-appservice/) | x | A federated comment system built on Matrix | -| [Cactus Comments](configuring-playbook-cactus-comments.md) | [joseluisq/static-web-server](https://hub.docker.com/r/joseluisq/static-web-server) | x | A federated comment system built on Matrix | -| [Pantalaimon](configuring-playbook-pantalaimon.md) | [matrixdotorg/pantalaimon](https://hub.docker.com/r/matrixdotorg/pantalaimon) | x | An E2EE aware proxy daemon | -| [Sygnal](configuring-playbook-sygnal.md) | [matrixdotorg/sygnal](https://hub.docker.com/r/matrixdotorg/sygnal/) | x | Reference Push Gateway for Matrix | -| [ntfy](configuring-playbook-ntfy.md) | [binwiederhier/ntfy](https://hub.docker.com/r/binwiederhier/ntfy/) | x | Self-hosted, UnifiedPush-compatible push notifications server | +| [sliding-sync](configuring-playbook-sliding-sync-proxy.md) | [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) | ❌ | Sliding Sync support for clients which require it (like old Element X versions, before it got switched to Simplified Sliding Sync) | +| [synapse_auto_accept_invite](configuring-playbook-synapse-auto-accept-invite.md) | (N/A) | ❌ | A Synapse module to automatically accept invites. | +| [synapse_auto_compressor](configuring-playbook-synapse-auto-compressor.md) | [etke.cc/rust-synapse-compress-state](https://gitlab.com/etke.cc/rust-synapse-compress-state/container_registry) | ❌ | A cli tool that automatically compresses `state_groups` database table in background. | +| [Matrix Corporal](configuring-playbook-matrix-corporal.md) (advanced) | [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal/) | ❌ | Reconciliator and gateway for a managed Matrix server | +| [Etherpad](configuring-playbook-etherpad.md) | [etherpad/etherpad](https://hub.docker.com/r/etherpad/etherpad/) | ❌ | An open source collaborative text editor | +| [Jitsi](configuring-playbook-jitsi.md) | [jitsi/web](https://hub.docker.com/r/jitsi/web) | ❌ | the [Jitsi](https://jitsi.org/) web UI | +| [Jitsi](configuring-playbook-jitsi.md) | [jitsi/jicofo](https://hub.docker.com/r/jitsi/jicofo) | ❌ | the [Jitsi](https://jitsi.org/) Focus component | +| [Jitsi](configuring-playbook-jitsi.md) | [jitsi/prosody](https://hub.docker.com/r/jitsi/prosody) | ❌ | the [Jitsi](https://jitsi.org/) Prosody XMPP server component | +| [Jitsi](configuring-playbook-jitsi.md) | [jitsi/jvb](https://hub.docker.com/r/jitsi/jvb) | ❌ | the [Jitsi](https://jitsi.org/) Video Bridge component | +| [Cactus Comments](configuring-playbook-cactus-comments.md) | [cactuscomments/cactus-appservice](https://hub.docker.com/r/cactuscomments/cactus-appservice/) | ❌ | A federated comment system built on Matrix | +| [Cactus Comments](configuring-playbook-cactus-comments.md) | [joseluisq/static-web-server](https://hub.docker.com/r/joseluisq/static-web-server) | ❌ | A federated comment system built on Matrix | +| [Pantalaimon](configuring-playbook-pantalaimon.md) | [matrixdotorg/pantalaimon](https://hub.docker.com/r/matrixdotorg/pantalaimon) | ❌ | An E2EE aware proxy daemon | +| [Sygnal](configuring-playbook-sygnal.md) | [matrixdotorg/sygnal](https://hub.docker.com/r/matrixdotorg/sygnal/) | ❌ | Reference Push Gateway for Matrix | +| [ntfy](configuring-playbook-ntfy.md) | [binwiederhier/ntfy](https://hub.docker.com/r/binwiederhier/ntfy/) | ❌ | Self-hosted, UnifiedPush-compatible push notifications server | ## Container images of deprecated / unmaintained services @@ -156,10 +156,10 @@ The list of the deprecated or unmaintained services is available [here](configur | Service | Container image | Default? | Description | | ------- | --------------- | -------- | ----------- | -| [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md) | [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) | x | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) | -| [Dimension](configuring-playbook-dimension.md) | [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) | x | An open source integration manager for Matrix clients | -| [Go-NEB](configuring-playbook-bot-go-neb.md) | [matrixdotorg/go-neb](https://hub.docker.com/r/matrixdotorg/go-neb) | x | A multi functional bot written in Go | -| [matrix-chatgpt-bot](configuring-playbook-bot-chatgpt.md) | [matrixgpt/matrix-chatgpt-bot](https://ghcr.io/matrixgpt/matrix-chatgpt-bot) | x | Accessing ChatGPT via your favourite Matrix client | -| [mautrix-facebook](configuring-playbook-bridge-mautrix-facebook.md) | [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) | x | Bridge to [Facebook](https://facebook.com/) | -| [mautrix-hangouts](configuring-playbook-bridge-mautrix-hangouts.md) | [mautrix/hangouts](https://mau.dev/mautrix/hangouts/container_registry) | x | Bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) | -| [mautrix-instagram](configuring-playbook-bridge-mautrix-instagram.md) | [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) | x | Bridge to [Instagram](https://instagram.com/) | +| [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md) | [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) | ❌ | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) | +| [Dimension](configuring-playbook-dimension.md) | [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) | ❌ | An open source integration manager for Matrix clients | +| [Go-NEB](configuring-playbook-bot-go-neb.md) | [matrixdotorg/go-neb](https://hub.docker.com/r/matrixdotorg/go-neb) | ❌ | A multi functional bot written in Go | +| [matrix-chatgpt-bot](configuring-playbook-bot-chatgpt.md) | [matrixgpt/matrix-chatgpt-bot](https://ghcr.io/matrixgpt/matrix-chatgpt-bot) | ❌ | Accessing ChatGPT via your favourite Matrix client | +| [mautrix-facebook](configuring-playbook-bridge-mautrix-facebook.md) | [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) | ❌ | Bridge to [Facebook](https://facebook.com/) | +| [mautrix-hangouts](configuring-playbook-bridge-mautrix-hangouts.md) | [mautrix/hangouts](https://mau.dev/mautrix/hangouts/container_registry) | ❌ | Bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) | +| [mautrix-instagram](configuring-playbook-bridge-mautrix-instagram.md) | [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) | ❌ | Bridge to [Instagram](https://instagram.com/) | From 73a30375fa2d23737f65144e7f395fb92ec2e262 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Fri, 8 Nov 2024 09:20:06 +0100 Subject: [PATCH 314/404] Improve readability - configuring-playbook-own-webserver.md (#3751) * Improve readability - configuring-playbook-own-webserver.md * Update docs/configuring-playbook-own-webserver.md Co-authored-by: Suguru Hirahara --------- Co-authored-by: Suguru Hirahara --- docs/configuring-playbook-own-webserver.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 5fa55eaed..c31c1852d 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -185,13 +185,13 @@ matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_custom: # trustedIPs: ['IP-ADDRESS-OF-YOUR-REVERSE-PROXY'] ``` -Such a configuration would expose all services on a local port `81` and Matrix Federation on a local port `8449`. +Such a configuration would expose all services on a local port `81` and Matrix Federation on a local port `8449`. Your reverse-proxy configuration needs to send traffic to these ports. [`examples/reverse-proxies`](../examples/reverse-proxies/) contains examples for various webservers such as Apache2, Caddy, HAproxy, nginx and Nginx Proxy Manager. -Your reverse-proxy configuration needs to send traffic to these ports. The [`examples/reverse-proxies` directory](../examples/reverse-proxies/) contains sample configuration for various webservers (Apache2, Caddy, HAproxy, nginx, Nginx Proxy Manager). +It's important that these webservers proxy-pass requests to the correct `ip:port` and also set the `Host` HTTP header appropriately. If you don't pass the `Host` header correctly, Traefik will return a `404 - not found` error. -It's important that these webservers proxy-pass requests to the correct place and also set the `Host` HTTP header appropriately. If you don't pass the `Host` header correctly, you would get a 404 not found error from Traefik. - -To put it another way, `curl http://127.0.0.1:81` would give you a 404, but `curl -H 'Host: matrix.example.com' http://127.0.0.1:81` should work. +To put it another way: +- `curl http://127.0.0.1:81` will result in a `404 - not found` error +- but `curl -H 'Host: matrix.example.com' http://127.0.0.1:81` should work. ### Using no reverse-proxy on the Matrix side at all From 3af7355d14c7f4e51ca34995098f390613a33a2f Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 7 Nov 2024 19:04:51 +0900 Subject: [PATCH 315/404] =?UTF-8?q?Fix=20capitalization:=20element=20?= =?UTF-8?q?=E2=86=92=20Element?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-chatgpt.md | 2 +- examples/reverse-proxies/caddy2/README.md | 2 +- roles/custom/matrix-bot-go-neb/defaults/main.yml | 2 +- roles/custom/matrix-static-files/defaults/main.yml | 2 +- .../matrix_playbook_migration/tasks/validate_config.yml | 4 ++-- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/configuring-playbook-bot-chatgpt.md b/docs/configuring-playbook-bot-chatgpt.md index a24157c46..26973d43e 100644 --- a/docs/configuring-playbook-bot-chatgpt.md +++ b/docs/configuring-playbook-bot-chatgpt.md @@ -25,7 +25,7 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.chatgpt Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). -To make sure the bot can read encrypted messages, it will need an encryption key, just like any other new user. While obtaining the access token, follow the prompts to setup a backup key. More information can be found in the [element documentation](https://element.io/help#encryption6). +To make sure the bot can read encrypted messages, it will need an encryption key, just like any other new user. While obtaining the access token, follow the prompts to setup a backup key. More information can be found in the [Element documentation](https://element.io/help#encryption6). ## 3. Adjusting the playbook configuration diff --git a/examples/reverse-proxies/caddy2/README.md b/examples/reverse-proxies/caddy2/README.md index 2dc3d6b62..29693edc6 100644 --- a/examples/reverse-proxies/caddy2/README.md +++ b/examples/reverse-proxies/caddy2/README.md @@ -13,4 +13,4 @@ To get started, first follow the [front the integrated reverse-proxy webserver w You can either just use the [Caddyfile](Caddyfile) directly or append its content to your own Caddyfile. In both cases make sure to replace all the `example.com` domains with your own domain. -This example does not include additional services like element, but you should be able copy the first block and replace the `matrix` subdomain with the additional services subdomain. I have not tested this though. +This example does not include additional services like Element, but you should be able copy the first block and replace the `matrix` subdomain with the additional services subdomain. I have not tested this though. diff --git a/roles/custom/matrix-bot-go-neb/defaults/main.yml b/roles/custom/matrix-bot-go-neb/defaults/main.yml index 2473f86f2..359101bba 100644 --- a/roles/custom/matrix-bot-go-neb/defaults/main.yml +++ b/roles/custom/matrix-bot-go-neb/defaults/main.yml @@ -163,7 +163,7 @@ matrix_bot_go_neb_storage_database: "{{ # The access tokens that the bot uses to authenticate. # Generate one as described in # https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook-dimension.md#access-token -# via curl. With the element method, you might run into decryption problems (see https://github.com/matrix-org/go-neb#quick-start) +# via curl. With the Element method, you might run into decryption problems (see https://github.com/matrix-org/go-neb#quick-start) matrix_bot_go_neb_clients: [] # - UserID: "@goneb:{{ matrix_domain }}" # AccessToken: "MDASDASJDIASDJASDAFGFRGER" diff --git a/roles/custom/matrix-static-files/defaults/main.yml b/roles/custom/matrix-static-files/defaults/main.yml index 916b26a2b..60d1f555f 100644 --- a/roles/custom/matrix-static-files/defaults/main.yml +++ b/roles/custom/matrix-static-files/defaults/main.yml @@ -161,7 +161,7 @@ matrix_static_files_file_matrix_client_property_m_tile_server_entries_enabled: f # Controls the m.tile_server/map_style_url property in the /.well-known/matrix/client file matrix_static_files_file_matrix_client_property_m_tile_server_map_style_url: "" -# Controls whether element related entries (io.element.e2ee) should be added to the client well-known. +# Controls whether Element related entries (io.element.e2ee) should be added to the client well-known. # By default if any of the following change from their default this would be set to true: # `matrix_static_files_file_matrix_client_property_io_element_e2ee_default` # `matrix_static_files_file_matrix_client_property_io_element_e2ee_secure_backup_required` diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index 7d680d529..4c7193f52 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -272,8 +272,8 @@ - {'old': 'matrix_nginx_proxy_base_domain_homepage_enabled', 'new': 'matrix_static_files_file_index_html_enabled'} - {'old': 'matrix_nginx_proxy_base_domain_homepage_template', 'new': 'matrix_static_files_file_index_html_template'} - {'old': 'matrix_nginx_proxy_base_domain_create_directory', 'new': ''} - - {'old': 'matrix_nginx_proxy_proxy_riot_compat_redirect_enabled', 'new': ''} - - {'old': 'matrix_nginx_proxy_proxy_riot_compat_redirect_hostname', 'new': ''} + - {'old': 'matrix_nginx_proxy_proxy_riot_compat_redirect_enabled', 'new': ''} + - {'old': 'matrix_nginx_proxy_proxy_riot_compat_redirect_hostname', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_matrix_client_redirect_enabled', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_matrix_client_redirect_root_uri_to_domain', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_synapse_client_api_enabled', 'new': 'matrix_synapse_container_labels_public_client_synapse_client_api_enabled'} From b61d8f478f5fcb003ca6c3150c50f03b4a89720e Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 8 Nov 2024 12:54:48 +0900 Subject: [PATCH 316/404] =?UTF-8?q?Fix=20capitalization:=20ids=20=E2=86=92?= =?UTF-8?q?=20IDs?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-matrix-authentication-service.md | 2 +- examples/vars.yml | 2 +- roles/custom/matrix-base/defaults/main.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-matrix-authentication-service.md b/docs/configuring-playbook-matrix-authentication-service.md index 73b6f1e85..adf97a554 100644 --- a/docs/configuring-playbook-matrix-authentication-service.md +++ b/docs/configuring-playbook-matrix-authentication-service.md @@ -365,7 +365,7 @@ The same OIDC provider may have an `id` of `01HFVBY12TMNTYTBV8W921M5FA` on the M To tell `syn2mas` how the Synapse-configured OIDC provider maps to the new MAS-configured OIDC provider, add this additional configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yml -# Adjust the mapping below to match your provider ids on the Synapse side and the MAS side. +# Adjust the mapping below to match your provider IDs on the Synapse side and the MAS side. # Don't forget that Synapse automatically adds an `oidc-` prefix to provider ids defined in its configuration. matrix_authentication_service_syn2mas_process_extra_arguments: - "--upstreamProviderMapping oidc-keycloak:01HFVBY12TMNTYTBV8W921M5FA" diff --git a/examples/vars.yml b/examples/vars.yml index b6f20c277..ff898d34b 100644 --- a/examples/vars.yml +++ b/examples/vars.yml @@ -1,6 +1,6 @@ --- # The bare domain name which represents your Matrix identity. -# Matrix user ids for your server will be of the form (`@user:example.com`). +# Matrix user IDs for your server will be of the form (`@user:example.com`). # # Note: this playbook does not touch the server referenced here. # Installation happens on another server ("matrix.example.com", see `matrix_server_fqn_matrix`). diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 592837020..8fff9e053 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -1,7 +1,7 @@ --- # The bare domain name which represents your Matrix identity. -# Matrix user ids for your server will be of the form (`@user:example.com`). +# Matrix user IDs for your server will be of the form (`@user:example.com`). # # Note: this playbook does not touch the server referenced here. # Installation happens on another server ("matrix.example.com", see `matrix_server_fqn_matrix`). From 2fcd824d6bebaa1fe6daaccd5fdfde3e1f14529d Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 8 Nov 2024 20:36:35 +0900 Subject: [PATCH 317/404] =?UTF-8?q?Fix=20capitalization:=20riot=20?= =?UTF-8?q?=E2=86=92=20Riot?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Suguru Hirahara --- roles/custom/matrix-bridge-appservice-irc/defaults/main.yml | 2 +- .../matrix_playbook_migration/tasks/validate_config.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml index 0e6ffbc09..3b220d829 100644 --- a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml @@ -77,7 +77,7 @@ matrix_appservice_irc_ircService_servers: [] # noqa var-naming # # networkId: "example" # # URL to an icon used as the network icon whenever this network appear in -# # a network list. (Like in the riot room directory, for instance.) +# # a network list. (Like in the Riot room directory, for instance.) # # icon: https://example.com/images/hash.png # # The port to connect to. Optional. diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index 4c7193f52..e9606032f 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -272,8 +272,8 @@ - {'old': 'matrix_nginx_proxy_base_domain_homepage_enabled', 'new': 'matrix_static_files_file_index_html_enabled'} - {'old': 'matrix_nginx_proxy_base_domain_homepage_template', 'new': 'matrix_static_files_file_index_html_template'} - {'old': 'matrix_nginx_proxy_base_domain_create_directory', 'new': ''} - - {'old': 'matrix_nginx_proxy_proxy_riot_compat_redirect_enabled', 'new': ''} - - {'old': 'matrix_nginx_proxy_proxy_riot_compat_redirect_hostname', 'new': ''} + - {'old': 'matrix_nginx_proxy_proxy_riot_compat_redirect_enabled', 'new': ''} + - {'old': 'matrix_nginx_proxy_proxy_riot_compat_redirect_hostname', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_matrix_client_redirect_enabled', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_matrix_client_redirect_root_uri_to_domain', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_synapse_client_api_enabled', 'new': 'matrix_synapse_container_labels_public_client_synapse_client_api_enabled'} From 3c34418ebef049d5ceeac49af549f03121c8b89f Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 8 Nov 2024 13:04:51 +0900 Subject: [PATCH 318/404] Edit the note about "matrix_homeserver_implementation" variable Since a casual user might want to try another homeserver than Synapse without thinking about its consequence, it is important to clarify that it is not possible to switch homeservers once specified. Signed-off-by: Suguru Hirahara --- examples/vars.yml | 4 ++++ roles/custom/matrix-base/defaults/main.yml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/examples/vars.yml b/examples/vars.yml index ff898d34b..45c631f14 100644 --- a/examples/vars.yml +++ b/examples/vars.yml @@ -13,6 +13,10 @@ matrix_domain: example.com # See: # - `roles/custom/matrix-base/defaults/main.yml` for valid options # - the `docs/configuring-playbook-IMPLEMENTATION_NAME.md` documentation page, if one is available for your implementation choice +# +# By default, we use Synapse, because it's the only full-featured Matrix server at the moment. +# +# Note that the homeserver implementation of a server will not be able to be changed without data loss. matrix_homeserver_implementation: synapse # A secret used as a base, for generating various other secrets. diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 8fff9e053..13d52ced2 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -54,7 +54,7 @@ matrix_homeserver_enabled: true # By default, we use Synapse, because it's the only full-featured Matrix server at the moment. # # This value automatically influences other variables (`matrix_synapse_enabled`, `matrix_dendrite_enabled`, etc.). -# The homeserver implementation of an existing server cannot be changed without data loss. +# Note that the homeserver implementation of a server will not be able to be changed without data loss. matrix_homeserver_implementation: synapse # This contains a secret, which is used for generating various other secrets later on. From 0cb3e530d90c01561cbcaf381d9863d34f62f5e7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 8 Nov 2024 17:48:37 +0200 Subject: [PATCH 319/404] Add support for auto-configuring synapse-admin via `/.well-known/matrix/client` Related to: - https://github.com/etkecc/synapse-admin/pull/126 - https://github.com/etkecc/synapse-admin/releases/tag/v0.10.3-etke27 People who wish to disable this and keep their `/.well-known/matrix/client` file tidier can do it via: ```yml matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_enabled: false ``` --- group_vars/matrix_servers | 4 ++++ roles/custom/matrix-static-files/defaults/main.yml | 10 ++++++++++ .../templates/public/.well-known/matrix/client.j2 | 3 +++ roles/custom/matrix-synapse-admin/vars/main.yml | 7 +++++++ 4 files changed, 24 insertions(+) create mode 100644 roles/custom/matrix-synapse-admin/vars/main.yml diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 108954f77..a928cd083 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -5882,6 +5882,10 @@ matrix_static_files_file_matrix_client_property_org_matrix_msc2965_authenticatio matrix_static_files_file_matrix_client_property_m_tile_server_entries_enabled: "{{ matrix_client_element_location_sharing_enabled }}" matrix_static_files_file_matrix_client_property_m_tile_server_map_style_url: "{{ ('https://' if matrix_playbook_ssl_enabled else 'http://') + matrix_server_fqn_element }}/map_style.json" +# We set this regardless of whether synapse-admin is enabled, because people may wish to use a hosted (externally) synapse-admin installation and still have it auto-configured. +# See: https://github.com/etkecc/synapse-admin/pull/126 +matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_auto: "{{ matrix_synapse_admin_well_known_client_configuration if matrix_homeserver_implementation == 'synapse' else {} }}" + matrix_static_files_file_matrix_server_property_m_server: "{{ matrix_server_fqn_matrix_federation }}:{{ matrix_federation_public_port }}" matrix_static_files_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}" diff --git a/roles/custom/matrix-static-files/defaults/main.yml b/roles/custom/matrix-static-files/defaults/main.yml index 60d1f555f..7e3abf2f5 100644 --- a/roles/custom/matrix-static-files/defaults/main.yml +++ b/roles/custom/matrix-static-files/defaults/main.yml @@ -193,6 +193,16 @@ matrix_static_files_file_matrix_client_property_io_element_e2ee_secure_backup_se # See: https://github.com/element-hq/element-web/blob/develop/docs/e2ee.md matrix_static_files_file_matrix_client_property_io_element_e2ee_force_disable: false +# Controls whether `cc.etke.synapse-admin`-related entries should be added to the client well-known. +# By default, if there are entries in `matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin`, we show them (by enabling this). +matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_enabled: "{{ matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin | default({}) | dict2items | length > 0 }}" + +# Controls the cc.etke.synapse-admin property in the /.well-known/matrix/client file. +# See `matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_entries_enabled` +matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin: "{{ matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_auto | combine(matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_custom, recursive=True) }}" +matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_auto: {} +matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_custom: {} + # Default /.well-known/matrix/client configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # diff --git a/roles/custom/matrix-static-files/templates/public/.well-known/matrix/client.j2 b/roles/custom/matrix-static-files/templates/public/.well-known/matrix/client.j2 index 99ed488fe..86882893a 100644 --- a/roles/custom/matrix-static-files/templates/public/.well-known/matrix/client.j2 +++ b/roles/custom/matrix-static-files/templates/public/.well-known/matrix/client.j2 @@ -54,4 +54,7 @@ "default": {{ matrix_static_files_file_matrix_client_property_io_element_e2ee_default|to_json }} } {% endif %} + {% if matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_enabled %}, + "cc.etke.synapse-admin": {{ matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin | to_json }} + {% endif %} } diff --git a/roles/custom/matrix-synapse-admin/vars/main.yml b/roles/custom/matrix-synapse-admin/vars/main.yml new file mode 100644 index 000000000..1817a3f21 --- /dev/null +++ b/roles/custom/matrix-synapse-admin/vars/main.yml @@ -0,0 +1,7 @@ +--- + +# Configuration that can be injected into a `/.well-known/matrix/client` file, +# to let synapse-admin users use any synapse-admin instance and still get synapse-admin auto-configured correctly. +# See: https://github.com/etkecc/synapse-admin/pull/126 +matrix_synapse_admin_well_known_client_configuration: + asManagedUsers: "{{ matrix_synapse_admin_config_asManagedUsers }}" From 30efde4ed34f1dd896b914cb17d15d7296ac9d79 Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 8 Nov 2024 18:04:01 +0200 Subject: [PATCH 320/404] add missing synapse-admin config options to /.well-known/matrix/client --- roles/custom/matrix-synapse-admin/vars/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/custom/matrix-synapse-admin/vars/main.yml b/roles/custom/matrix-synapse-admin/vars/main.yml index 1817a3f21..ca14aae2f 100644 --- a/roles/custom/matrix-synapse-admin/vars/main.yml +++ b/roles/custom/matrix-synapse-admin/vars/main.yml @@ -4,4 +4,7 @@ # to let synapse-admin users use any synapse-admin instance and still get synapse-admin auto-configured correctly. # See: https://github.com/etkecc/synapse-admin/pull/126 matrix_synapse_admin_well_known_client_configuration: + restrictBaseUrl: "{{ matrix_synapse_admin_config_restrictBaseUrl }}" asManagedUsers: "{{ matrix_synapse_admin_config_asManagedUsers }}" + supportURL: "{{ matrix_synapse_admin_config_supportURL }}" + menu: "{{ matrix_synapse_admin_config_menu }}" From 28a4434f5592fe341afc132e4a1f4d83b8bee491 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 8 Nov 2024 18:34:50 +0200 Subject: [PATCH 321/404] Document why matrix_synapse_admin_well_known_client_configuration duplicates matrix_synapse_admin_configuration (roles/custom/matrix-synapse-admin/templates/config.json.j2) --- roles/custom/matrix-synapse-admin/vars/main.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/custom/matrix-synapse-admin/vars/main.yml b/roles/custom/matrix-synapse-admin/vars/main.yml index ca14aae2f..768390424 100644 --- a/roles/custom/matrix-synapse-admin/vars/main.yml +++ b/roles/custom/matrix-synapse-admin/vars/main.yml @@ -3,6 +3,10 @@ # Configuration that can be injected into a `/.well-known/matrix/client` file, # to let synapse-admin users use any synapse-admin instance and still get synapse-admin auto-configured correctly. # See: https://github.com/etkecc/synapse-admin/pull/126 +# +# This duplicates `roles/custom/matrix-synapse-admin/templates/config.json.j2` and is usable by other roles directly. +# Alternatively, `matrix_synapse_admin_configuration` may have been used instead of this variable, but that one does not work reliably +# when used outside the context of this role, because `lookup('template', 'templates/config.json.j2')` only does the right thing in the context of this role. matrix_synapse_admin_well_known_client_configuration: restrictBaseUrl: "{{ matrix_synapse_admin_config_restrictBaseUrl }}" asManagedUsers: "{{ matrix_synapse_admin_config_asManagedUsers }}" From 7a77d84276ca3f608487757738e1a4821a3eb078 Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 8 Nov 2024 18:47:37 +0200 Subject: [PATCH 322/404] synapse-admin: get rid of lookup and config duplicate var --- group_vars/matrix_servers | 2 +- .../custom/matrix-synapse-admin/defaults/main.yml | 6 +++++- .../matrix-synapse-admin/templates/config.json.j2 | 6 ------ roles/custom/matrix-synapse-admin/vars/main.yml | 14 -------------- 4 files changed, 6 insertions(+), 22 deletions(-) delete mode 100644 roles/custom/matrix-synapse-admin/templates/config.json.j2 delete mode 100644 roles/custom/matrix-synapse-admin/vars/main.yml diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a928cd083..fd2002ae6 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -5884,7 +5884,7 @@ matrix_static_files_file_matrix_client_property_m_tile_server_map_style_url: "{{ # We set this regardless of whether synapse-admin is enabled, because people may wish to use a hosted (externally) synapse-admin installation and still have it auto-configured. # See: https://github.com/etkecc/synapse-admin/pull/126 -matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_auto: "{{ matrix_synapse_admin_well_known_client_configuration if matrix_homeserver_implementation == 'synapse' else {} }}" +matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_auto: "{{ matrix_synapse_admin_configuration if matrix_homeserver_implementation == 'synapse' else {} }}" matrix_static_files_file_matrix_server_property_m_server: "{{ matrix_server_fqn_matrix_federation }}:{{ matrix_federation_public_port }}" diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index 85c7007c7..bf775bb94 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -146,7 +146,11 @@ matrix_synapse_admin_path_prefix: /synapse-admin # # The side-effect of this lookup is that Ansible would even parse the JSON for us, returning a dict. # This is unlike what it does when looking up YAML template files (no automatic parsing there). -matrix_synapse_admin_configuration_default: "{{ lookup('template', 'templates/config.json.j2') }}" +matrix_synapse_admin_configuration_default: + restrictBaseUrl: "{{ matrix_synapse_admin_config_restrictBaseUrl }}" + asManagedUsers: "{{ matrix_synapse_admin_config_asManagedUsers }}" + supportURL: "{{ matrix_synapse_admin_config_supportURL }}" + menu: "{{ matrix_synapse_admin_config_menu }}" # Your custom JSON configuration for synapse-admin should go to `matrix_synapse_admin_configuration_extension_json`. # This configuration extends the default starting configuration (`matrix_synapse_admin_configuration_default`). diff --git a/roles/custom/matrix-synapse-admin/templates/config.json.j2 b/roles/custom/matrix-synapse-admin/templates/config.json.j2 deleted file mode 100644 index 672a979c5..000000000 --- a/roles/custom/matrix-synapse-admin/templates/config.json.j2 +++ /dev/null @@ -1,6 +0,0 @@ -{ - "restrictBaseUrl": {{ matrix_synapse_admin_config_restrictBaseUrl | to_json }}, - "asManagedUsers": {{ matrix_synapse_admin_config_asManagedUsers | to_json }}, - "supportURL": {{ matrix_synapse_admin_config_supportURL | to_json }}, - "menu": {{ matrix_synapse_admin_config_menu | to_json }}, -} diff --git a/roles/custom/matrix-synapse-admin/vars/main.yml b/roles/custom/matrix-synapse-admin/vars/main.yml deleted file mode 100644 index 768390424..000000000 --- a/roles/custom/matrix-synapse-admin/vars/main.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- - -# Configuration that can be injected into a `/.well-known/matrix/client` file, -# to let synapse-admin users use any synapse-admin instance and still get synapse-admin auto-configured correctly. -# See: https://github.com/etkecc/synapse-admin/pull/126 -# -# This duplicates `roles/custom/matrix-synapse-admin/templates/config.json.j2` and is usable by other roles directly. -# Alternatively, `matrix_synapse_admin_configuration` may have been used instead of this variable, but that one does not work reliably -# when used outside the context of this role, because `lookup('template', 'templates/config.json.j2')` only does the right thing in the context of this role. -matrix_synapse_admin_well_known_client_configuration: - restrictBaseUrl: "{{ matrix_synapse_admin_config_restrictBaseUrl }}" - asManagedUsers: "{{ matrix_synapse_admin_config_asManagedUsers }}" - supportURL: "{{ matrix_synapse_admin_config_supportURL }}" - menu: "{{ matrix_synapse_admin_config_menu }}" From e02dd88ed0c437707d7b6d45cfe47ee9d1f2615b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 8 Nov 2024 23:42:06 +0900 Subject: [PATCH 323/404] Update docs/installing.md: add instruction to serve the base domain The instruction describes the easiest way of configuring Service Discovery (which is required for federation) should help to understand what basically to be done to finalize the installation. Signed-off-by: Suguru Hirahara --- docs/installing.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/docs/installing.md b/docs/installing.md index 4bae27d8f..a1459919a 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -100,10 +100,21 @@ A way to invoke these `ansible-playbook` commands with less typing in the future Now that services are running, you need to **finalize the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md). +If you need the base domain for anything else (such as hosting a website), you have to configure it manually, following the procedure described on the linked documentation. + +However, if you do not need the base domain (`example.com`) for anything else, the easiest way of configuring it is to [serve the base domain](configuring-playbook-base-domain-serving.md) from the integrated web server. It will enable you to use a Matrix user identifier like `@:example.com` while hosting services on a subdomain like `matrix.example.com`. + +To configure Service Discovery in this way, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: + +```yaml +matrix_static_files_container_labels_base_domain_enabled: true +``` + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` ## 4. Things to do next -After you have started the services and **finalized the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md), you can: +After finilizing the installation, you can: - [check if services work](maintenance-checking-services.md) - or [create your first Matrix user account](registering-users.md) From 578b6b7ab7eed7396b0e1b225073a93546c600fa Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 00:19:04 +0900 Subject: [PATCH 324/404] Update docs/installing.md: move "Maintaining your setup in the future" under "Things to do next" Maintenance work by running the playbook will be required after finalizing the installation Signed-off-by: Suguru Hirahara --- docs/installing.md | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/docs/installing.md b/docs/installing.md index a1459919a..f4b89582b 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -86,16 +86,6 @@ ansible-playbook -i inventory/hosts setup.yml --tags=start Proceed to [Maintaining your setup in the future](#2-maintaining-your-setup-in-the-future) and [Finalize the installation](#3-finalize-the-installation) - -## 2. Maintaining your setup in the future - -Feel free to **re-run the setup command any time** you think something is off with the server configuration. Ansible will take your configuration and update your server to match. - -Note that if you remove components from `vars.yml`, or if we switch some component from being installed by default to not being installed by default anymore, you'd need to run the setup command with `--tags=setup-all` instead of `--tags=install-all`. See [Playbook tags introduction](#playbook-tags-introduction) - -A way to invoke these `ansible-playbook` commands with less typing in the future is to use [just](https://github.com/casey/just) to run them: `just install-all` or `just setup-all`. See [our `justfile`](../justfile) for more information. - - ## 3. Finalize the installation Now that services are running, you need to **finalize the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md). @@ -125,3 +115,11 @@ After finilizing the installation, you can: * via the *Explore rooms* feature in Element Web or some other clients, or by discovering them using this [matrix-static list](https://view.matrix.org). **Note**: joining large rooms may overload small servers. * or come say Hi in our support room - [#matrix-docker-ansible-deploy:devture.com](https://matrix.to/#/#matrix-docker-ansible-deploy:devture.com). You might learn something or get to help someone else new to Matrix hosting. - or help make this playbook better by contributing (code, documentation, or [coffee/beer](https://liberapay.com/s.pantaleev/donate)) + +### Maintaining your setup in the future + +Feel free to **re-run the setup command any time** you think something is off with the server configuration. Ansible will take your configuration and update your server to match. + +Note that if you remove components from `vars.yml`, or if we switch some component from being installed by default to not being installed by default anymore, you'd need to run the setup command with `--tags=setup-all` instead of `--tags=install-all`. See [Playbook tags introduction](#playbook-tags-introduction) + +A way to invoke these `ansible-playbook` commands with less typing in the future is to use [just](https://github.com/casey/just) to run them: `just install-all` or `just setup-all`. See [our `justfile`](../justfile) for more information. From 66a812d99c12cb24f38f57fb271875ca80a9d4cc Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 00:21:58 +0900 Subject: [PATCH 325/404] Update docs/installing.md: remove numbering from headers and links to the headers Remove nagivations for simplicity. Signed-off-by: Suguru Hirahara --- docs/installing.md | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/docs/installing.md b/docs/installing.md index f4b89582b..50926fca8 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -34,7 +34,7 @@ Here are some playbook tags that you should be familiar with: `setup-*` tags and `install-*` tags **do not start services** automatically, because you may wish to do things before starting services, such as importing a database dump, restoring data from another server, etc. -## 1. Installing Matrix +## Install Matrix If you **don't** use SSH keys for authentication, but rather a regular password, you may need to add `--ask-pass` to the all Ansible commands @@ -53,9 +53,6 @@ ansible-playbook -i inventory/hosts setup.yml --tags=install-all,ensure-matrix-u This will do a full installation and start all Matrix services. -Proceed to [Maintaining your setup in the future](#2-maintaining-your-setup-in-the-future) and [Finalize the installation](#3-finalize-the-installation) - - ### Installing a server into which you'll import old data If you will be importing data into your newly created Matrix server, install it, but **do not** start its services just yet. Starting its services or messing with its database now will affect your data import later on. @@ -84,9 +81,7 @@ You can now: ansible-playbook -i inventory/hosts setup.yml --tags=start ``` -Proceed to [Maintaining your setup in the future](#2-maintaining-your-setup-in-the-future) and [Finalize the installation](#3-finalize-the-installation) - -## 3. Finalize the installation +## Finalize the installation Now that services are running, you need to **finalize the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md). @@ -102,7 +97,7 @@ matrix_static_files_container_labels_base_domain_enabled: true After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` -## 4. Things to do next +## Things to do next After finilizing the installation, you can: From ea48e5e9ebb0ae09996e6471390f8abeb0ce44fc Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 00:40:19 +0900 Subject: [PATCH 326/404] Create docs/playbook-tags.md: move explanation about playbook tags The playbook tags are not limited to installation, and the explanation's detail makes the section worth being split to a dedicated individual page. Signed-off-by: Suguru Hirahara --- docs/README.md | 2 ++ docs/installing.md | 29 +++-------------------------- docs/playbook-tags.md | 23 +++++++++++++++++++++++ 3 files changed, 28 insertions(+), 26 deletions(-) create mode 100644 docs/playbook-tags.md diff --git a/docs/README.md b/docs/README.md index 77c5099df..3fdf8bd6a 100644 --- a/docs/README.md +++ b/docs/README.md @@ -12,6 +12,8 @@ - [Installing](installing.md) +- [Playbook tags](playbook-tags.md) + - **Importing data from another server installation** - [Importing an existing SQLite database (from another Synapse installation)](importing-synapse-sqlite.md) (optional) diff --git a/docs/installing.md b/docs/installing.md index 50926fca8..64f256025 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -8,33 +8,11 @@ If you've [configured your DNS](configuring-dns.md) and have [configured the pla There's another shortcut (`just update`) which updates the playbook (`git pull`) and updates roles (`just roles`) at the same time. - -## Playbook tags introduction +## Install Matrix The Ansible playbook's tasks are tagged, so that certain parts of the Ansible playbook can be run without running all other tasks. -The general command syntax is: `ansible-playbook -i inventory/hosts setup.yml --tags=COMMA_SEPARATED_TAGS_GO_HERE` - -Here are some playbook tags that you should be familiar with: - -- `setup-all` - runs all setup tasks (installation and uninstallation) for all components, but does not start/restart services - -- `install-all` - like `setup-all`, but skips uninstallation tasks. Useful for maintaining your setup quickly when its components remain unchanged. If you adjust your `vars.yml` to remove components, you'd need to run `setup-all` though, or these components will still remain installed - -- `setup-SERVICE` (e.g. `setup-postmoogle`) - runs the setup tasks only for a given role, but does not start/restart services. You can discover these additional tags in each role (`roles/**/tasks/main.yml`). Running per-component setup tasks is **not recommended**, as components sometimes depend on each other and running just the setup tasks for a given component may not be enough. For example, setting up the [mautrix-telegram bridge](configuring-playbook-bridge-mautrix-telegram.md), in addition to the `setup-mautrix-telegram` tag, requires database changes (the `setup-postgres` tag) as well as reverse-proxy changes (the `setup-nginx-proxy` tag). - -- `install-SERVICE` (e.g. `install-postmoogle`) - like `setup-SERVICE`, but skips uninstallation tasks. See `install-all` above for additional information. - -- `start` - starts all systemd services and makes them start automatically in the future - -- `stop` - stops all systemd services - -- `ensure-matrix-users-created` - a special tag which ensures that all special users needed by the playbook (for bots, etc.) are created - -`setup-*` tags and `install-*` tags **do not start services** automatically, because you may wish to do things before starting services, such as importing a database dump, restoring data from another server, etc. - - -## Install Matrix +The general command syntax for installation (and also maintenance) is: `ansible-playbook -i inventory/hosts setup.yml --tags=COMMA_SEPARATED_TAGS_GO_HERE`. It is recommended to get yourself familiar with the [playbook tags](playbook-tags.md) before proceeding. If you **don't** use SSH keys for authentication, but rather a regular password, you may need to add `--ask-pass` to the all Ansible commands @@ -42,7 +20,6 @@ If you **do** use SSH keys for authentication, **and** use a non-root user to *b There 2 ways to start the installation process - depending on whether you're [Installing a brand new server (without importing data)](#installing-a-brand-new-server-without-importing-data) or [Installing a server into which you'll import old data](#installing-a-server-into-which-youll-import-old-data). - ### Installing a brand new server (without importing data) If this is **a brand new** Matrix server and you **won't be importing old data into it**, run all these tags: @@ -115,6 +92,6 @@ After finilizing the installation, you can: Feel free to **re-run the setup command any time** you think something is off with the server configuration. Ansible will take your configuration and update your server to match. -Note that if you remove components from `vars.yml`, or if we switch some component from being installed by default to not being installed by default anymore, you'd need to run the setup command with `--tags=setup-all` instead of `--tags=install-all`. See [Playbook tags introduction](#playbook-tags-introduction) +Note that if you remove components from `vars.yml`, or if we switch some component from being installed by default to not being installed by default anymore, you'd need to run the setup command with `--tags=setup-all` instead of `--tags=install-all`. See [this page on the playbook tags](playbook-tags.md) for more information. A way to invoke these `ansible-playbook` commands with less typing in the future is to use [just](https://github.com/casey/just) to run them: `just install-all` or `just setup-all`. See [our `justfile`](../justfile) for more information. diff --git a/docs/playbook-tags.md b/docs/playbook-tags.md new file mode 100644 index 000000000..0699164d0 --- /dev/null +++ b/docs/playbook-tags.md @@ -0,0 +1,23 @@ +# Playbook tags + +The Ansible playbook's tasks are tagged, so that certain parts of the Ansible playbook can be run without running all other tasks. + +The general command syntax is: `ansible-playbook -i inventory/hosts setup.yml --tags=COMMA_SEPARATED_TAGS_GO_HERE` + +Here are some playbook tags that you should be familiar with: + +- `setup-all` - runs all setup tasks (installation and uninstallation) for all components, but does not start/restart services + +- `install-all` - like `setup-all`, but skips uninstallation tasks. Useful for maintaining your setup quickly when its components remain unchanged. If you adjust your `vars.yml` to remove components, you'd need to run `setup-all` though, or these components will still remain installed + +- `setup-SERVICE` (e.g. `setup-postmoogle`) - runs the setup tasks only for a given role, but does not start/restart services. You can discover these additional tags in each role (`roles/**/tasks/main.yml`). Running per-component setup tasks is **not recommended**, as components sometimes depend on each other and running just the setup tasks for a given component may not be enough. For example, setting up the [mautrix-telegram bridge](configuring-playbook-bridge-mautrix-telegram.md), in addition to the `setup-mautrix-telegram` tag, requires database changes (the `setup-postgres` tag) as well as reverse-proxy changes (the `setup-nginx-proxy` tag). + +- `install-SERVICE` (e.g. `install-postmoogle`) - like `setup-SERVICE`, but skips uninstallation tasks. See `install-all` above for additional information. + +- `start` - starts all systemd services and makes them start automatically in the future + +- `stop` - stops all systemd services + +- `ensure-matrix-users-created` - a special tag which ensures that all special users needed by the playbook (for bots, etc.) are created + +`setup-*` tags and `install-*` tags **do not start services** automatically, because you may wish to do things before starting services, such as importing a database dump, restoring data from another server, etc. From 5dccd4e1069926690ac897d4b55dad40ff6b2f2b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 00:48:57 +0900 Subject: [PATCH 327/404] Update docs/installing.md: create "Update Ansible roles" section Also: mention running "just" role on maintainance Signed-off-by: Suguru Hirahara --- docs/installing.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/docs/installing.md b/docs/installing.md index 64f256025..6a1f14c54 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -4,7 +4,11 @@ If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure. -**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `just roles`. `just roles` is a shortcut (a `roles` target defined in [`justfile`](../justfile) and executed by the [`just`](https://github.com/casey/just) utility) which ultimately runs [agru](https://github.com/etkecc/agru) or [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) (depending on what is available in your system) to download Ansible roles. If you don't have `just`, you can also manually run the `roles` commands seen in the `justfile`. +## Update Ansible roles + +Before installing, you need to update the Ansible roles in this playbook by running `just roles`. + +`just roles` is a shortcut (a `roles` target defined in [`justfile`](../justfile) and executed by the [`just`](https://github.com/casey/just) utility) which ultimately runs [agru](https://github.com/etkecc/agru) or [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) (depending on what is available in your system) to download Ansible roles. If you don't have `just`, you can also manually run the `roles` commands seen in the `justfile`. There's another shortcut (`just update`) which updates the playbook (`git pull`) and updates roles (`just roles`) at the same time. @@ -90,7 +94,7 @@ After finilizing the installation, you can: ### Maintaining your setup in the future -Feel free to **re-run the setup command any time** you think something is off with the server configuration. Ansible will take your configuration and update your server to match. +Feel free to **re-run the setup command any time** you think something is off with the server configuration. Ansible will take your configuration and update your server to match. To update the playbook and the Ansible roles in the playbook, simply run `just roles`. Note that if you remove components from `vars.yml`, or if we switch some component from being installed by default to not being installed by default anymore, you'd need to run the setup command with `--tags=setup-all` instead of `--tags=install-all`. See [this page on the playbook tags](playbook-tags.md) for more information. From 5e23dee4bb7a8e9766eabbfe9c0e16d3084d7a27 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 02:10:06 +0900 Subject: [PATCH 328/404] Update docs/installing.md: add missing periods Signed-off-by: Suguru Hirahara --- docs/installing.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/installing.md b/docs/installing.md index 6a1f14c54..de3524dfc 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -18,9 +18,9 @@ The Ansible playbook's tasks are tagged, so that certain parts of the Ansible pl The general command syntax for installation (and also maintenance) is: `ansible-playbook -i inventory/hosts setup.yml --tags=COMMA_SEPARATED_TAGS_GO_HERE`. It is recommended to get yourself familiar with the [playbook tags](playbook-tags.md) before proceeding. -If you **don't** use SSH keys for authentication, but rather a regular password, you may need to add `--ask-pass` to the all Ansible commands +If you **don't** use SSH keys for authentication, but rather a regular password, you may need to add `--ask-pass` to the all Ansible commands. -If you **do** use SSH keys for authentication, **and** use a non-root user to *become* root (sudo), you may need to add `-K` (`--ask-become-pass`) to all Ansible commands +If you **do** use SSH keys for authentication, **and** use a non-root user to *become* root (sudo), you may need to add `-K` (`--ask-become-pass`) to all Ansible commands. There 2 ways to start the installation process - depending on whether you're [Installing a brand new server (without importing data)](#installing-a-brand-new-server-without-importing-data) or [Installing a server into which you'll import old data](#installing-a-server-into-which-youll-import-old-data). From e6b4ffdd935c3e2aa0822b7beba66df7d1c816d2 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 02:26:38 +0900 Subject: [PATCH 329/404] Update docs/installing.md: add note about making sure of proper installation of required software Until recently there have been a lot of questions about installing, which could have been avoided if required software such as compatible version of Ansible was installed. This note should encourage those who experience basic error to troubleshoot before giving up. Signed-off-by: Suguru Hirahara --- docs/installing.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/installing.md b/docs/installing.md index de3524dfc..491d8a81c 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -34,6 +34,8 @@ ansible-playbook -i inventory/hosts setup.yml --tags=install-all,ensure-matrix-u This will do a full installation and start all Matrix services. +**Note**: if the command does not work as expected, make sure that you have properly installed and configured software required to run the playbook, as described on [Prerequisites](prerequisites.md). + ### Installing a server into which you'll import old data If you will be importing data into your newly created Matrix server, install it, but **do not** start its services just yet. Starting its services or messing with its database now will affect your data import later on. From f8b44a8eca26442ff540d0b2288b9803426410a2 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 03:02:08 +0900 Subject: [PATCH 330/404] Update docs/installing.md: mention just's "recipe" Signed-off-by: Suguru Hirahara --- docs/installing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/installing.md b/docs/installing.md index 491d8a81c..83b5f5144 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -100,4 +100,4 @@ Feel free to **re-run the setup command any time** you think something is off wi Note that if you remove components from `vars.yml`, or if we switch some component from being installed by default to not being installed by default anymore, you'd need to run the setup command with `--tags=setup-all` instead of `--tags=install-all`. See [this page on the playbook tags](playbook-tags.md) for more information. -A way to invoke these `ansible-playbook` commands with less typing in the future is to use [just](https://github.com/casey/just) to run them: `just install-all` or `just setup-all`. See [our `justfile`](../justfile) for more information. +A way to invoke these `ansible-playbook` commands with less typing in the future is to use [just](https://github.com/casey/just) to run the "recipe": `just install-all` or `just setup-all`. See [our `justfile`](../justfile) for more information. From 50d1a8558e407664e3551a6e144c7b0417e56176 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 03:54:42 +0900 Subject: [PATCH 331/404] Update docs/installing.md: edit the heading "Install Matrix" Matrix is a name of the protocol and it does not really make sense to install it. Signed-off-by: Suguru Hirahara --- docs/installing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/installing.md b/docs/installing.md index 83b5f5144..023d808e7 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -12,7 +12,7 @@ Before installing, you need to update the Ansible roles in this playbook by runn There's another shortcut (`just update`) which updates the playbook (`git pull`) and updates roles (`just roles`) at the same time. -## Install Matrix +## Install Matrix server and services The Ansible playbook's tasks are tagged, so that certain parts of the Ansible playbook can be run without running all other tasks. From 5a85bec8956cf6643e04cf1558ddffccc221da00 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 12:12:43 +0900 Subject: [PATCH 332/404] Update docs/installing.md: move `example.com` base domain Signed-off-by: Suguru Hirahara --- docs/installing.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/installing.md b/docs/installing.md index 023d808e7..9b0d79c9f 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -68,9 +68,9 @@ ansible-playbook -i inventory/hosts setup.yml --tags=start Now that services are running, you need to **finalize the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md). -If you need the base domain for anything else (such as hosting a website), you have to configure it manually, following the procedure described on the linked documentation. +If you need the base domain (`example.com`) for anything else such as hosting a website, you have to configure it manually, following the procedure described on the linked documentation. -However, if you do not need the base domain (`example.com`) for anything else, the easiest way of configuring it is to [serve the base domain](configuring-playbook-base-domain-serving.md) from the integrated web server. It will enable you to use a Matrix user identifier like `@:example.com` while hosting services on a subdomain like `matrix.example.com`. +However, if you do not need the base domain for anything else, the easiest way of configuring it is to [serve the base domain](configuring-playbook-base-domain-serving.md) from the integrated web server. It will enable you to use a Matrix user identifier like `@:example.com` while hosting services on a subdomain like `matrix.example.com`. To configure Service Discovery in this way, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: From 58603d79bc3c268b60befc30de556ca7dadd71fa Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 13:53:17 +0900 Subject: [PATCH 333/404] Update docs/installing.md: replace the just recipe with the ansible-playbook command The concept of the just recipe is explained at the bottom of the page, therefore it should be safe to avoid using it here and prefer the ansible-playbook command like above. Signed-off-by: Suguru Hirahara --- docs/installing.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/installing.md b/docs/installing.md index 9b0d79c9f..f67b9ce01 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -78,7 +78,11 @@ To configure Service Discovery in this way, add the following configuration to y matrix_static_files_container_labels_base_domain_enabled: true ``` -After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` +After configuring the playbook, run the [installation](installing.md) command: + +```sh +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +``` ## Things to do next From 6d1b4781c93f9d82946f40112fcf901bcb5a1304 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 14:08:27 +0900 Subject: [PATCH 334/404] Update docs/installing.md: remove the link to itself Signed-off-by: Suguru Hirahara --- docs/installing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/installing.md b/docs/installing.md index f67b9ce01..c431cb42b 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -78,7 +78,7 @@ To configure Service Discovery in this way, add the following configuration to y matrix_static_files_container_labels_base_domain_enabled: true ``` -After configuring the playbook, run the [installation](installing.md) command: +After configuring the playbook, run the installation command: ```sh ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start From 60dca4dd46169be252b5a29a26abe311b086de40 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 17:33:27 +0900 Subject: [PATCH 335/404] Update docs/installing.md Co-authored-by: Slavi Pantaleev --- docs/installing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/installing.md b/docs/installing.md index c431cb42b..a4c9dfa3f 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -61,7 +61,7 @@ You can now: .. and then proceed to starting all services: ```sh -ansible-playbook -i inventory/hosts setup.yml --tags=start +ansible-playbook -i inventory/hosts setup.yml --tags=ensure-matrix-users-created,start ``` ## Finalize the installation From 61f7f8ff50e32c1b296347e80c554e355ee73e2d Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 17:35:52 +0900 Subject: [PATCH 336/404] Update docs/installing.md Co-authored-by: Slavi Pantaleev --- docs/installing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/installing.md b/docs/installing.md index a4c9dfa3f..7541c6593 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -81,7 +81,7 @@ matrix_static_files_container_labels_base_domain_enabled: true After configuring the playbook, run the installation command: ```sh -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +ansible-playbook -i inventory/hosts setup.yml --tags=install-all,start ``` ## Things to do next From d34b490a3d0faa38bf78f118546393a35fa01ee2 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 9 Nov 2024 10:49:41 +0200 Subject: [PATCH 337/404] Announce auto-configuration for synapse-admin Related to https://github.com/etkecc/synapse-admin/pull/126 --- CHANGELOG.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 31c69ad74..35493c06c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,14 @@ +# 2024-11-08 + +## Support for synapse-admin auto-configuration via /.well-known/matrix/client + +You can administrate your Synapse-powered homeserver using synapse-admin hosted externally (e.g. [admin.etke.cc](https://admin.etke.cc/)) and the synapse-admin instance would still auto-configure itself correctly for your server by [reading its `/.well-known/matrix/client` file](https://github.com/etkecc/synapse-admin/pull/126). + +The playbook now configures the `/.well-known/matrix/client` file for this by default, injecting into it a `cc.etke.synapse-admin` section that contains the full synapse-admin configuration. This is done even if you don't enable the synapse-admin service in your configuration. The reason for always doing it is to allow users to skip the (small) overhead of self-hosting the non-core synapse-admin service, yet still be able to use it from elsewhere when needed. + +If you don't ever plan on using synapse-admin from other servers (besides your own due to [self-hosting synapse-admin](./docs/configuring-playbook-synapse-admin.md)), you **can disable this** `/.well-known/matrix/client` configuration via `matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_enabled: false` + + # 2024-10-28 ## (BC Break) Postmoogle's variable names need adjustments From 3a118811208aa14361bc43c5265b0e21730bf63a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 9 Nov 2024 21:18:39 +0200 Subject: [PATCH 338/404] Mention publicly hosted services for Cinny, Element and synapse-admin --- docs/configuring-playbook-client-cinny.md | 7 ++++++- docs/configuring-playbook-client-element-web.md | 5 +++++ docs/configuring-playbook-synapse-admin.md | 2 +- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-client-cinny.md b/docs/configuring-playbook-client-cinny.md index 7badf52d6..64ede1606 100644 --- a/docs/configuring-playbook-client-cinny.md +++ b/docs/configuring-playbook-client-cinny.md @@ -2,7 +2,12 @@ This playbook can install the [Cinny](https://github.com/ajbura/cinny) Matrix web client for you. -Cinny is a web client focusing primarily on simple, elegant and secure interface. It can be installed alongside or instead of Element Web. +Cinny is a web client focusing primarily on simple, elegant and secure interface. It can be installed alongside or instead of [Element Web](./configuring-playbook-client-element-web.md). + +💡 **Note**: the latest version of Cinny is also available on the web, hosted by 3rd parties. If you trust giving your credentials to the following 3rd party Single Page Applications, you can consider using it from there and avoiding the (small) overhead of self-hosting: + +- [app.cinny.in](https://app.cinny.in), hosted by the [Cinny](https://cinny.in/) developers + ## Adjusting the playbook configuration diff --git a/docs/configuring-playbook-client-element-web.md b/docs/configuring-playbook-client-element-web.md index 2065aa738..35706e4d5 100644 --- a/docs/configuring-playbook-client-element-web.md +++ b/docs/configuring-playbook-client-element-web.md @@ -2,6 +2,11 @@ By default, this playbook installs the [Element Web](https://github.com/element-hq/element-web) Matrix client for you. If that's okay, you can skip this document. +💡 **Note**: the latest version of Element Web is also available on the web, hosted by 3rd parties. If you trust giving your credentials to the following 3rd party Single Page Applications, you can consider using it from there and avoiding the (small) overhead of self-hosting (by [disabling Element Web](#disabling-element-web)): + +- [app.element.io](https://app.element.io/), hosted by [Element](https://element.io/) +- [app.etke.cc](https://app.etke.cc/), hosted by [etke.cc](https://etke.cc/) + ## Disabling Element Web diff --git a/docs/configuring-playbook-synapse-admin.md b/docs/configuring-playbook-synapse-admin.md index 7fc76433e..3b460dbd3 100644 --- a/docs/configuring-playbook-synapse-admin.md +++ b/docs/configuring-playbook-synapse-admin.md @@ -4,7 +4,7 @@ The playbook can install and configure [etkecc/synapse-admin](https://github.com synapse-admin is a web UI tool you can use to **administrate users, rooms, media, etc. on your Matrix server**. It's designed to work with the Synapse homeserver implementation and WON'T work with Dendrite because [Dendrite Admin API](https://matrix-org.github.io/dendrite/administration/adminapi) differs from [Synapse Admin API](https://element-hq.github.io/synapse/latest/usage/administration/admin_api/). -See the project's [documentation](https://github.com/etkecc/synapse-admin) to learn what it does and why it might be useful to you. +💡 **Note**: the latest version of synapse-admin is hosted by [etke.cc](https://etke.cc/) at [admin.etke.cc](https://admin.etke.cc/). If you only need this service occasionally and trust giving your admin credentials to a 3rd party Single Page Application, you can consider using it from there and avoiding the (small) overhead of self-hosting. ## Adjusting the playbook configuration From 509542ccaf8667e759866c988baf6ea6c7dff994 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 9 Nov 2024 21:19:16 +0200 Subject: [PATCH 339/404] Enable QR code login (MSC4108) support for Synapse when Matrix Authentication Service is enabled Related to 8a6b822bbd80ca3cdb25b0cd29bf369b6b0ce2e1 Related to https://github.com/matrix-org/matrix-spec-proposals/pull/4108 Potential (unconfirmed) fix for https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3749 --- group_vars/matrix_servers | 2 ++ roles/custom/matrix-synapse/defaults/main.yml | 4 ++++ roles/custom/matrix-synapse/tasks/validate_config.yml | 5 +++++ .../matrix-synapse/templates/synapse/homeserver.yaml.j2 | 3 +++ 4 files changed, 14 insertions(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index fd2002ae6..5cd5c200e 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -4769,6 +4769,8 @@ matrix_synapse_experimental_features_msc3861_client_secret: "{{ '%s' | format(ma matrix_synapse_experimental_features_msc3861_admin_token: "{{ matrix_authentication_service_config_matrix_secret if matrix_authentication_service_enabled else '' }}" matrix_synapse_experimental_features_msc3861_account_management_url: "{{ matrix_authentication_service_account_management_url if matrix_authentication_service_enabled else '' }}" +matrix_synapse_experimental_features_msc4108_enabled: "{{ matrix_authentication_service_enabled and not matrix_authentication_service_migration_in_progress }}" + # Disable password authentication when delegating authentication to Matrix Authentication Service. # Unless this is done, Synapse fails on startup with: # > Error in configuration at 'password_config.enabled': diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index c6e2db9be..216e63b57 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -1180,6 +1180,10 @@ matrix_synapse_experimental_features_msc3861_admin_token: '' # URL to advertise to clients where users can self-manage their account. matrix_synapse_experimental_features_msc3861_account_management_url: '' +# Controls whether to enable the "QR code login" experimental feature. +# Enabling this requires that MSC3861 (see `matrix_synapse_experimental_features_msc3861_enabled`) is also enabled. +matrix_synapse_experimental_features_msc4108_enabled: false + ################################################################################ # # /Next-generation auth for Matrix, based on OAuth 2.0/OIDC diff --git a/roles/custom/matrix-synapse/tasks/validate_config.yml b/roles/custom/matrix-synapse/tasks/validate_config.yml index e9f02b44c..b53566c8e 100644 --- a/roles/custom/matrix-synapse/tasks/validate_config.yml +++ b/roles/custom/matrix-synapse/tasks/validate_config.yml @@ -154,3 +154,8 @@ ansible.builtin.fail: msg: "When Synapse is delegating authentication to Matrix Authentication Service, it doesn't make sense to enable the password config (`matrix_synapse_password_config_enabled: true`), because it is not Synapse that is handling authentication. Please remove your `matrix_synapse_password_config_enabled: true` setting before enabling Matrix Authentication Service integration for Synapse. Synapse will refuse to start otherwise." when: matrix_synapse_experimental_features_msc3861_enabled and matrix_synapse_password_config_enabled + +- name: Fail if QR code login (MSC4108) is enabled while Next-Gen Auth (MSC3861) is not + ansible.builtin.fail: + msg: "When Synapse QR code login is enabled (MSC4108 via `matrix_synapse_experimental_features_msc4108_enabled`), Next-Gen auth (MSC3861 via `matrix_synapse_experimental_features_msc3861_enabled`) must also be enabled." + when: matrix_synapse_experimental_features_msc4108_enabled and not matrix_synapse_experimental_features_msc3861_enabled diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 5a20fea4f..3408a1050 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2987,5 +2987,8 @@ experimental_features: admin_token: {{ matrix_synapse_experimental_features_msc3861_admin_token | to_json }} account_management_url: {{ matrix_synapse_experimental_features_msc3861_account_management_url | to_json }} {% endif %} + {% if matrix_synapse_experimental_features_msc4108_enabled %} + msc4108_enabled: true + {% endif %} # vim:ft=yaml From 73e2531293eee10edbe26b273abf5adaf80b81b8 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 9 Nov 2024 14:44:29 +0900 Subject: [PATCH 340/404] Update docs/installing.md: add a link to maintenance-migrating.md The guide is more simple and straightforward. Signed-off-by: Suguru Hirahara --- docs/installing.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/installing.md b/docs/installing.md index 7541c6593..9ba2e45dc 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -24,6 +24,8 @@ If you **do** use SSH keys for authentication, **and** use a non-root user to *b There 2 ways to start the installation process - depending on whether you're [Installing a brand new server (without importing data)](#installing-a-brand-new-server-without-importing-data) or [Installing a server into which you'll import old data](#installing-a-server-into-which-youll-import-old-data). +**Note**: if you are migrating from an old server to a new one, take a look at [this guide](maintenance-migrating.md) instead. This is an easier and more straightforward way than installing a server and importing old data into it. + ### Installing a brand new server (without importing data) If this is **a brand new** Matrix server and you **won't be importing old data into it**, run all these tags: From 6f3fa723174dce1944edab84932aba3eddf244bd Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Mon, 11 Nov 2024 10:44:05 +0200 Subject: [PATCH 341/404] borgmatic v1.9.1 --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 83a85adc0..e1ba730d2 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,7 +4,7 @@ version: v1.0.0-5 name: auxiliary - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git - version: v1.4.0-1.9.0-2 + version: v1.4.0-1.9.1-0 name: backup_borg - src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git version: v0.2.0-0 From 763dcec11f99d0083320e7534a1baa28e29812cd Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 12 Nov 2024 13:45:22 +0200 Subject: [PATCH 342/404] Upgrade baibot (v1.3.1 -> v1.3.2) --- roles/custom/matrix-bot-baibot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bot-baibot/defaults/main.yml b/roles/custom/matrix-bot-baibot/defaults/main.yml index 21a576d08..2847eb298 100644 --- a/roles/custom/matrix-bot-baibot/defaults/main.yml +++ b/roles/custom/matrix-bot-baibot/defaults/main.yml @@ -11,7 +11,7 @@ matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_versio matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src" # renovate: datasource=docker depName=ghcr.io/etkecc/baibot -matrix_bot_baibot_version: v1.3.1 +matrix_bot_baibot_version: v1.3.2 matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_name_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}" matrix_bot_baibot_container_image_name_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else 'ghcr.io/' }}" matrix_bot_baibot_container_image_force_pull: "{{ matrix_bot_baibot_container_image.endswith(':latest') }}" From 9b99e41fba6a0c06e23c1718e8b2edef50e16b24 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 12 Nov 2024 13:46:36 +0200 Subject: [PATCH 343/404] Upgrade Element Web (v1.11.84 -> v1.11.85) --- roles/custom/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index 645410841..d8eed40ae 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -11,7 +11,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" # renovate: datasource=docker depName=vectorim/element-web -matrix_client_element_version: v1.11.84 +matrix_client_element_version: v1.11.85 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" From 9854dc0a7156d3e5bcb4fa7f1da392e2aa6fe049 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 12 Nov 2024 14:35:47 +0200 Subject: [PATCH 344/404] grafana v11.3.0; cinny v4.2.3 --- requirements.yml | 2 +- roles/custom/matrix-client-cinny/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.yml b/requirements.yml index e1ba730d2..09cfd2e99 100644 --- a/requirements.yml +++ b/requirements.yml @@ -22,7 +22,7 @@ version: v4.98-r0-1-1 name: exim_relay - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-grafana.git - version: v11.2.2-0 + version: v11.3.0-0 name: grafana - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git version: v9779-0 diff --git a/roles/custom/matrix-client-cinny/defaults/main.yml b/roles/custom/matrix-client-cinny/defaults/main.yml index d48cdcf9c..ef32d37a5 100644 --- a/roles/custom/matrix-client-cinny/defaults/main.yml +++ b/roles/custom/matrix-client-cinny/defaults/main.yml @@ -7,7 +7,7 @@ matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" # renovate: datasource=docker depName=ajbura/cinny -matrix_client_cinny_version: v4.2.2 +matrix_client_cinny_version: v4.2.3 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From 895ac02db81ce942a1a7825283383db792e91ee5 Mon Sep 17 00:00:00 2001 From: adam-kress Date: Tue, 12 Nov 2024 11:03:44 -0500 Subject: [PATCH 345/404] Upgrade Jitsi (v9779-0 -> v9823-0) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 09cfd2e99..2fcf35132 100644 --- a/requirements.yml +++ b/requirements.yml @@ -25,7 +25,7 @@ version: v11.3.0-0 name: grafana - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git - version: v9779-0 + version: v9823-0 name: jitsi - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-keydb.git version: v6.3.4-3 From 946ec3995426e2b101381c1f60ac3c31ab1b34ab Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 13 Nov 2024 17:41:24 +0000 Subject: [PATCH 346/404] Update ghcr.io/element-hq/synapse Docker tag to v1.119.0 --- roles/custom/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 216e63b57..3a03778ad 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -16,7 +16,7 @@ matrix_synapse_enabled: true matrix_synapse_github_org_and_repo: element-hq/synapse # renovate: datasource=docker depName=ghcr.io/element-hq/synapse -matrix_synapse_version: v1.118.0 +matrix_synapse_version: v1.119.0 matrix_synapse_username: '' matrix_synapse_uid: '' From 5f6c3c27d88e14b65eaaba40801f82edbb0e31cb Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 13 Nov 2024 21:41:06 +0200 Subject: [PATCH 347/404] Fix site-packages path for Synapse v1.119.0 Related to: - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3768 - https://github.com/element-hq/synapse/pull/17887 --- roles/custom/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 3a03778ad..dc8705721 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -335,7 +335,7 @@ matrix_synapse_goofys_systemd_required_services_list_custom: [] # This can be set to 0 to remove the delay. matrix_synapse_systemd_service_post_start_delay_seconds: 10 -matrix_synapse_in_container_python_packages_path: "/usr/local/lib/python3.11/site-packages" +matrix_synapse_in_container_python_packages_path: "/usr/local/lib/python3.12/site-packages" # Specifies which template files to use when configuring Synapse. # If you'd like to have your own different configuration, feel free to copy and paste From 58a8f79d951c46b81f1642935b417c0fe2c3a498 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 13 Nov 2024 21:48:18 +0200 Subject: [PATCH 348/404] Remove gzip support from synapse-reverse-proxy-companion gzipping certain responses is known to cause problems with QR code logins. Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3749 Gzipping at the synapse-reverse-proxy-companion level and not at the level of the outer-most reverse-proxy (Traefik) also sounds non-ideal. This change only affects setups powered by Synapse workers. Non-worker setups (and setups powered by other homeservers) were not having their requests go through synapse-reverse-proxy-companion anyway, so this change does not affect them. Future patches may enable response compression support at the Traefik level for all setups. --- .../conf.d/matrix-synapse-reverse-proxy-companion.conf.j2 | 6 ------ .../templates/nginx/nginx.conf.j2 | 1 - 2 files changed, 7 deletions(-) diff --git a/roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/conf.d/matrix-synapse-reverse-proxy-companion.conf.j2 b/roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/conf.d/matrix-synapse-reverse-proxy-companion.conf.j2 index 379f2091a..f32fe1e27 100644 --- a/roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/conf.d/matrix-synapse-reverse-proxy-companion.conf.j2 +++ b/roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/conf.d/matrix-synapse-reverse-proxy-companion.conf.j2 @@ -91,9 +91,6 @@ server { server_tokens off; root /dev/null; - gzip on; - gzip_types text/plain application/json; - {% if matrix_synapse_reverse_proxy_companion_synapse_workers_enabled %} # Client-server overrides -- These locations must go to the main Synapse process location ~ {{ matrix_synapse_reverse_proxy_companion_client_server_main_override_locations_regex }} { @@ -252,9 +249,6 @@ server { root /dev/null; - gzip on; - gzip_types text/plain application/json; - {% if matrix_synapse_reverse_proxy_companion_synapse_workers_enabled %} # Federation overrides -- These locations must go to the main Synapse process location ~ {{ matrix_synapse_reverse_proxy_companion_federation_override_locations_regex }} { diff --git a/roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/nginx.conf.j2 b/roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/nginx.conf.j2 index 119227634..4c532d1fe 100644 --- a/roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/nginx.conf.j2 +++ b/roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/nginx.conf.j2 @@ -66,7 +66,6 @@ http { server_tokens off; - #gzip on; {# Map directive needed for proxied WebSocket upgrades #} map $http_upgrade $connection_upgrade { default upgrade; From ebb3b0c249aefdc6ff41917dd97d7118dacfe3ec Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Thu, 14 Nov 2024 09:31:40 +0200 Subject: [PATCH 349/404] Synapse Admin v0.10.3-etke30 --- roles/custom/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index bf775bb94..a52f9b0f8 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git" # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin -matrix_synapse_admin_version: v0.10.3-etke29 +matrix_synapse_admin_version: v0.10.3-etke30 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From bddd6015adf70e48916f550fc40038a6ec7625b0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 14 Nov 2024 15:45:36 +0200 Subject: [PATCH 350/404] Upgrade Traefik (v3.2.0-0 -> v3.2.0-1) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 2fcf35132..a82bf1bd7 100644 --- a/requirements.yml +++ b/requirements.yml @@ -70,7 +70,7 @@ version: v1.0.0-0 name: timesync - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git - version: v3.2.0-0 + version: v3.2.0-1 name: traefik - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git version: v2.8.3-5 From 4bb16fef54379374a3807b93dfde70b61b9825f0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 14 Nov 2024 15:48:41 +0200 Subject: [PATCH 351/404] Increase default Traefik readTimeout for web/web-secure/matrix-federation entrypoints (60s -> 300s) to accommodate large/slow file uploads --- group_vars/matrix_servers | 4 +++ roles/custom/matrix-base/defaults/main.yml | 33 ++++++++++++++++++++-- 2 files changed, 34 insertions(+), 3 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 5cd5c200e..110f5cdc4 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -5942,6 +5942,10 @@ traefik_base_path: "{{ matrix_base_data_path }}/traefik" traefik_uid: "{{ matrix_user_uid }}" traefik_gid: "{{ matrix_user_gid }}" +# It's common for setups to deal with large file uploads which may take longer than the default readTimeout (60s). +# This override (for the `web` entrypoint) also cascades to overriding the `web-secure` entrypoint and the `matrix-federation` entrypoint. +traefik_config_entrypoint_web_transport_respondingTimeouts_readTimeout: 300s + traefik_additional_entrypoints_auto: | {{ ([matrix_playbook_public_matrix_federation_api_traefik_entrypoint_definition] if matrix_playbook_public_matrix_federation_api_traefik_entrypoint_enabled else []) diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 13d52ced2..e7c7d8dac 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -267,11 +267,38 @@ matrix_playbook_public_matrix_federation_api_traefik_entrypoint_host_bind_port_u matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config: "{{ (matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_default | combine (matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_auto)) | combine(matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_custom, recursive=True) }}" matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_http3_enabled: true matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_http3_advertisedPort: "{{ matrix_playbook_public_matrix_federation_api_traefik_entrypoint_port }}" # noqa var-naming +matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_transport_respondingTimeouts_readTimeout: "{{ traefik_config_entrypoint_web_secure_transport_respondingTimeouts_readTimeout }}" # noqa var-naming +matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_transport_respondingTimeouts_writeTimeout: "{{ traefik_config_entrypoint_web_secure_transport_respondingTimeouts_writeTimeout }}" # noqa var-naming +matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_transport_respondingTimeouts_idleTimeout: "{{ traefik_config_entrypoint_web_secure_transport_respondingTimeouts_idleTimeout }}" # noqa var-naming matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_default: | {{ - ({'http3': {'advertisedPort': matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_http3_advertisedPort | int}}) - if matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_http3_enabled - else {} + {} + + | combine( + ( + ( + { + 'http3': { + 'advertisedPort': matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_http3_advertisedPort | int + } + } + ) + if matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_http3_enabled + else {} + ) + ) + + | combine( + { + 'transport': { + 'respondingTimeouts': { + 'readTimeout': matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_transport_respondingTimeouts_readTimeout, + 'writeTimeout': matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_transport_respondingTimeouts_writeTimeout, + 'idleTimeout': matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_transport_respondingTimeouts_idleTimeout, + } + } + } + ) }} matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_auto: {} matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_custom: {} From 5cad57129632bca297a0c4e905dabb21cda1263b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 14 Nov 2024 15:51:03 +0200 Subject: [PATCH 352/404] Add variables & wiring to support Traefik's compression middleware This merely hooks the playbook to the Traefik role's compression middleware configuration (`traefik_config_http_middlewares_compression_*`) The Traefik role enables the `compression` middleware by default. Actual usage will land in a future commit. --- group_vars/matrix_servers | 3 +++ roles/custom/matrix-base/defaults/main.yml | 7 +++++++ 2 files changed, 10 insertions(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 110f5cdc4..d5ff7483d 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -35,6 +35,9 @@ matrix_playbook_traefik_labels_enabled: "{{ matrix_playbook_reverse_proxy_type i matrix_playbook_reverse_proxy_container_network: "{{ traefik_container_network if traefik_enabled else 'traefik' }}" matrix_playbook_reverse_proxy_hostname: "{{ traefik_identifier if traefik_enabled else 'traefik' }}" +matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled: "{{ traefik_config_http_middlewares_compression_enabled if (traefik_enabled and traefik_config_http_middlewares_compression_enabled) else false }}" +matrix_playbook_reverse_proxy_traefik_middleware_compession_name: "{{ (traefik_config_http_middlewares_compression_middleware_name + '@file') if traefik_enabled else '' }}" + # A separate Matrix Federation entrypoint is always enabled, unless the federation port matches one of the ports for existing (default) entrypoints matrix_playbook_public_matrix_federation_api_traefik_entrypoint_enabled: "{{ matrix_federation_public_port not in [traefik_config_entrypoint_web_port, traefik_config_entrypoint_web_secure_port] }}" diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index e7c7d8dac..e3152edb4 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -239,6 +239,13 @@ matrix_playbook_reverse_proxy_container_network: 'traefik' # Specifies the hostname that the reverse-proxy is available at matrix_playbook_reverse_proxy_hostname: 'matrix-traefik' +# Specifies whether the Traefik reverse-proxy (if `matrix_playbook_reverse_proxy_type` indicates that Traefik is being used) defines a compression middleware. +matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled: false + +# Specifies the name of the compression middleware defined for the Traefik reverse-proxy (if `matrix_playbook_reverse_proxy_type` indicates that Traefik is being used). +# It's better to use a fully-qualified middleware name (e.g. `compression@docker` or `compression@file`) here to prevent ambiguity. +matrix_playbook_reverse_proxy_traefik_middleware_compession_name: '' + # Controls the additional network that reverse-proxyable services will be connected to. matrix_playbook_reverse_proxyable_services_additional_network: "{{ matrix_playbook_reverse_proxy_container_network }}" From 4a61bd49e3bfec2e8d96402a9ea0e1c2b4f2da62 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 14 Nov 2024 15:53:58 +0200 Subject: [PATCH 353/404] Enable (Traefik compression middleware)-assisted compression for Cinny, Element & Hydrogen --- group_vars/matrix_servers | 9 +++++++++ roles/custom/matrix-client-cinny/defaults/main.yml | 5 +++++ .../custom/matrix-client-cinny/tasks/validate_config.yml | 7 ++++--- roles/custom/matrix-client-cinny/templates/labels.j2 | 4 ++++ roles/custom/matrix-client-element/defaults/main.yml | 5 +++++ .../matrix-client-element/tasks/validate_config.yml | 7 ++++--- roles/custom/matrix-client-element/templates/labels.j2 | 4 ++++ roles/custom/matrix-client-hydrogen/defaults/main.yml | 5 +++++ .../matrix-client-hydrogen/tasks/validate_config.yml | 7 ++++--- roles/custom/matrix-client-hydrogen/templates/labels.j2 | 4 ++++ 10 files changed, 48 insertions(+), 9 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index d5ff7483d..cfd383652 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -4467,6 +4467,9 @@ matrix_client_element_container_labels_traefik_docker_network: "{{ matrix_playbo matrix_client_element_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}" matrix_client_element_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" +matrix_client_element_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled }}" +matrix_client_element_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_name if matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled else '' }}" + matrix_client_element_default_hs_url: "{{ matrix_homeserver_url }}" matrix_client_element_default_is_url: "{{ matrix_identity_server_url }}" @@ -4516,6 +4519,9 @@ matrix_client_hydrogen_container_labels_traefik_docker_network: "{{ matrix_playb matrix_client_hydrogen_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}" matrix_client_hydrogen_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" +matrix_client_hydrogen_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled }}" +matrix_client_hydrogen_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_name if matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled else '' }}" + matrix_client_hydrogen_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}" matrix_client_hydrogen_default_hs_url: "{{ matrix_homeserver_url }}" @@ -4549,6 +4555,9 @@ matrix_client_cinny_container_labels_traefik_docker_network: "{{ matrix_playbook matrix_client_cinny_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}" matrix_client_cinny_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" +matrix_client_cinny_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled }}" +matrix_client_cinny_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_name if matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled else '' }}" + matrix_client_cinny_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}" matrix_client_cinny_default_hs_url: "{{ matrix_homeserver_url }}" diff --git a/roles/custom/matrix-client-cinny/defaults/main.yml b/roles/custom/matrix-client-cinny/defaults/main.yml index ef32d37a5..2137fed70 100644 --- a/roles/custom/matrix-client-cinny/defaults/main.yml +++ b/roles/custom/matrix-client-cinny/defaults/main.yml @@ -44,6 +44,11 @@ matrix_client_cinny_container_labels_traefik_entrypoints: web-secure matrix_client_cinny_container_labels_traefik_tls: "{{ matrix_client_cinny_container_labels_traefik_entrypoints != 'web' }}" matrix_client_cinny_container_labels_traefik_tls_certResolver: default # noqa var-naming +# Controls whether a compression middleware will be injected into the middlewares list. +# This compression middleware is supposed to be defined elsewhere (using labels or a File provider, etc.) and is merely referenced by this router. +matrix_client_cinny_container_labels_traefik_compression_middleware_enabled: false +matrix_client_cinny_container_labels_traefik_compression_middleware_name: "" + # Controls which additional headers to attach to all HTTP responses. # To add your own headers, use `matrix_client_cinny_container_labels_traefik_additional_response_headers_custom` matrix_client_cinny_container_labels_traefik_additional_response_headers: "{{ matrix_client_cinny_container_labels_traefik_additional_response_headers_auto | combine(matrix_client_cinny_container_labels_traefik_additional_response_headers_custom) }}" diff --git a/roles/custom/matrix-client-cinny/tasks/validate_config.yml b/roles/custom/matrix-client-cinny/tasks/validate_config.yml index a7d4f70f2..7a7ee2dfe 100644 --- a/roles/custom/matrix-client-cinny/tasks/validate_config.yml +++ b/roles/custom/matrix-client-cinny/tasks/validate_config.yml @@ -3,10 +3,11 @@ ansible.builtin.fail: msg: > You need to define a required configuration setting (`{{ item }}`) to use Cinny. - when: "vars[item] == '' or vars[item] is none" + when: "item.when | bool and vars[item.name] == ''" with_items: - - matrix_client_cinny_default_hs_url - - matrix_client_cinny_container_network + - {'name': 'matrix_client_cinny_default_hs_url', when: true} + - {'name': 'matrix_client_cinny_container_network', when: true} + - {'name': 'matrix_client_cinny_container_labels_traefik_compression_middleware_name', when: "{{ matrix_client_cinny_container_labels_traefik_compression_middleware_enabled }}"} - name: Fail if matrix_client_cinny_path_prefix is not / ansible.builtin.fail: diff --git a/roles/custom/matrix-client-cinny/templates/labels.j2 b/roles/custom/matrix-client-cinny/templates/labels.j2 index ede967226..e18e804c0 100644 --- a/roles/custom/matrix-client-cinny/templates/labels.j2 +++ b/roles/custom/matrix-client-cinny/templates/labels.j2 @@ -9,6 +9,10 @@ traefik.http.services.matrix-client-cinny.loadbalancer.server.port=8080 {% set middlewares = [] %} +{% if matrix_client_cinny_container_labels_traefik_compression_middleware_enabled %} +{% set middlewares = middlewares + [matrix_client_cinny_container_labels_traefik_compression_middleware_name] %} +{% endif %} + {% if matrix_client_cinny_container_labels_traefik_path_prefix != '/' %} traefik.http.middlewares.matrix-client-cinny-slashless-redirect.redirectregex.regex=({{ matrix_client_cinny_container_labels_traefik_path_prefix | quote }})$ traefik.http.middlewares.matrix-client-cinny-slashless-redirect.redirectregex.replacement=${1}/ diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index d8eed40ae..d8b33102f 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -48,6 +48,11 @@ matrix_client_element_container_labels_traefik_entrypoints: web-secure matrix_client_element_container_labels_traefik_tls: "{{ matrix_client_element_container_labels_traefik_entrypoints != 'web' }}" matrix_client_element_container_labels_traefik_tls_certResolver: default # noqa var-naming +# Controls whether a compression middleware will be injected into the middlewares list. +# This compression middleware is supposed to be defined elsewhere (using labels or a File provider, etc.) and is merely referenced by this router. +matrix_client_element_container_labels_traefik_compression_middleware_enabled: false +matrix_client_element_container_labels_traefik_compression_middleware_name: "" + # Controls which additional headers to attach to all HTTP responses. # To add your own headers, use `matrix_client_element_container_labels_traefik_additional_response_headers_custom` matrix_client_element_container_labels_traefik_additional_response_headers: "{{ matrix_client_element_container_labels_traefik_additional_response_headers_auto | combine(matrix_client_element_container_labels_traefik_additional_response_headers_custom) }}" diff --git a/roles/custom/matrix-client-element/tasks/validate_config.yml b/roles/custom/matrix-client-element/tasks/validate_config.yml index 81e00ddac..a61d8bcaf 100644 --- a/roles/custom/matrix-client-element/tasks/validate_config.yml +++ b/roles/custom/matrix-client-element/tasks/validate_config.yml @@ -4,10 +4,11 @@ ansible.builtin.fail: msg: > You need to define a required configuration setting (`{{ item }}`) for using Element Web. - when: "vars[item] == ''" + when: "item.when | bool and vars[item.name] == ''" with_items: - - matrix_client_element_default_hs_url - - matrix_client_element_container_network + - {'name': 'matrix_client_element_default_hs_url', when: true} + - {'name': 'matrix_client_element_container_network', when: true} + - {'name': 'matrix_client_element_container_labels_traefik_compression_middleware_name', when: "{{ matrix_client_element_container_labels_traefik_compression_middleware_enabled }}"} - name: Fail if Element location sharing enabled, but no tile server defined ansible.builtin.fail: diff --git a/roles/custom/matrix-client-element/templates/labels.j2 b/roles/custom/matrix-client-element/templates/labels.j2 index 8de199918..67ed2b95a 100644 --- a/roles/custom/matrix-client-element/templates/labels.j2 +++ b/roles/custom/matrix-client-element/templates/labels.j2 @@ -9,6 +9,10 @@ traefik.http.services.matrix-client-element.loadbalancer.server.port=8080 {% set middlewares = [] %} +{% if matrix_client_element_container_labels_traefik_compression_middleware_enabled %} +{% set middlewares = middlewares + [matrix_client_element_container_labels_traefik_compression_middleware_name] %} +{% endif %} + {% if matrix_client_element_container_labels_traefik_path_prefix != '/' %} traefik.http.middlewares.matrix-client-element-slashless-redirect.redirectregex.regex=({{ matrix_client_element_container_labels_traefik_path_prefix | quote }})$ traefik.http.middlewares.matrix-client-element-slashless-redirect.redirectregex.replacement=${1}/ diff --git a/roles/custom/matrix-client-hydrogen/defaults/main.yml b/roles/custom/matrix-client-hydrogen/defaults/main.yml index 480492b42..78d1b8618 100644 --- a/roles/custom/matrix-client-hydrogen/defaults/main.yml +++ b/roles/custom/matrix-client-hydrogen/defaults/main.yml @@ -43,6 +43,11 @@ matrix_client_hydrogen_container_labels_traefik_entrypoints: web-secure matrix_client_hydrogen_container_labels_traefik_tls: "{{ matrix_client_hydrogen_container_labels_traefik_entrypoints != 'web' }}" matrix_client_hydrogen_container_labels_traefik_tls_certResolver: default # noqa var-naming +# Controls whether a compression middleware will be injected into the middlewares list. +# This compression middleware is supposed to be defined elsewhere (using labels or a File provider, etc.) and is merely referenced by this router. +matrix_client_hydrogen_container_labels_traefik_compression_middleware_enabled: false +matrix_client_hydrogen_container_labels_traefik_compression_middleware_name: "" + # Controls which additional headers to attach to all HTTP responses. # To add your own headers, use `matrix_client_hydrogen_container_labels_traefik_additional_response_headers_custom` matrix_client_hydrogen_container_labels_traefik_additional_response_headers: "{{ matrix_client_hydrogen_container_labels_traefik_additional_response_headers_auto | combine(matrix_client_hydrogen_container_labels_traefik_additional_response_headers_custom) }}" diff --git a/roles/custom/matrix-client-hydrogen/tasks/validate_config.yml b/roles/custom/matrix-client-hydrogen/tasks/validate_config.yml index 73452f831..93b9354eb 100644 --- a/roles/custom/matrix-client-hydrogen/tasks/validate_config.yml +++ b/roles/custom/matrix-client-hydrogen/tasks/validate_config.yml @@ -4,10 +4,11 @@ ansible.builtin.fail: msg: > You need to define a required configuration setting (`{{ item }}`) to use Hydrogen. - when: "(vars[item] == '' or vars[item] is none) and matrix_client_hydrogen_container_image_self_build | bool" + when: "item.when | bool and vars[item.name] == ''" with_items: - - matrix_client_hydrogen_default_hs_url - - matrix_client_hydrogen_container_network + - {'name': 'matrix_client_hydrogen_default_hs_url', when: "{{ matrix_client_hydrogen_container_image_self_build }}"} + - {'name': 'matrix_client_hydrogen_container_network', when: true} + - {'name': 'matrix_client_hydrogen_container_labels_traefik_compression_middleware_name', when: "{{ matrix_client_hydrogen_container_labels_traefik_compression_middleware_enabled }}"} - when: matrix_client_hydrogen_container_labels_traefik_enabled | bool block: diff --git a/roles/custom/matrix-client-hydrogen/templates/labels.j2 b/roles/custom/matrix-client-hydrogen/templates/labels.j2 index f5ccf8c97..011d02d1d 100644 --- a/roles/custom/matrix-client-hydrogen/templates/labels.j2 +++ b/roles/custom/matrix-client-hydrogen/templates/labels.j2 @@ -9,6 +9,10 @@ traefik.http.services.matrix-client-hydrogen.loadbalancer.server.port=8080 {% set middlewares = [] %} +{% if matrix_client_hydrogen_container_labels_traefik_compression_middleware_enabled %} +{% set middlewares = middlewares + [matrix_client_hydrogen_container_labels_traefik_compression_middleware_name] %} +{% endif %} + {% if matrix_client_hydrogen_container_labels_traefik_path_prefix != '/' %} traefik.http.middlewares.matrix-client-hydrogen-slashless-redirect.redirectregex.regex=({{ matrix_client_hydrogen_container_labels_traefik_path_prefix | quote }})$ traefik.http.middlewares.matrix-client-hydrogen-slashless-redirect.redirectregex.replacement=${1}/ From 609cf5940e889b37bb1af292adf349ac3a3def1c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 14 Nov 2024 16:24:30 +0200 Subject: [PATCH 354/404] Enable (Traefik compression middleware)-assisted compression for Synapse This likely breaks QR code login for non-worker Synapse setups. See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3749 --- group_vars/matrix_servers | 3 ++ roles/custom/matrix-synapse/defaults/main.yml | 5 ++ .../matrix-synapse/tasks/validate_config.yml | 2 + .../templates/synapse/labels.j2 | 48 +++++++++++++++++++ 4 files changed, 58 insertions(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index cfd383652..dd4905958 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -4676,6 +4676,9 @@ matrix_synapse_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_prim matrix_synapse_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" matrix_synapse_container_labels_traefik_hostname: "{{ matrix_server_fqn_matrix }}" +matrix_synapse_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled }}" +matrix_synapse_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_name if matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled else '' }}" + matrix_synapse_container_labels_matrix_labels_enabled: "{{ not matrix_synapse_workers_enabled }}" matrix_synapse_container_labels_public_client_root_redirection_enabled: "{{ matrix_synapse_container_labels_public_client_root_redirection_url != '' }}" diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index dc8705721..cdc117443 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -186,6 +186,11 @@ matrix_synapse_container_labels_traefik_entrypoints: web-secure matrix_synapse_container_labels_traefik_tls_certResolver: default # noqa var-naming matrix_synapse_container_labels_traefik_hostname: '' +# Controls whether a compression middleware will be injected into the middlewares list. +# This compression middleware is supposed to be defined elsewhere (using labels or a File provider, etc.) and is merely referenced by this router. +matrix_synapse_container_labels_traefik_compression_middleware_enabled: false +matrix_synapse_container_labels_traefik_compression_middleware_name: "" + # Controls whether Matrix-related labels will be added. # # When set to false, variables like the following take no effect: diff --git a/roles/custom/matrix-synapse/tasks/validate_config.yml b/roles/custom/matrix-synapse/tasks/validate_config.yml index b53566c8e..e1e6fbe27 100644 --- a/roles/custom/matrix-synapse/tasks/validate_config.yml +++ b/roles/custom/matrix-synapse/tasks/validate_config.yml @@ -39,6 +39,8 @@ - {'name': 'matrix_synapse_experimental_features_msc3861_admin_token', when: "{{ matrix_synapse_experimental_features_msc3861_enabled }}"} - {'name': 'matrix_synapse_experimental_features_msc3861_account_management_url', when: "{{ matrix_synapse_experimental_features_msc3861_enabled }}"} + - {'name': 'matrix_synapse_container_labels_traefik_compression_middleware_name', when: "{{ matrix_synapse_container_labels_traefik_compression_middleware_enabled }}"} + - name: Fail if asking for more than 1 instance of single-instance workers ansible.builtin.fail: msg: >- diff --git a/roles/custom/matrix-synapse/templates/synapse/labels.j2 b/roles/custom/matrix-synapse/templates/synapse/labels.j2 index fd472b3fc..940e5b457 100644 --- a/roles/custom/matrix-synapse/templates/synapse/labels.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/labels.j2 @@ -19,6 +19,10 @@ traefik.http.services.matrix-synapse-metrics.loadbalancer.server.port={{ matrix_ {% set client_root_middlewares = [] %} +{% if matrix_synapse_container_labels_traefik_compression_middleware_enabled %} +{% set client_root_middlewares = client_root_middlewares + [matrix_synapse_container_labels_traefik_compression_middleware_name] %} +{% endif %} + {% if matrix_synapse_container_labels_public_client_root_redirection_enabled %} {% set client_root_middlewares = client_root_middlewares + ['matrix-synapse-public-client-root-redirect'] %} traefik.http.middlewares.matrix-synapse-public-client-root-redirect.redirectregex.regex=(.*) @@ -66,8 +70,18 @@ traefik.http.routers.matrix-synapse-public-client-root.tls.certResolver={{ matri # # ############################################################ +{% set client_api_middlewares = [] %} + +{% if matrix_synapse_container_labels_traefik_compression_middleware_enabled %} +{% set client_api_middlewares = client_api_middlewares + [matrix_synapse_container_labels_traefik_compression_middleware_name] %} +{% endif %} + traefik.http.routers.matrix-synapse-public-client-api.rule={{ matrix_synapse_container_labels_public_client_api_traefik_rule }} +{% if client_api_middlewares | length > 0 %} +traefik.http.routers.matrix-synapse-public-client-api.middlewares={{ client_api_middlewares | join(',') }} +{% endif %} + {% if matrix_synapse_container_labels_public_client_api_traefik_priority | int > 0 %} traefik.http.routers.matrix-synapse-public-client-api.priority={{ matrix_synapse_container_labels_public_client_api_traefik_priority }} {% endif %} @@ -120,8 +134,18 @@ traefik.http.routers.matrix-synapse-internal-client-api.entrypoints={{ matrix_sy # # ############################################################ +{% set synapse_client_api_middlewares = [] %} + +{% if matrix_synapse_container_labels_traefik_compression_middleware_enabled %} +{% set synapse_client_api_middlewares = synapse_client_api_middlewares + [matrix_synapse_container_labels_traefik_compression_middleware_name] %} +{% endif %} + traefik.http.routers.matrix-synapse-public-client-synapse-client-api.rule={{ matrix_synapse_container_labels_public_client_synapse_client_api_traefik_rule }} +{% if synapse_client_api_middlewares | length > 0 %} +traefik.http.routers.matrix-synapse-public-client-synapse-client-api.middlewares={{ synapse_client_api_middlewares | join(',') }} +{% endif %} + {% if matrix_synapse_container_labels_public_client_synapse_client_api_traefik_priority | int > 0 %} traefik.http.routers.matrix-synapse-public-client-synapse-client-api.priority={{ matrix_synapse_container_labels_public_client_synapse_client_api_traefik_priority }} {% endif %} @@ -149,8 +173,18 @@ traefik.http.routers.matrix-synapse-public-client-synapse-client-api.tls.certRes # # ############################################################ +{% set synapse_admin_api_middlewares = [] %} + +{% if matrix_synapse_container_labels_traefik_compression_middleware_enabled %} +{% set synapse_admin_api_middlewares = synapse_admin_api_middlewares + [matrix_synapse_container_labels_traefik_compression_middleware_name] %} +{% endif %} + traefik.http.routers.matrix-synapse-public-client-synapse-admin-api.rule={{ matrix_synapse_container_labels_public_client_synapse_admin_api_traefik_rule }} +{% if synapse_admin_api_middlewares | length > 0 %} +traefik.http.routers.matrix-synapse-public-client-synapse-admin-api.middlewares={{ synapse_admin_api_middlewares | join(',') }} +{% endif %} + {% if matrix_synapse_container_labels_public_client_synapse_admin_api_traefik_priority | int > 0 %} traefik.http.routers.matrix-synapse-public-client-synapse-admin-api.priority={{ matrix_synapse_container_labels_public_client_synapse_admin_api_traefik_priority }} {% endif %} @@ -178,8 +212,18 @@ traefik.http.routers.matrix-synapse-public-client-synapse-admin-api.tls.certReso # # ############################################################ +{% set federation_api_middlewares = [] %} + +{% if matrix_synapse_container_labels_traefik_compression_middleware_enabled %} +{% set federation_api_middlewares = federation_api_middlewares + [matrix_synapse_container_labels_traefik_compression_middleware_name] %} +{% endif %} + traefik.http.routers.matrix-synapse-public-federation-api.rule={{ matrix_synapse_container_labels_public_federation_api_traefik_rule }} +{% if federation_api_middlewares | length > 0 %} +traefik.http.routers.matrix-synapse-public-federation-api.middlewares={{ federation_api_middlewares | join(',') }} +{% endif %} + {% if matrix_synapse_container_labels_public_federation_api_traefik_priority | int > 0 %} traefik.http.routers.matrix-synapse-public-federation-api.priority={{ matrix_synapse_container_labels_public_federation_api_traefik_priority }} {% endif %} @@ -216,6 +260,10 @@ traefik.http.routers.matrix-synapse-public-federation-api.tls.certResolver={{ ma {% set metrics_middlewares = [] %} +{% if matrix_synapse_container_labels_traefik_compression_middleware_enabled %} +{% set metrics_middlewares = metrics_middlewares + [matrix_synapse_container_labels_traefik_compression_middleware_name] %} +{% endif %} + {% if matrix_synapse_container_labels_public_metrics_middleware_basic_auth_enabled %} {% set metrics_middlewares = metrics_middlewares + ['matrix-synapse-metrics-basic-auth'] %} traefik.http.middlewares.matrix-synapse-metrics-basic-auth.basicauth.users={{ matrix_synapse_container_labels_public_metrics_middleware_basic_auth_users }} From 57c5271d9d6265a34a9d9cceb93365f685074f96 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 14 Nov 2024 16:30:09 +0200 Subject: [PATCH 355/404] Enable (Traefik compression middleware)-assisted compression for synapse-reverse-proxy-companion This likely breaks QR code login for Synapse-worker setups. See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3749 --- group_vars/matrix_servers | 3 ++ .../defaults/main.yml | 5 +++ .../tasks/validate_config.yml | 2 + .../templates/labels.j2 | 40 +++++++++++++++++++ 4 files changed, 50 insertions(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index dd4905958..480680729 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -4869,6 +4869,9 @@ matrix_synapse_reverse_proxy_companion_container_labels_traefik_entrypoints: "{{ matrix_synapse_reverse_proxy_companion_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" matrix_synapse_reverse_proxy_companion_container_labels_traefik_hostname: "{{ matrix_server_fqn_matrix }}" +matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled }}" +matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_name if matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled else '' }}" + matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_client_api_enabled: "{{ matrix_synapse_container_labels_public_client_synapse_client_api_enabled }}" matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_admin_api_enabled: "{{ matrix_synapse_container_labels_public_client_synapse_admin_api_enabled }}" diff --git a/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml b/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml index 2f2cca4e4..3d9173bd3 100644 --- a/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml +++ b/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml @@ -61,6 +61,11 @@ matrix_synapse_reverse_proxy_companion_container_labels_traefik_entrypoints: web matrix_synapse_reverse_proxy_companion_container_labels_traefik_tls_certResolver: default # noqa var-naming matrix_synapse_reverse_proxy_companion_container_labels_traefik_hostname: '' +# Controls whether a compression middleware will be injected into the middlewares list. +# This compression middleware is supposed to be defined elsewhere (using labels or a File provider, etc.) and is merely referenced by this router. +matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_enabled: false +matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_name: "" + # Controls whether labels will be added that expose the Client-Server API on a public Traefik entrypoint. matrix_synapse_reverse_proxy_companion_container_labels_public_client_api_enabled: true matrix_synapse_reverse_proxy_companion_container_labels_public_client_api_traefik_hostname: "{{ matrix_synapse_reverse_proxy_companion_container_labels_traefik_hostname }}" diff --git a/roles/custom/matrix-synapse-reverse-proxy-companion/tasks/validate_config.yml b/roles/custom/matrix-synapse-reverse-proxy-companion/tasks/validate_config.yml index 92d89b57a..4da323182 100644 --- a/roles/custom/matrix-synapse-reverse-proxy-companion/tasks/validate_config.yml +++ b/roles/custom/matrix-synapse-reverse-proxy-companion/tasks/validate_config.yml @@ -17,3 +17,5 @@ - {'name': 'matrix_synapse_reverse_proxy_companion_container_labels_public_federation_api_traefik_entrypoints', when: "{{ matrix_synapse_reverse_proxy_companion_container_labels_public_federation_api_enabled }}"} - {'name': 'matrix_synapse_reverse_proxy_companion_container_labels_internal_client_api_traefik_entrypoints', when: "{{ matrix_synapse_reverse_proxy_companion_container_labels_internal_client_api_enabled }}"} + + - {'name': 'matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_name', when: "{{ matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_enabled }}"} diff --git a/roles/custom/matrix-synapse-reverse-proxy-companion/templates/labels.j2 b/roles/custom/matrix-synapse-reverse-proxy-companion/templates/labels.j2 index 44c7e7a82..8b8bd7cdb 100644 --- a/roles/custom/matrix-synapse-reverse-proxy-companion/templates/labels.j2 +++ b/roles/custom/matrix-synapse-reverse-proxy-companion/templates/labels.j2 @@ -16,8 +16,18 @@ traefik.http.services.matrix-synapse-reverse-proxy-companion-federation-api.load # # ############################################################ +{% set client_api_middlewares = [] %} + +{% if matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_enabled %} +{% set client_api_middlewares = client_api_middlewares + [matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_name] %} +{% endif %} + traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-api.rule={{ matrix_synapse_reverse_proxy_companion_container_labels_public_client_api_traefik_rule }} +{% if client_api_middlewares | length > 0 %} +traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-api.middlewares={{ client_api_middlewares | join(',') }} +{% endif %} + {% if matrix_synapse_reverse_proxy_companion_container_labels_public_client_api_traefik_priority | int > 0 %} traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-api.priority={{ matrix_synapse_reverse_proxy_companion_container_labels_public_client_api_traefik_priority }} {% endif %} @@ -69,8 +79,18 @@ traefik.http.routers.matrix-synapse-reverse-proxy-companion-internal-client-api. # # ############################################################ +{% set synapse_client_api_middlewares = [] %} + +{% if matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_enabled %} +{% set synapse_client_api_middlewares = synapse_client_api_middlewares + [matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_name] %} +{% endif %} + traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-synapse-client-api.rule={{ matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_client_api_traefik_rule }} +{% if synapse_client_api_middlewares | length > 0 %} +traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-synapse-client-api.middlewares={{ synapse_client_api_middlewares | join(',') }} +{% endif %} + {% if matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_client_api_traefik_priority | int > 0 %} traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-synapse-client-api.priority={{ matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_client_api_traefik_priority }} {% endif %} @@ -98,8 +118,18 @@ traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-synaps # # ############################################################ +{% set synapse_admin_api_middlewares = [] %} + +{% if matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_enabled %} +{% set synapse_admin_api_middlewares = synapse_admin_api_middlewares + [matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_name] %} +{% endif %} + traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-synapse-admin-api.rule={{ matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_admin_api_traefik_rule }} +{% if synapse_admin_api_middlewares | length > 0 %} +traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-synapse-admin-api.middlewares={{ synapse_admin_api_middlewares | join(',') }} +{% endif %} + {% if matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_admin_api_traefik_priority | int > 0 %} traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-synapse-admin-api.priority={{ matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_admin_api_traefik_priority }} {% endif %} @@ -127,8 +157,18 @@ traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-synaps # # ############################################################ +{% set federation_api_middlewares = [] %} + +{% if matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_enabled %} +{% set federation_api_middlewares = federation_api_middlewares + [matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_name] %} +{% endif %} + traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-federation-api.rule={{ matrix_synapse_reverse_proxy_companion_container_labels_public_federation_api_traefik_rule }} +{% if federation_api_middlewares | length > 0 %} +traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-federation-api.middlewares={{ federation_api_middlewares | join(',') }} +{% endif %} + {% if matrix_synapse_reverse_proxy_companion_container_labels_public_federation_api_traefik_priority | int > 0 %} traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-federation-api.priority={{ matrix_synapse_reverse_proxy_companion_container_labels_public_federation_api_traefik_priority }} {% endif %} From 91787fc0bd9576c5db1427f38b2c8796980b96ac Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 14 Nov 2024 17:03:58 +0200 Subject: [PATCH 356/404] Announce HTTP-compression and timeout adjustments for Traefik-based setups --- CHANGELOG.md | 46 ++++++++++++++++++++++ docs/configuring-playbook-own-webserver.md | 10 ++++- 2 files changed, 55 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 35493c06c..127d5b751 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,49 @@ +# 2024-11-14 + +## HTTP-compression support for Traefik-based setups + +The playbook now **automatically enables HTTP-compression support** for major services powered by the playbook, like [Cinny](./docs/configuring-playbook-client-cinny.md), [Element Web](./docs/configuring-playbook-client-element-web.md), [Hydrogen](./docs/configuring-playbook-client-hydrogen.md), as well as for Matrix Client-Server and Federation APIs (`matrix.example.com`). + +Other services installed by the playbook are currently not compression-enabled, but may become so over time. +This change is rolled out on a per-service basis (as opposed to doing it globally, at the Traefik entrypoint level) to allow certain services or route endpoints which do not behave well when compressed (e.g. [issue 3749](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3749)) to be excluded from compression. + +A long time ago, various services were operating with `gzip`-compression enabled at the nginx level. Since the switch to Traefik (see [Goodbye, `matrix-nginx-proxy` 🪦](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/57c5271d9d6265a34a9d9cceb93365f685074f96/CHANGELOG.md#goodbye-matrix-nginx-proxy-)), all services (with the exception of Matrix APIs for Synapse worker-enabled setups which are powered by `nginx` via `synapse-reverse-proxy-companion`) have been operating without HTTP-compression support. + +HTTP-compression is now done via Traefik's [compress](https://doc.traefik.io/traefik/middlewares/http/compress/) middleware. We use the default configuration for this middleware, which enables `zstd`, `br` and `gzip` support (in this order). +This middleware's configuration can be configured via variables in the Traefik role (see `traefik_config_http_middlewares_compression_middleware_options`). + +If you're using your own Traefik reverse-proxy server ([Traefik managed by you](./docs/configuring-playbook-own-webserver.md#traefik-managed-by-you)) instead of the playbook's integrated Traefik service, you can benefit from the same by: + +- defining a [compress](https://doc.traefik.io/traefik/middlewares/http/compress/) middleware (via the [file](https://doc.traefik.io/traefik/providers/file/) or [Docker](https://doc.traefik.io/traefik/providers/docker/) providers) +- setting `matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled` to `true` +- specifying the middleware's name in `matrix_playbook_reverse_proxy_traefik_middleware_compession_name` (e.g. `matrix_playbook_reverse_proxy_traefik_middleware_compession_name: my-compression-middleware@file`) + +## Timeout adjustments for Traefik-based setups + +The playbook now supports configuring various [transport.respondingTimeouts](https://doc.traefik.io/traefik/routing/entrypoints/#respondingtimeouts) timeout values (`readTimeout`, `writeTimeout`, `idleTimeout`) for the `web`, `web-secure` and `matrix-federation` entrypoints. + +If you're using your own Traefik reverse-proxy server ([Traefik managed by you](./docs/configuring-playbook-own-webserver.md#traefik-managed-by-you)) instead of the playbook's integrated Traefik service, you may wish to do similar configuration changes to your setup manually. + +The most interesting of these is the `readTimeout` configuration value (the maximum duration for reading the entire request, including the body), which used to default to `60s`. +For large and slowly progressing file uploads, `60s` would often not be enough for the transfer to finish and uploads would end up being interrupted. +The playbook now raises the `readTimeout` value to 5 minutes (`300s`) to improve this use-case. + +The `traefik_config_entrypoint_web_transport_respondingTimeouts_*` variables (for the `web` entrypoint) cascade to affecting the timeout values for the `web-secure` and `matrix-federation` entrypoints, so you can easily adjust all timeout values using them. + +Example of the default timeout values used by the playbook: + +```yml +traefik_config_entrypoint_web_transport_respondingTimeouts_readTimeout: 300s + +# 0s means "no timeout" +traefik_config_entrypoint_web_transport_respondingTimeouts_writeTimeout: 0s + +traefik_config_entrypoint_web_transport_respondingTimeouts_idleTimeout: 180s +``` + +Alternatively, you may adjust the timeout values for specific entrypoints (like `web-secure` and `matrix-federation`) using dedicated variables (like `traefik_config_entrypoint_web_secure_transport_respondingTimeouts_readTimeout` and `matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_transport_respondingTimeouts_readTimeout`). + + # 2024-11-08 ## Support for synapse-admin auto-configuration via /.well-known/matrix/client diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index c31c1852d..3a0d70c3c 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -41,6 +41,14 @@ traefik_certs_dumper_ssl_dir_path: "/path/to/your/traefiks/acme.json/directory" # Uncomment and adjust the variable below if the name of your federation entrypoint is different # than the default value (matrix-federation). # matrix_federation_traefik_entrypoint_name: matrix-federation + +# Uncomment and adjust the variables below if you'd like to enable HTTP-compression. +# +# For this to work, you will need to define a compress middleware (https://doc.traefik.io/traefik/middlewares/http/compress/) for your Traefik instance +# using a file (https://doc.traefik.io/traefik/providers/file/) or Docker (https://doc.traefik.io/traefik/providers/docker/) configuration provider. +# +# matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled: true +# matrix_playbook_reverse_proxy_traefik_middleware_compession_name: my-compression-middleware@file ``` In this mode all roles will still have Traefik labels attached. You will, however, need to configure your Traefik instance and its entrypoints. @@ -84,7 +92,7 @@ version: "3.3" services: traefik: - image: "docker.io/traefik:v2.9.6" + image: "docker.io/traefik:v3.2.0" restart: always container_name: "traefik" networks: From 04cf09bdb0e7352594b121c645af78c04f2002b4 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 15 Nov 2024 15:34:21 +0900 Subject: [PATCH 357/404] Update docs/configuring-well-known.md and docs/installing.md (#3767) * Update docs/configuring-well-known.md: remove redundant information For example, anchor links to the headers are distractive as these headers are displayed by scrolling a bit. Also: edit section headers Signed-off-by: Suguru Hirahara * Update docs/configuring-well-known.md: add "Support service discovery" as a type of well-known service discovery Signed-off-by: Suguru Hirahara * Update docs/configuring-well-known.md: recategorize the sections about installing well-known files on the base domain's server The commit merges the content of the option 2 with the section above, as both explain how to serve the base domain via the playbook and claim it is the easy way of installing well-known files, and therefore the content is repetitive. Signed-off-by: Suguru Hirahara * Update docs/configuring-well-known.md: create a section for types of well-known service discovery mechanism Signed-off-by: Suguru Hirahara * Update docs/configuring-well-known.md: add a link to the Matrix Specification, to which MSC 1929 was implemented MSC 1929 has no longer been for an early adopter. Signed-off-by: Suguru Hirahara * Update docs/configuring-well-known.md: iterate Signed-off-by: Suguru Hirahara * Update docs/configuring-playbook-base-domain-serving.md Co-authored-by: Slavi Pantaleev * Update docs/configuring-well-known.md Co-authored-by: Slavi Pantaleev * Update docs/installing.md: iterate Summary: - Try to reflect review comments - Declare that the shorter user identifier is recommended - Add a note about installing the server matrix.example.com directly, with the link to the FAQ entry Signed-off-by: Suguru Hirahara * Update docs/installing.md: replace the anchor link to docs/configuring-well-known.md with one to docs/howto-server-delegation.md Service Discovery via .well-known files is one of the two ways for server delegation, and it is possible to set up server delegation via a DNS SRV record instead (though it is more advanced and complicated), so it should be more proper to use the words "delegation/redirection" than "service discovery". Signed-off-by: Suguru Hirahara * Update docs/configuring-well-known.md: fix a typo Signed-off-by: Suguru Hirahara --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara Co-authored-by: Slavi Pantaleev --- ...onfiguring-playbook-base-domain-serving.md | 2 +- docs/configuring-well-known.md | 82 ++++++++++--------- docs/installing.md | 8 +- 3 files changed, 48 insertions(+), 44 deletions(-) diff --git a/docs/configuring-playbook-base-domain-serving.md b/docs/configuring-playbook-base-domain-serving.md index 8aff309c0..3f883b744 100644 --- a/docs/configuring-playbook-base-domain-serving.md +++ b/docs/configuring-playbook-base-domain-serving.md @@ -22,7 +22,7 @@ Doing this, the playbook will: - obtain an SSL certificate for the base domain, just like it does for all other domains (see [how we handle SSL certificates](configuring-playbook-ssl-certificates.md)) -- serve the `/.well-known/matrix/*` files which are necessary for [Federation Server Discovery](configuring-well-known.md#introduction-to-client-server-discovery) (also see [Server Delegation](howto-server-delegation.md)) and [Client-Server discovery](configuring-well-known.md#introduction-to-client-server-discovery) +- serve the `/.well-known/matrix/*` files which are necessary for [Federation Server Discovery](configuring-well-known.md#federation-server-discovery) (also see [Server Delegation](howto-server-delegation.md)) and [Client-Server discovery](configuring-well-known.md#client-server-discovery) - serve a simple homepage at `https://example.com` with content `Hello from example.com` (configurable via the `matrix_static_files_file_index_html_template` variable). You can also [serve a more complicated static website](#serving-a-static-website-at-the-base-domain). diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index cc62bc922..0b86b33ca 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -2,48 +2,54 @@ Service discovery is a way for the Matrix network to discover where a Matrix server is. -There are 2 types of well-known service discovery that Matrix makes use of: +## Types of well-known service discovery mechanism -- (important) **Federation Server discovery** (`/.well-known/matrix/server`) -- assists other servers in the Matrix network with finding your server. Without a proper configuration, your server will effectively not be part of the Matrix network. Learn more in [Introduction to Federation Server Discovery](#introduction-to-federation-server-discovery) +There are 3 types of well-known service discovery mechanism that Matrix makes use of: -- (not that important) **Client Server discovery** (`/.well-known/matrix/client`) -- assists programs that you use to connect to your server (e.g. Element Web), so that they can make it more convenient for you by automatically configuring the "Homeserver URL" and "Identity Server URL" addresses. Learn more in [Introduction to Client Server Discovery](#introduction-to-client-server-discovery) +- (important) **Federation Server discovery** (`/.well-known/matrix/server`) -- assists other servers in the Matrix network with finding your server. With the default playbook configuration specified on the sample `vars.yml` ([`examples/vars.yml`](../examples/vars.yml)), this is necessary for federation to work. Without a proper configuration, your server will effectively not be part of the Matrix network. +- (less important) **Client Server discovery** (`/.well-known/matrix/client`) -- assists programs that you use to connect to your server (e.g. Element Web), so that they can make it more convenient for you by automatically configuring the "Homeserver URL" and "Identity Server URL" addresses. -## Introduction to Federation Server Discovery +- (optional) **Support service discovery** (`/.well-known/matrix/support`) -- returns server admin contact and support page of the domain. -All services created by this playbook are meant to be installed on their own server (such as `matrix.example.com`). +### Federation Server Discovery -As [per the Server-Server specification](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery), to use a Matrix user identifier like `@:example.com` while hosting services on a subdomain like `matrix.example.com`, the Matrix network needs to be instructed of such delegation/redirection. +All services created by this playbook are meant to be installed on their own server (such as `matrix.example.com`), instead of the base domain (`example.com`). -Server delegation can be configured using DNS SRV records or by setting up a `/.well-known/matrix/server` file on the base domain (`example.com`). +As [per the Server-Server specification](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery), to use a short Matrix user identifier like `@user:example.com` while hosting services on a subdomain such as `matrix.example.com`, the Matrix network needs to be instructed of such delegation/redirection. -Both methods have their place and will continue to do so. You only need to use just one of these delegation methods. For simplicity reasons, our setup advocates for the `/.well-known/matrix/server` method and guides you into using that. +As the playbook recommends in the sample `vars.yml` (`examples/vars.yml`) to use a short user identifier, you would need to configure the delegation so that your server will be federated with other Matrix servers. -To learn how to set up `/.well-known/matrix/server`, read the Installing section below. +Server delegation can be configured by: +- Setting up a `/.well-known/matrix/server` file on the base domain (`example.com`) +- Setting up a DNS SRV record -## Introduction to Client Server Discovery +Both methods have their place and will continue to do so. You only need to use just one of these delegation methods. + +For simplicity reasons, our setup advocates for the `/.well-known/matrix/server` method and guides you into using that. If you need to use the other method, you can check this documentation: [Server Delegation via a DNS SRV record (advanced)](howto-server-delegation.md#server-delegation-via-a-dns-srv-record-advanced) + +**Note**: it is optionally possible to install the server on `matrix.example.com` directly instead. This should be helpful if you are not in control of anything on the base domain. On this case, you would not need to configure the server delegation, but you would need to add other configuration. For more information, see [How do I install on matrix.example.com without involving the base domain?](faq.md#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) on our FAQ. + +### Client Server Discovery Client Server Service discovery lets various client programs which support it, to receive a full user ID (e.g. `@username:example.com`) and determine where the Matrix server is automatically (e.g. `https://matrix.example.com`). This lets you (and your users) easily connect to your Matrix server without having to customize connection URLs. When using client programs that support it, you won't need to point them to `https://matrix.example.com` in Custom Server options manually anymore. The connection URL would be discovered automatically from your full username. +Without /.well-known/matrix/client, the client will make the wrong "homeserver URL" assumption (it will default to using https://example.com, and users will need to notice and adjust it manually (changing it to https://matrix.example.com). + As [per the Client-Server specification](https://matrix.org/docs/spec/client_server/r0.4.0.html#server-discovery) Matrix does Client Server service discovery using a `/.well-known/matrix/client` file hosted on the base domain (e.g. `example.com`). However, this playbook installs your Matrix server on another domain (e.g. `matrix.example.com`) and not on the base domain (e.g. `example.com`), so it takes a little extra manual effort to set up the file. -To learn how to set it up, read the Installing section below. +### (Optional) Support Service Discovery +[MSC 1929](https://github.com/matrix-org/matrix-spec-proposals/pull/1929), which was added to [Matrix Specification version v1.10](https://spec.matrix.org/v1.10/client-server-api/#getwell-knownmatrixsupport), specifies a way to add contact details of admins, as well as a link to a support page for users who are having issues with the service. Automated services may also index this information and use it for abuse reports, etc. -## (Optional) Introduction to Homeserver Admin Contact and Support page +To enable it, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: -[MSC 1929](https://github.com/matrix-org/matrix-spec-proposals/pull/1929) specifies a way to add contact details of admins, as well as a link to a support page for users who are having issues with the service. Automated services may also index this information and use it for abuse reports, etc. - -The two playbook variables that you could look for, if you're interested in being an early adopter, are: `matrix_static_files_file_matrix_support_property_m_contacts` and `matrix_static_files_file_matrix_support_property_m_support_page`. - -Example snippet for `vars.yml`: - -``` +```yaml # Enable generation of `/.well-known/matrix/support`. matrix_static_files_file_matrix_support_enabled: true @@ -62,25 +68,31 @@ matrix_static_files_file_matrix_support_property_m_contacts: matrix_static_files_file_matrix_support_property_m_support_page: "https://example.com/support" ``` -To learn how to set up `/.well-known/matrix/support` for the base domain, read the Installing section below. - - ## Installing well-known files on the base domain's server -To implement the two service discovery mechanisms, your base domain's server (e.g. `example.com`) needs to run an HTTPS-capable webserver. +To implement the service discovery mechanisms, your base domain's server (e.g. `example.com`) needs to run an HTTPS-capable webserver. -If you don't have a server for your base domain at all, you can use the Matrix server for this. See [Serving the base domain](configuring-playbook-base-domain-serving.md) to learn how the playbook can help you set it up. If you decide to go this route, you don't need to read ahead in this document. When **Serving the base domain**, the playbook takes care to serve the appropriate well-known files automatically. +### Serving the base domain from the Matrix server via the playbook + +If you don't have a server for your base domain at all, you can use the Matrix server for this. If you don't need the base domain (e.g. `example.com`) for anything else (hosting a website, etc.), you can point it to the Matrix server's IP address and tell the playbook to configure it. + +**This is the easiest way to set up well-known serving** -- letting the playbook handle the whole base domain for you (including SSL certificates, etc.) and take care to serve the appropriate well-known files automatically. + +If you decide to go this route, you don't need to read ahead in this document. Instead, go to [Serving the base domain](configuring-playbook-base-domain-serving.md) to learn how the playbook can help you set it up. + +However, if you need to use the base domain for other things, this method is less suitable than the one explained below. + +### Manually installing well-known files on the base domain's server If you're managing the base domain by yourself somehow, you'll need to set up serving of some `/.well-known/matrix/*` files from it via HTTPS. -To make things easy for you to set up, this playbook generates and hosts 2 well-known files on the Matrix domain's server. The files are generated at `/matrix/static-files/.well-known/matrix/` and hosted at `https://matrix.example.com/.well-known/matrix/server` and `https://matrix.example.com/.well-known/matrix/client`, even though this is the wrong place to host them. +To make things easy for you to set up, this playbook generates and hosts a few well-known files on the Matrix domain's server. The files are generated at the `/matrix/static-files/public/.well-known/matrix/` path on the server and hosted at URLs like `https://matrix.example.com/.well-known/matrix/server` and `https://matrix.example.com/.well-known/matrix/client`, even though this is the wrong place to host them. -You have 3 options when it comes to installing the files on the base domain's server: +You have two options when it comes to installing the files on the base domain's server: +#### (Option 1): **Copying the files manually** to your base domain's server -### (Option 1): **Copying the files manually** to your base domain's server - -**Hint**: Option 2 and 3 (below) are generally a better way to do this. Make sure to go with them, if possible. +**Hint**: Option 2 is generally a better way to do this. Make sure to go with it, if possible. All you need to do is: @@ -90,17 +102,7 @@ All you need to do is: This is relatively easy to do and possibly your only choice if you can only host static files from the base domain's server. It is, however, **a little fragile**, as future updates performed by this playbook may regenerate the well-known files and you may need to notice that and copy them over again. - -### (Option 2): **Serving the base domain** from the Matrix server via the playbook - -If you don't need the base domain (e.g. `example.com`) for anything else (hosting a website, etc.), you can point it to the Matrix server's IP address and tell the playbook to configure it. - -This is the easiest way to set up well-known serving -- letting the playbook handle the whole base domain for you (including SSL certificates, etc.). However, if you need to use the base domain for other things (such as hosting some website, etc.), going with Option 1 or Option 3 might be more suitable. - -See [Serving the base domain](configuring-playbook-base-domain-serving.md) to learn how the playbook can help you set it up. - - -### (Option 3): **Setting up reverse-proxying** of the well-known files from the base domain's server to the Matrix server +#### (Option 2): **Setting up reverse-proxying** of the well-known files from the base domain's server to the Matrix server This option is less fragile and generally better. diff --git a/docs/installing.md b/docs/installing.md index 9ba2e45dc..2be65a4a7 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -68,13 +68,15 @@ ansible-playbook -i inventory/hosts setup.yml --tags=ensure-matrix-users-created ## Finalize the installation -Now that services are running, you need to **finalize the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md). +Now that services are running, you need to **finalize the installation process** by [delegating (redirecting) the server](howto-server-delegation.md) to your base domain (`example.com`). -If you need the base domain (`example.com`) for anything else such as hosting a website, you have to configure it manually, following the procedure described on the linked documentation. +This is required for federation to work! Without a proper configuration, your server will effectively not be part of the Matrix network. + +If you need the base domain for anything else such as hosting a website, you have to configure it manually, following the procedure described on the linked documentation. However, if you do not need the base domain for anything else, the easiest way of configuring it is to [serve the base domain](configuring-playbook-base-domain-serving.md) from the integrated web server. It will enable you to use a Matrix user identifier like `@:example.com` while hosting services on a subdomain like `matrix.example.com`. -To configure Service Discovery in this way, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: +To configure server delegation in this way, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_static_files_container_labels_base_domain_enabled: true From f7d4ffc20c5b222e5c12309dde591159c94c9103 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 15 Nov 2024 08:38:18 +0200 Subject: [PATCH 358/404] FIx indentation and reword a paragraph on docs/configuring-well-known.md Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3767 --- docs/configuring-well-known.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 0b86b33ca..2dc66e8bf 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -29,7 +29,7 @@ Both methods have their place and will continue to do so. You only need to use j For simplicity reasons, our setup advocates for the `/.well-known/matrix/server` method and guides you into using that. If you need to use the other method, you can check this documentation: [Server Delegation via a DNS SRV record (advanced)](howto-server-delegation.md#server-delegation-via-a-dns-srv-record-advanced) -**Note**: it is optionally possible to install the server on `matrix.example.com` directly instead. This should be helpful if you are not in control of anything on the base domain. On this case, you would not need to configure the server delegation, but you would need to add other configuration. For more information, see [How do I install on matrix.example.com without involving the base domain?](faq.md#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) on our FAQ. +**Note**: as an alternative, it is possible to install the server such that it uses only the `matrix.example.com` domain (instead of identifying as the shorter base domain - `example.com`). This should be helpful if you are not in control of anything on the base domain (`example.com`). In this case, you would not need to configure server delegation, but you would need to add other configuration. For more information, see [How do I install on matrix.example.com without involving the base domain?](faq.md#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) on our FAQ. ### Client Server Discovery @@ -120,7 +120,7 @@ server { location /.well-known/matrix { proxy_pass https://matrix.example.com/.well-known/matrix; proxy_set_header X-Forwarded-For $remote_addr; - proxy_ssl_server_name on; + proxy_ssl_server_name on; } # other configuration From b94d4d1862acb7b3c0c79373fbb0966d5b6cbadc Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 15 Nov 2024 02:30:46 +0900 Subject: [PATCH 359/404] Establish a hierarchy among documentation pages related to installation; ones about importing data and configuring server delegation This commit clarifies the hierarchy among pages for installation by moving articles for importing data and server delegation under the "installation" section, as there are multiple documentation pages which discuss a similar topic and you can easily get lost in those pages. Also: remove the anchor link to configuring-playbook-base-domain-serving.md from configuring-playbook.md, since that procedure is not required on configuring options but on finalizing the installation, which is discussed on installing.md after that page. Signed-off-by: Suguru Hirahara --- docs/README.md | 26 ++++++++++++++++---------- docs/configuring-playbook.md | 2 -- 2 files changed, 16 insertions(+), 12 deletions(-) diff --git a/docs/README.md b/docs/README.md index 3fdf8bd6a..87c84050f 100644 --- a/docs/README.md +++ b/docs/README.md @@ -12,22 +12,28 @@ - [Installing](installing.md) + - **Importing data from another server installation** + + - [Importing an existing SQLite database (from another Synapse installation)](importing-synapse-sqlite.md) (optional) + + - [Importing an existing Postgres database (from another installation)](importing-postgres.md) (optional) + + - [Importing `media_store` data files from an existing Synapse installation](importing-synapse-media-store.md) (optional) + + - [Server Delegation](howto-server-delegation.md) + + - Server Delegation via a well-known file (recommended): [Installing well-known files on the base domain's server](configuring-well-known.md#installing-well-known-files-on-the-base-domain-s-server) + + - [Serving the base domain](configuring-playbook-base-domain-serving.md) + + - [Server Delegation via a DNS SRV record (advanced)](howto-srv-server-delegation.md) + - [Playbook tags](playbook-tags.md) -- **Importing data from another server installation** - - - [Importing an existing SQLite database (from another Synapse installation)](importing-synapse-sqlite.md) (optional) - - - [Importing an existing Postgres database (from another installation)](importing-postgres.md) (optional) - - - [Importing `media_store` data files from an existing Synapse installation](importing-synapse-media-store.md) (optional) - - [Registering users](registering-users.md) - [Updating users passwords](updating-users-passwords.md) -- [Configuring service discovery via .well-known](configuring-well-known.md) - - [Maintenance / checking if services work](maintenance-checking-services.md) - [Maintenance / upgrading services](maintenance-upgrading-services.md) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 008acb934..620fbca19 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -64,8 +64,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Controlling Matrix federation](configuring-playbook-federation.md) -- [Serving the base domain](configuring-playbook-base-domain-serving.md) - ### Clients Web clients for Matrix that you can host on your own domains. From f802df6e6d14636e7ec1d9b5300bda99722fb76f Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Fri, 15 Nov 2024 03:51:51 +0900 Subject: [PATCH 360/404] Update docs/configuring-playbook-federation.md: add note about setting server delegation Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-federation.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/configuring-playbook-federation.md b/docs/configuring-playbook-federation.md index 926d694f1..e187fa363 100644 --- a/docs/configuring-playbook-federation.md +++ b/docs/configuring-playbook-federation.md @@ -2,6 +2,7 @@ By default, your server federates with the whole Matrix network. That is, people on your server can communicate with people on any other Matrix server. +**Note**: in the sample `vars.yml` ([`examples/vars.yml`](../examples/vars.yml)), we recommend to use a short user identifier like `@:example.com` and set up [server delegation](howto-server-delegation.md) / redirection. Without a proper configuration, your server will effectively not be part of the Matrix network. If you find your server is not federated, make sure to [check whether services work](maintenance-checking-services.md) and your server is properly delegated. ## Federating only with select servers From f19cbe6dd43c1c41a82b127267b4c3f98429161b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 16 Nov 2024 16:19:17 +0900 Subject: [PATCH 361/404] Edit documentation related to server delegation (#3773) * Update docs/configuring-playbook-base-domain-serving.md: add an anchor link to docs/configuring-dns.md Signed-off-by: Suguru Hirahara * Update documentation related to server delegation Summary: - Add explanation about server delegation and DNS setting for it to docs/configuring-dns.md; "delegation" is a technical term and it is worth being explained simply - Edit explanation about delegation to docs/configuring-playbook-base-domain-serving.md - Use common expressions - Simplify explanation about delegation on docs/configuring-well-known.md and move explanation about the alternative which avoids involving the base domain from that page to its upper documentation, which is docs/howto-server-delegation.md Signed-off-by: Suguru Hirahara * Apply suggestions from code review Co-authored-by: Slavi Pantaleev * Update docs/configuring-dns.md: iterate Signed-off-by: Suguru Hirahara * Fix an anchor link to howto-srv-server-delegation.md Signed-off-by: Suguru Hirahara * Minor rewording * Minor rewording * Minor rewording --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara Co-authored-by: Slavi Pantaleev --- docs/configuring-dns.md | 18 ++++++++++----- ...onfiguring-playbook-base-domain-serving.md | 13 ++++++++--- docs/configuring-well-known.md | 17 ++++---------- docs/howto-server-delegation.md | 23 +++++++++++-------- 4 files changed, 39 insertions(+), 32 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 203590c97..ff5f05d4f 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -4,16 +4,22 @@ To set up Matrix on your domain, you'd need to do some DNS configuration. -To use an identifier like `@:example.com`, you don't actually need to install anything on the actual `example.com` server. +## DNS setting for server delegation (optional) -You do, however, need to instruct the Matrix network that Matrix services for `example.com` are delegated over to `matrix.example.com`. +In the sample `vars.yml` ([`examples/vars.yml`](../examples/vars.yml)), we recommend to use a short user identifier like `@:example.com`. -As we discuss in [Server Delegation](howto-server-delegation.md), there are 2 different ways to set up such delegation: +To use such an identifier, you don't need to install anything on the actual `example.com` server. Instead, you need to instruct the Matrix network that Matrix services for `example.com` are redirected over to `matrix.example.com`. This redirection is also known as "delegation". -- either by serving a `https://example.com/.well-known/matrix/server` file (from the base domain!) -- or by using a `_matrix._tcp` DNS SRV record (don't confuse this with the `_matrix-identity._tcp` SRV record described below) +As we discuss in [Server Delegation](howto-server-delegation.md), server delegation can be configured in either of these ways: -This playbook mostly discusses the well-known file method, because it's easier to manage with regard to certificates. If you decide to go with the alternative method ([Server Delegation via a DNS SRV record (advanced)](howto-server-delegation.md#server-delegation-via-a-dns-srv-record-advanced)), please be aware that the general flow that this playbook guides you through may not match what you need to do. +- Setting up a `/.well-known/matrix/server` file on the base domain (`example.com`) +- Setting up a `_matrix._tcp` DNS SRV record + +For simplicity reasons, this playbook recommends you to set up server delegation via a `/.well-known/matrix/server` file, instead of using a DNS SRV record. + +If you choose the recommended method (file-based delegation), you do not need to configure the DNS record to enable server delegation. You will need to add a necessary configuration later, when you [finalize the installation](installing.md#finalize-the-installation) after installing and starting Matrix services. + +On the other hand, if you choose this method (setting up a DNS SRV record), you need to configure the additional DNS record as well as adjust SSL certificate handling. Take a look at this documentation for more information: [Server Delegation via a DNS SRV record (advanced)](howto-server-delegation.md#server-delegation-via-a-dns-srv-record-advanced) ## DNS settings for services enabled by default diff --git a/docs/configuring-playbook-base-domain-serving.md b/docs/configuring-playbook-base-domain-serving.md index 3f883b744..069ad195f 100644 --- a/docs/configuring-playbook-base-domain-serving.md +++ b/docs/configuring-playbook-base-domain-serving.md @@ -1,8 +1,15 @@ # Serving the base domain (optional) -This playbook sets up services on your Matrix server (`matrix.example.com`). To have this server officially be responsible for Matrix services for the base domain (`example.com`), you need to set up [Server Delegation](howto-server-delegation.md). This is normally done by [configuring well-known](configuring-well-known.md) files on the base domain. +By default, this playbook sets up services on your Matrix server (`matrix.example.com`), but has it configured so that it presents itself as the base domain (`example.com`). To have this server officially be responsible for Matrix services for the base domain (`example.com`), you need to set up server delegation / redirection. -People who don't have a separate server to dedicate to the base domain have trouble arranging this. +As we discuss in [Server Delegation](howto-server-delegation.md), server delegation / redirection can be configured in either of these ways: + +- Setting up a `/.well-known/matrix/server` file on the base domain (`example.com`) +- Setting up a `_matrix._tcp` DNS SRV record + +For simplicity reasons, this playbook recommends you to set up server delegation via a `/.well-known/matrix/server` file. + +However, those who don't have a separate server to dedicate to the base domain have trouble arranging this. Usually, there are 2 options: @@ -12,7 +19,7 @@ Usually, there are 2 options: This documentation page tells you how to do the latter. With some easy changes, we make it possible to serve the base domain from the Matrix server via the integrated webserver. -Just **adjust your DNS records**, so that your base domain is pointed to the Matrix server's IP address (using a DNS `A` record) **and then add the following configuration** to your `inventory/host_vars/matrix.example.com/vars.yml` file: +Just [**adjust your DNS records**](configuring-dns.md), so that your base domain is pointed to the Matrix server's IP address (using a DNS `A` record) **and then add the following configuration** to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_static_files_container_labels_base_domain_enabled: true diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 2dc66e8bf..0dab9c6c6 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -1,6 +1,6 @@ # Configuring Service Discovery via .well-known -Service discovery is a way for the Matrix network to discover where a Matrix server is. +This documentation page explains how to configure Service discovery via `/.well-known/` files. Service discovery is a way for the Matrix network to discover where a Matrix server is. ## Types of well-known service discovery mechanism @@ -16,20 +16,11 @@ There are 3 types of well-known service discovery mechanism that Matrix makes us All services created by this playbook are meant to be installed on their own server (such as `matrix.example.com`), instead of the base domain (`example.com`). -As [per the Server-Server specification](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery), to use a short Matrix user identifier like `@user:example.com` while hosting services on a subdomain such as `matrix.example.com`, the Matrix network needs to be instructed of such delegation/redirection. +As [per the Server-Server specification](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery), to use a short Matrix user identifier like `@user:example.com` while hosting services on a subdomain such as `matrix.example.com`, the Matrix network needs to be instructed of [server delegation](howto-server-delegation.md) / redirection. -As the playbook recommends in the sample `vars.yml` (`examples/vars.yml`) to use a short user identifier, you would need to configure the delegation so that your server will be federated with other Matrix servers. +For simplicity reasons, this playbook recommends you to set up server delegation via a `/.well-known/matrix/server` file. -Server delegation can be configured by: - -- Setting up a `/.well-known/matrix/server` file on the base domain (`example.com`) -- Setting up a DNS SRV record - -Both methods have their place and will continue to do so. You only need to use just one of these delegation methods. - -For simplicity reasons, our setup advocates for the `/.well-known/matrix/server` method and guides you into using that. If you need to use the other method, you can check this documentation: [Server Delegation via a DNS SRV record (advanced)](howto-server-delegation.md#server-delegation-via-a-dns-srv-record-advanced) - -**Note**: as an alternative, it is possible to install the server such that it uses only the `matrix.example.com` domain (instead of identifying as the shorter base domain - `example.com`). This should be helpful if you are not in control of anything on the base domain (`example.com`). In this case, you would not need to configure server delegation, but you would need to add other configuration. For more information, see [How do I install on matrix.example.com without involving the base domain?](faq.md#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) on our FAQ. +If you set up the DNS SRV record for server delegation instead, take a look at this documentation for more information: [Server Delegation via a DNS SRV record (advanced)](howto-server-delegation.md#server-delegation-via-a-dns-srv-record-advanced) ### Client Server Discovery diff --git a/docs/howto-server-delegation.md b/docs/howto-server-delegation.md index 7b61553d1..35ed957f2 100644 --- a/docs/howto-server-delegation.md +++ b/docs/howto-server-delegation.md @@ -1,20 +1,23 @@ # Server Delegation -To have a server on a subdomain (e.g. `matrix.example.com`) handle Matrix federation traffic for the base domain (`example.com`), we need to instruct the Matrix network of such a delegation. +By default, this playbook sets up services on your Matrix server (`matrix.example.com`). To have this server officially be responsible for Matrix services for the base domain (`example.com`), you need to set up server delegation / redirection. -By default, this playbook guides you into setting up [Server Delegation via a well-known file](#server-delegation-via-a-well-known-file). However, that method may have some downsides that are not to your liking. Hence this guide about alternative ways to set up Server Delegation. +Server delegation can be configured in either of these ways: -It is a complicated matter, so unless you are affected by the [Downsides of well-known-based Server Delegation](#downsides-of-well-known-based-server-delegation), we suggest you stay on the simple/default path. +- [Setting up a `/.well-known/matrix/server` file](#server-delegation-via-a-well-known-file) on the base domain (`example.com`) +- [Setting up a `_matrix._tcp` DNS SRV record](#server-delegation-via-a-dns-srv-record-advanced) +Both methods have their place and will continue to do so. You only need to use just one of these delegation methods. + +For simplicity reasons, this playbook recommends you to set up server delegation via a `/.well-known/matrix/server` file. However, that method may have some downsides that are not to your liking. Hence this guide about alternative ways to set up Server Delegation. + +**Note**: as an alternative, it is possible to install the server such that it uses only the `matrix.example.com` domain (instead of identifying as the shorter base domain - `example.com`). This should be helpful if you are not in control of anything on the base domain (`example.com`). In this case, you would not need to configure server delegation, but you would need to add other configuration. For more information, see [How do I install on matrix.example.com without involving the base domain?](faq.md#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) on our FAQ. ## Server Delegation via a well-known file -Serving a `/.well-known/matrix/server` file from the base domain is the most straightforward way to set up server delegation, but it suffers from some problems that we list in [Downsides of well-known-based Server Delegation](#downsides-of-well-known-based-server-delegation). - -As we already mention in [Configuring DNS](configuring-dns.md) and [Configuring Service Discovery via .well-known](configuring-well-known.md), this playbook already properly guides you into setting up such delegation by means of a `/.well-known/matrix/server` file served from the base domain (`example.com`). - -If this is okay with you, feel free to not read ahead. +This playbook recommends you to set up server delegation by means of a `/.well-known/matrix/server` file served from the base domain (`example.com`), as this is the most straightforward way to set up the delegation. +To configure server delegation with the well-known file, check this section on [Configuring Service Discovery via .well-known](configuring-well-known.md): [Installing well-known files on the base domain's server](configuring-well-known.md#installing-well-known-files-on-the-base-domain-s-server) ### Downsides of well-known-based Server Delegation @@ -33,7 +36,7 @@ Otherwise, you can decide to go against the default for this playbook, and inste ## Server Delegation via a DNS SRV record (advanced) -**Note**: doing Server Delegation via a DNS SRV record is a more **advanced** way to do it and is not the default for this playbook. This is usually **much more complicated** to set up, so **we don't recommend it**. If you're not an experience sysadmin, you'd better stay away from this. +**Note**: doing Server Delegation via a DNS SRV record is a more **advanced** way to do it and is not the default for this playbook. This is usually **much more complicated** to set up, so **we don't recommend it**. If you're not an experienced sysadmin, you'd better stay away from this. As per the [Server-Server spec](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery), it's possible to do Server Delegation using only a SRV record (without a `/.well-known/matrix/server` file). @@ -47,7 +50,7 @@ To use DNS SRV record validation, you need to: - ensure that you are serving the Matrix Federation API (tcp/8448) with a certificate for `example.com` (not `matrix.example.com`!). Getting this certificate to the `matrix.example.com` server may be complicated. The playbook's automatic SSL obtaining/renewal flow will likely not work and you'll need to copy certificates around manually. See below. -For more details on [how to configure the playbook to work with SRV delegation](howto-srv-server-delegation.md) +For more details on how to configure the playbook to work with SRV delegation, take a look at this documentation: [Server Delegation via a DNS SRV record (advanced)](howto-srv-server-delegation.md) ### Obtaining certificates From c97dbc9ec6062b844d0b4aee0d9c77d3d9d884f5 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sat, 16 Nov 2024 14:32:19 +0900 Subject: [PATCH 362/404] Update docs/howto-server-delegation.md: related to removal of matrix-nginx-proxy The current ToC was added by 065b70203ded30412d3d03ff5ad3e885f55ab78b, but the links were initially added by ef903fe544398e04f4f247e7146457fae2a7d8ae as a navigation to sections under them. This commit replaces the ToC with such navigation. Also, one of the sections was removed by f4f3d575207c6207b53d1e61d9b877f30971b6ee, and since matrix-nginx-proxy was removed, it seems to me that letting Synapse handle Federation by itself would be simpler than the other method which requires setting another webserver. Therefore this commit switches the alternative method from using another webserver to using Synapse. Signed-off-by: Suguru Hirahara --- docs/howto-server-delegation.md | 28 ++++++++-------------------- 1 file changed, 8 insertions(+), 20 deletions(-) diff --git a/docs/howto-server-delegation.md b/docs/howto-server-delegation.md index 35ed957f2..a4056f397 100644 --- a/docs/howto-server-delegation.md +++ b/docs/howto-server-delegation.md @@ -67,27 +67,9 @@ Regardless of which method for obtaining certificates you've used, once you've m Based on your setup, you have different ways to go about it: -- [Server Delegation](#server-delegation) - - [Server Delegation via a well-known file](#server-delegation-via-a-well-known-file) - - [Downsides of well-known-based Server Delegation](#downsides-of-well-known-based-server-delegation) - - [Server Delegation via a DNS SRV record (advanced)](#server-delegation-via-a-dns-srv-record-advanced) - - [Obtaining certificates](#obtaining-certificates) - - [Serving the Federation API with your certificates](#serving-the-federation-api-with-your-certificates) - - [Serving the Federation API with your certificates and another webserver](#serving-the-federation-api-with-your-certificates-and-another-webserver) - - [Serving the Federation API with your certificates and Synapse handling Federation](#serving-the-federation-api-with-your-certificates-and-synapse-handling-federation) +#### Serving the Federation API with your certificates and Synapse handling Federation - - - -### Serving the Federation API with your certificates and another webserver - -**If you are using some other webserver**, you can set up reverse-proxying for the `tcp/8448` port by yourself. Make sure to use the proper certificates for `example.com` (not for `matrix.example.com`) when serving the `tcp/8448` port. - -As recommended in our [Fronting the integrated reverse-proxy webserver with another reverse-proxy](./configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) documentation section, we recommend you to expose the Matrix Federation entrypoint from traffic at a local port (e.g. `127.0.0.1:8449`), so your reverese-proxy should send traffic there. - -### Serving the Federation API with your certificates and Synapse handling Federation - -**Alternatively**, you can let Synapse handle Federation by itself. +You can let Synapse handle Federation by itself. To do that, make sure the certificate files are mounted into the Synapse container: @@ -105,3 +87,9 @@ matrix_synapse_tls_private_key_path: /some/path/inside/the/container/private.key ``` Make sure to reload Synapse once in a while (`systemctl reload matrix-synapse`), so that newer certificates can kick in. Reloading doesn't cause any downtime. + +#### Serving the Federation API with your certificates and another webserver + +**Alternatively**, if you are using another webserver, you can set up reverse-proxying for the `tcp/8448` port by yourself. Make sure to use the proper certificates for `example.com` (not for `matrix.example.com`) when serving the `tcp/8448` port. + +As recommended in our [Fronting the integrated reverse-proxy webserver with another reverse-proxy](./configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) documentation section, we recommend you to expose the Matrix Federation entrypoint from traffic at a local port (e.g. `127.0.0.1:8449`), so your reverese-proxy should send traffic there. From 439e012f037c110c90ddd5059db79557ae272755 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 10 Nov 2024 03:51:36 +0900 Subject: [PATCH 363/404] Add U+25B6 (BLACK RIGHT-POINTING TRIANGLE) characters to installation procedure navigation Set anchor links to those characters as well. Signed-off-by: Suguru Hirahara --- docs/configuring-dns.md | 2 +- docs/configuring-playbook.md | 2 +- docs/getting-the-playbook.md | 2 +- docs/prerequisites.md | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index ff5f05d4f..8a05323fd 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -105,4 +105,4 @@ To make the [postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge --------------------------------------------- -When you're done with the DNS configuration and ready to proceed, continue with [Getting the playbook](getting-the-playbook.md). +[▶️](getting-the-playbook.md) When you're done with the DNS configuration and ready to proceed, continue with [Getting the playbook](getting-the-playbook.md). diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 620fbca19..d29f69e99 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -28,7 +28,7 @@ For a basic Matrix installation, that's all you need. For a more custom setup, see the [Other configuration options](#other-configuration-options) below. -When you're done with all the configuration you'd like to do, continue with [Installing](installing.md). +[▶️](installing.md) When you're done with all the configuration you'd like to do, continue with [Installing](installing.md). ## Other configuration options diff --git a/docs/getting-the-playbook.md b/docs/getting-the-playbook.md index da155aeda..753547fc8 100644 --- a/docs/getting-the-playbook.md +++ b/docs/getting-the-playbook.md @@ -37,4 +37,4 @@ You can extract this archive anywhere. You'll get a directory called `matrix-doc --------------------------------------------- -No matter which method you've used to download the playbook, you can proceed by [Configuring the playbook](configuring-playbook.md). +[▶️](configuring-playbook.md) No matter which method you've used to download the playbook, you can proceed by [Configuring the playbook](configuring-playbook.md). diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 51bc5b2f0..fc3636658 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -48,4 +48,4 @@ To install Matrix services using this Ansible playbook, you need: --------------------------------------------- -When ready to proceed, continue with [Configuring DNS](configuring-dns.md). +[▶️](configuring-dns.md) When ready to proceed, continue with [Configuring DNS](configuring-dns.md). From 76e6bf396626430f8f6882942b3ed0cca5d2d948 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 11 Nov 2024 02:45:13 +0900 Subject: [PATCH 364/404] Remove redundante whitespace characters from the breadcrumbs Signed-off-by: Suguru Hirahara --- docs/configuring-dns.md | 2 +- docs/configuring-playbook.md | 2 +- docs/getting-the-playbook.md | 2 +- docs/installing.md | 2 +- docs/prerequisites.md | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 8a05323fd..730433f06 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -1,6 +1,6 @@ # Configuring your DNS server -⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > Configuring your DNS server > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) +⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > Configuring your DNS server > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) To set up Matrix on your domain, you'd need to do some DNS configuration. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index d29f69e99..8b7859509 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -1,6 +1,6 @@ # Configuring the playbook -⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > Configuring the playbook > [Installing](installing.md) +⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > Configuring the playbook > [Installing](installing.md) To configure the Ansible playbook, you need to have done the following things: diff --git a/docs/getting-the-playbook.md b/docs/getting-the-playbook.md index 753547fc8..0a465399b 100644 --- a/docs/getting-the-playbook.md +++ b/docs/getting-the-playbook.md @@ -1,6 +1,6 @@ # Getting the playbook -⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > Getting the playbook > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) +⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > Getting the playbook > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) This Ansible playbook is meant to be executed on your own computer (not the Matrix server). diff --git a/docs/installing.md b/docs/installing.md index 2be65a4a7..a7abd877d 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -1,6 +1,6 @@ # Installing -⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > Installing +⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > Installing If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure. diff --git a/docs/prerequisites.md b/docs/prerequisites.md index fc3636658..e0b128a35 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -1,6 +1,6 @@ # Prerequisites -⚡️[Quick start](README.md) | Prerequisites > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) +⚡️[Quick start](README.md) | Prerequisites > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) To install Matrix services using this Ansible playbook, you need: From ac02351ab7d7c1d95716238a58aa5e4690c901ac Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 10 Nov 2024 03:28:27 +0900 Subject: [PATCH 365/404] Update docs/configuring-playbook.md and docs/installing.md: remove anchor links to other installation procedure pages They are redundant as there are breadcrumbs on each page Signed-off-by: Suguru Hirahara --- docs/configuring-playbook.md | 8 +------- docs/installing.md | 2 +- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 8b7859509..144d7975a 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -2,13 +2,7 @@ ⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > Configuring the playbook > [Installing](installing.md) -To configure the Ansible playbook, you need to have done the following things: - -- have a server where Matrix services will run -- [configured your DNS records](configuring-dns.md) -- [retrieved the playbook's source code](getting-the-playbook.md) to your computer - -You can then follow these steps inside the playbook directory: +If you've configured your DNS records and retrieved the playbook's source code to your computer, you can start configuring the playbook. To do so, follow these steps inside the playbook directory: 1. create a directory to hold your configuration (`mkdir -p inventory/host_vars/matrix.example.com` where `example.com` is your "base domain") diff --git a/docs/installing.md b/docs/installing.md index a7abd877d..a2c54a68b 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -2,7 +2,7 @@ ⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > Installing -If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure. +If you've configured your DNS records and the playbook, you can start the installation procedure. ## Update Ansible roles From 9a1e08b2f04b432f4eca42370d16f669c45404ed Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 16 Nov 2024 16:33:50 +0000 Subject: [PATCH 366/404] Update dock.mau.dev/mautrix/discord Docker tag to v0.7.1 --- roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml index 6e691c163..5e8ee7f53 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_discord_container_image_self_build_repo: "https://mau.dev/mautrix matrix_mautrix_discord_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_discord_version == 'latest' else matrix_mautrix_discord_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/discord -matrix_mautrix_discord_version: v0.7.0 +matrix_mautrix_discord_version: v0.7.1 # See: https://mau.dev/mautrix/discord/container_registry matrix_mautrix_discord_docker_image: "{{ matrix_mautrix_discord_docker_image_name_prefix }}mautrix/discord:{{ matrix_mautrix_discord_version }}" From ce465115632a91b4d886bada2e3297be4acfb478 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 16 Nov 2024 16:33:53 +0000 Subject: [PATCH 367/404] Update dock.mau.dev/mautrix/gmessages Docker tag to v0.5.2 --- roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml index d541fa117..76d90bec2 100644 --- a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_gmessages_container_image_self_build_repo: "https://github.com/ma matrix_mautrix_gmessages_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_gmessages_version == 'latest' else matrix_mautrix_gmessages_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/gmessages -matrix_mautrix_gmessages_version: v0.5.1 +matrix_mautrix_gmessages_version: v0.5.2 # See: https://mau.dev/mautrix/gmessages/container_registry matrix_mautrix_gmessages_docker_image: "{{ matrix_mautrix_gmessages_docker_image_name_prefix }}mautrix/gmessages:{{ matrix_mautrix_gmessages_version }}" From 8937572939dd39e3e7e1d0a4ea8049178f677a97 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 16 Nov 2024 18:13:27 +0000 Subject: [PATCH 368/404] Update dock.mau.dev/mautrix/meta Docker tag to v0.4.2 --- .../matrix-bridge-mautrix-meta-instagram/defaults/main.yml | 2 +- .../matrix-bridge-mautrix-meta-messenger/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml index 327e8b0ab..cd2ecac96 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml @@ -13,7 +13,7 @@ matrix_mautrix_meta_instagram_enabled: true matrix_mautrix_meta_instagram_identifier: matrix-mautrix-meta-instagram # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta -matrix_mautrix_meta_instagram_version: v0.4.1 +matrix_mautrix_meta_instagram_version: v0.4.2 matrix_mautrix_meta_instagram_base_path: "{{ matrix_base_data_path }}/mautrix-meta-instagram" matrix_mautrix_meta_instagram_config_path: "{{ matrix_mautrix_meta_instagram_base_path }}/config" diff --git a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml index 9b561f2df..e5a992023 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml @@ -13,7 +13,7 @@ matrix_mautrix_meta_messenger_enabled: true matrix_mautrix_meta_messenger_identifier: matrix-mautrix-meta-messenger # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta -matrix_mautrix_meta_messenger_version: v0.4.1 +matrix_mautrix_meta_messenger_version: v0.4.2 matrix_mautrix_meta_messenger_base_path: "{{ matrix_base_data_path }}/mautrix-meta-messenger" matrix_mautrix_meta_messenger_config_path: "{{ matrix_mautrix_meta_messenger_base_path }}/config" From dd23e2d1c9b46dfcbd8805c0af5f8fba61bce36d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 16 Nov 2024 18:13:30 +0000 Subject: [PATCH 369/404] Update dock.mau.dev/mautrix/signal Docker tag to v0.7.3 --- roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml index b6265598b..b4add4f2e 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/ matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/signal -matrix_mautrix_signal_version: v0.7.2 +matrix_mautrix_signal_version: v0.7.3 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_name_prefix }}mautrix/signal:{{ matrix_mautrix_signal_docker_image_tag }}" From cdbdb435148afcf35af1b52349618bb57be35cee Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 16 Nov 2024 21:07:24 +0200 Subject: [PATCH 370/404] Upgrade Jitsi (v9823-0 -> v9823-1) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index a82bf1bd7..1daef159e 100644 --- a/requirements.yml +++ b/requirements.yml @@ -25,7 +25,7 @@ version: v11.3.0-0 name: grafana - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git - version: v9823-0 + version: v9823-1 name: jitsi - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-keydb.git version: v6.3.4-3 From 83e9818db7e7426fdef802ba073bebcf2d746bcc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 16 Nov 2024 19:07:58 +0000 Subject: [PATCH 371/404] Update dock.mau.dev/mautrix/slack Docker tag to v0.1.3 --- roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml index b4d55b2fc..991cb1d4f 100644 --- a/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_slack_container_image_self_build_repo: "https://mau.dev/mautrix/s matrix_mautrix_slack_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_slack_version == 'latest' else matrix_mautrix_slack_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/slack -matrix_mautrix_slack_version: v0.1.2 +matrix_mautrix_slack_version: v0.1.3 # See: https://mau.dev/mautrix/slack/container_registry matrix_mautrix_slack_docker_image: "{{ matrix_mautrix_slack_docker_image_name_prefix }}mautrix/slack:{{ matrix_mautrix_slack_version }}" matrix_mautrix_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_slack_container_image_self_build else 'dock.mau.dev/' }}" From c7f8b7cd1a9b069c5718d5fdd439598d045ef1e9 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 16 Nov 2024 19:08:04 +0000 Subject: [PATCH 372/404] Update dock.mau.dev/mautrix/whatsapp Docker tag to v0.11.1 --- roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml index bb2c8c5f3..eb3ec65c2 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautri matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/whatsapp -matrix_mautrix_whatsapp_version: v0.11.0 +matrix_mautrix_whatsapp_version: v0.11.1 # See: https://mau.dev/mautrix/whatsapp/container_registry matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" From 135039b276bd8161ca98eb9d4194f221ce3ba773 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 17 Nov 2024 00:34:25 +0900 Subject: [PATCH 373/404] Change "Configuring your DNS server" to "Configuring your DNS settings" Essentially it means "configuring your DNS settings or records on the DNS server you use". Signed-off-by: Suguru Hirahara --- docs/README.md | 2 +- docs/configuring-dns.md | 4 ++-- docs/configuring-playbook.md | 2 +- docs/getting-the-playbook.md | 2 +- docs/installing.md | 2 +- docs/prerequisites.md | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/README.md b/docs/README.md index 87c84050f..32ad1cfe5 100644 --- a/docs/README.md +++ b/docs/README.md @@ -4,7 +4,7 @@ - [Prerequisites](prerequisites.md) - go here to a guided installation using this Ansible playbook -- [Configuring your DNS server](configuring-dns.md) +- [Configuring your DNS settings](configuring-dns.md) - [Getting this playbook's source code](getting-the-playbook.md) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 730433f06..5272e085b 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -1,6 +1,6 @@ -# Configuring your DNS server +# Configuring your DNS settings -⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > Configuring your DNS server > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) +⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > Configuring your DNS settings > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) To set up Matrix on your domain, you'd need to do some DNS configuration. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 144d7975a..8e2383109 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -1,6 +1,6 @@ # Configuring the playbook -⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > Configuring the playbook > [Installing](installing.md) +⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS settings](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > Configuring the playbook > [Installing](installing.md) If you've configured your DNS records and retrieved the playbook's source code to your computer, you can start configuring the playbook. To do so, follow these steps inside the playbook directory: diff --git a/docs/getting-the-playbook.md b/docs/getting-the-playbook.md index 0a465399b..f25d78bfb 100644 --- a/docs/getting-the-playbook.md +++ b/docs/getting-the-playbook.md @@ -1,6 +1,6 @@ # Getting the playbook -⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > Getting the playbook > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) +⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS settings](configuring-dns.md) > Getting the playbook > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) This Ansible playbook is meant to be executed on your own computer (not the Matrix server). diff --git a/docs/installing.md b/docs/installing.md index a2c54a68b..cf7bed0b6 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -1,6 +1,6 @@ # Installing -⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > Installing +⚡️[Quick start](README.md) | [Prerequisites](prerequisites.md) > [Configuring your DNS settings](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > Installing If you've configured your DNS records and the playbook, you can start the installation procedure. diff --git a/docs/prerequisites.md b/docs/prerequisites.md index e0b128a35..7ce3714e5 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -1,6 +1,6 @@ # Prerequisites -⚡️[Quick start](README.md) | Prerequisites > [Configuring your DNS server](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) +⚡️[Quick start](README.md) | Prerequisites > [Configuring your DNS settings](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) To install Matrix services using this Ansible playbook, you need: From ab3c4edea705ea6a61803c6f0916b7f0fd930336 Mon Sep 17 00:00:00 2001 From: Daniel Vinci Date: Sat, 16 Nov 2024 20:56:15 -0700 Subject: [PATCH 374/404] Correct issuer URL in OIDC example section Keycloak exposes the issuer information on /realms/whatever, not /auth/realms/whatever. --- docs/configuring-playbook-synapse.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-synapse.md b/docs/configuring-playbook-synapse.md index 949620d62..a529d3e34 100644 --- a/docs/configuring-playbook-synapse.md +++ b/docs/configuring-playbook-synapse.md @@ -104,7 +104,7 @@ matrix_synapse_oidc_enabled: true matrix_synapse_oidc_providers: - idp_id: keycloak idp_name: "My KeyCloak server" - issuer: "https://url.ix/auth/realms/{realm_name}" + issuer: "https://url.ix/realms/{realm_name}" client_id: "matrix" client_secret: "{{ vault_synapse_keycloak }}" scopes: ["openid", "profile"] From 4f87328ff126eb3cada960cfcba5bf41f7801515 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 17 Nov 2024 13:05:59 +0900 Subject: [PATCH 375/404] Mention publicly hosted services for SchildiChat This commit basically follows 3a118811208aa14361bc43c5265b0e21730bf63a. Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-client-schildichat-web.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/configuring-playbook-client-schildichat-web.md b/docs/configuring-playbook-client-schildichat-web.md index 77c231fce..284b5da62 100644 --- a/docs/configuring-playbook-client-schildichat-web.md +++ b/docs/configuring-playbook-client-schildichat-web.md @@ -4,6 +4,10 @@ This playbook can install the [SchildiChat Web](https://github.com/SchildiChat/s SchildiChat Web is a feature-rich messenger for Matrix based on Element Web with some extras and tweaks. It can be installed alongside or instead of Element Web. +💡 **Note**: the latest version of SchildiChat Web is also available on the web, hosted by 3rd parties. If you trust giving your credentials to the following 3rd party Single Page Application, you can consider using it from there: + +- [app.schildi.chat](https://app.schildi.chat/), hosted by the [SchildiChat](https://schildi.chat/) developers + **WARNING**: SchildiChat Web is based on Element Web, but its releases are lagging behind. As an example (from 2024-02-26), SchildiChat Web is 22 releases behind (it being based on Element Web `v1.11.36`, while Element Web is now on `v1.11.58`). Element Web frequently suffers from security issues, so running something based on an ancient Element Web release is **dangerous**. Use SchildiChat Web at your own risk! ## Adjusting the playbook configuration From 3c23b643d88a40f0555292f0e8c34a98a0f9e7cc Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 17 Nov 2024 15:04:27 +0900 Subject: [PATCH 376/404] Edit docs/configuring-playbook-client-schildichat-web.md: update the paragraph for warning Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-client-schildichat-web.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-client-schildichat-web.md b/docs/configuring-playbook-client-schildichat-web.md index 284b5da62..0f5e6632c 100644 --- a/docs/configuring-playbook-client-schildichat-web.md +++ b/docs/configuring-playbook-client-schildichat-web.md @@ -8,7 +8,7 @@ SchildiChat Web is a feature-rich messenger for Matrix based on Element Web with - [app.schildi.chat](https://app.schildi.chat/), hosted by the [SchildiChat](https://schildi.chat/) developers -**WARNING**: SchildiChat Web is based on Element Web, but its releases are lagging behind. As an example (from 2024-02-26), SchildiChat Web is 22 releases behind (it being based on Element Web `v1.11.36`, while Element Web is now on `v1.11.58`). Element Web frequently suffers from security issues, so running something based on an ancient Element Web release is **dangerous**. Use SchildiChat Web at your own risk! +**WARNING**: SchildiChat Web is based on Element Web, but its releases are lagging behind. As of 2024-11, SchildiChat Web is many releases behind (it being based on Element Web `v1.11.36`, while Element Web is now on `v1.11.85`). Element Web frequently suffers from security issues (see [here](https://github.com/element-hq/element-web/security) for known issues), so running something based on an ancient Element Web release is **unsafe**. Use SchildiChat Web at your own risk! ## Adjusting the playbook configuration From a6cdb2c571c215959b529b40dc16c5356fe2383c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 17 Nov 2024 17:10:40 +0900 Subject: [PATCH 377/404] Update docs/configuring-dns.md (#3786) * Update docs/configuring-dns.md: add note about DNS settings for default services Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md and docs/configuring-playbook-ma1sd.md: move the DNS setting (SRV record) for ma1sd to the latter Edit instruction to enable a SRV record for ma1sd. Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md: remove repetitive explanations about necessity of subdomain settings Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md: move explanation about subdomain settings up Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md: fix tables layout Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md: edit the section for TXT and MX records Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md: move the row for ma1sd under the rows for CNAME records Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md: replace "may be necessary" with "is necessary" as Element Web is installed by default Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md: add a note about setting a SRV record for ma1sd Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md: use the same string for IP address placeholder Also: adjust the table's layout Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md: simplify the header for postmoogle DNS records configuration Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md: switch the order of TXT and MX moogle for Postmoogle Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md: simplify instructions for ma1sd and Postmoogle Signed-off-by: Suguru Hirahara * Update docs/configuring-dns.md: fix the anchor link to rageshake documentation The issue was introduced with ea6e8794870074c6ebffc0ac3893c82eca0e0aa6 Signed-off-by: Suguru Hirahara --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara --- docs/configuring-dns.md | 104 ++++++++++------------------- docs/configuring-playbook-ma1sd.md | 10 +++ 2 files changed, 47 insertions(+), 67 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 5272e085b..ac0dbd19b 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -23,85 +23,55 @@ On the other hand, if you choose this method (setting up a DNS SRV record), you ## DNS settings for services enabled by default -| Type | Host | Priority | Weight | Port | Target | -| ----- | ---------------------------- | -------- | ------ | ---- | ---------------------- | -| A | `matrix` | - | - | - | `matrix-server-IP` | +To serve the base domain (`example.com`) and [Element Web](configuring-playbook-client-element-web.md) with the default subdomain, adjust DNS records as below. + +| Type | Host | Priority | Weight | Port | Target | +| ----- | ---------------------------- | -------- | ------ | ---- | ---------------------| +| A | `matrix` | - | - | - | `matrix-server-IP` | | CNAME | `element` | - | - | - | `matrix.example.com` | +As the table illustrates, you need to create 2 subdomains (`matrix.example.com` and `element.example.com`) and point both of them to your server's IP address (DNS `A` record or `CNAME` record is fine). + +The `element.example.com` subdomain is necessary, because this playbook installs the [Element Web](https://github.com/element-hq/element-web) client for you by default. If you'd rather instruct the playbook not to install Element Web (`matrix_client_element_enabled: false` when [Configuring the playbook](configuring-playbook.md) later), feel free to skip the `element.example.com` DNS record. + Be mindful as to how long it will take for the DNS records to propagate. If you are using Cloudflare DNS, make sure to disable the proxy and set all records to `DNS only`. Otherwise, fetching certificates will fail. ## DNS settings for optional services/features -| Used by component | Type | Host | Priority | Weight | Port | Target | -| -------------------------------------------------------------------------------------------------------------------------- | ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | -| [ma1sd](configuring-playbook-ma1sd.md) identity server | SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.example.com` | -| [Dimension](configuring-playbook-dimension.md) integration server | CNAME | `dimension` | - | - | - | `matrix.example.com` | -| [Jitsi](configuring-playbook-jitsi.md) video-conferencing platform | CNAME | `jitsi` | - | - | - | `matrix.example.com` | -| [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) monitoring system | CNAME | `stats` | - | - | - | `matrix.example.com` | -| [Go-NEB](configuring-playbook-bot-go-neb.md) bot | CNAME | `goneb` | - | - | - | `matrix.example.com` | -| [Sygnal](configuring-playbook-sygnal.md) push notification gateway | CNAME | `sygnal` | - | - | - | `matrix.example.com` | -| [ntfy](configuring-playbook-ntfy.md) push notifications server | CNAME | `ntfy` | - | - | - | `matrix.example.com` | -| [Etherpad](configuring-playbook-etherpad.md) collaborative text editor | CNAME | `etherpad` | - | - | - | `matrix.example.com` | -| [Hydrogen](configuring-playbook-client-hydrogen.md) web client | CNAME | `hydrogen` | - | - | - | `matrix.example.com` | -| [Cinny](configuring-playbook-client-cinny.md) web client | CNAME | `cinny` | - | - | - | `matrix.example.com` | -| [SchildiChat Web](configuring-playbook-client-schildichat-web.md) client | CNAME | `schildichat` | - | - | - | `matrix.example.com` | -| [wsproxy](configuring-playbook-bridge-mautrix-wsproxy.md) sms bridge | CNAME | `wsproxy` | - | - | - | `matrix.example.com` | -| [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.example.com` | -| [rageshake](docs/configuring-playbook-rageshake.md) bug report server | CNAME | `rageshake` | - | - | - | `matrix.example.com` | -| [Postmoogle](configuring-playbook-bridge-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | MX | `matrix` | 10 | 0 | - | `matrix.example.com` | -| [Postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge | TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | -| [Postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge | TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | -| [Postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge | TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | +For other services which may need subdomain settings, see the table below and configure the DNS (`CNAME`) records accordingly. + +| Used by component | Type | Host | Priority | Weight | Port | Target | +| -------------------------------------------------------------------------------------------------------------------------- | ----- | ------------------------------ | -------- | ------ | ---- | -----------------------------------| +| [Dimension](configuring-playbook-dimension.md) integration server | CNAME | `dimension` | - | - | - | `matrix.example.com` | +| [Jitsi](configuring-playbook-jitsi.md) video-conferencing platform | CNAME | `jitsi` | - | - | - | `matrix.example.com` | +| [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) monitoring system | CNAME | `stats` | - | - | - | `matrix.example.com` | +| [Go-NEB](configuring-playbook-bot-go-neb.md) bot | CNAME | `goneb` | - | - | - | `matrix.example.com` | +| [Sygnal](configuring-playbook-sygnal.md) push notification gateway | CNAME | `sygnal` | - | - | - | `matrix.example.com` | +| [ntfy](configuring-playbook-ntfy.md) push notifications server | CNAME | `ntfy` | - | - | - | `matrix.example.com` | +| [Etherpad](configuring-playbook-etherpad.md) collaborative text editor | CNAME | `etherpad` | - | - | - | `matrix.example.com` | +| [Hydrogen](configuring-playbook-client-hydrogen.md) web client | CNAME | `hydrogen` | - | - | - | `matrix.example.com` | +| [Cinny](configuring-playbook-client-cinny.md) web client | CNAME | `cinny` | - | - | - | `matrix.example.com` | +| [SchildiChat Web](configuring-playbook-client-schildichat-web.md) client | CNAME | `schildichat` | - | - | - | `matrix.example.com` | +| [wsproxy](configuring-playbook-bridge-mautrix-wsproxy.md) sms bridge | CNAME | `wsproxy` | - | - | - | `matrix.example.com` | +| [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.example.com` | +| [rageshake](configuring-playbook-rageshake.md) bug report server | CNAME | `rageshake` | - | - | - | `matrix.example.com` | +| [ma1sd](configuring-playbook-ma1sd.md) identity server | SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.example.com` | +| [Postmoogle](configuring-playbook-bridge-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | MX | `matrix` | 10 | 0 | - | `matrix.example.com` | +| [Postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge | TXT | `matrix` | - | - | - | `v=spf1 ip4:matrix-server-IP -all` | +| [Postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge | TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | +| [Postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge | TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | + +### SRV record for ma1sd + +To make ma1sd enable its federation features, you need to set up a `_matrix-identity._tcp` SRV record. Don't confuse this with the `_matrix._tcp` SRV record for server delegation. See the table above and [this section](configuring-playbook-ma1sd.md#adjusting-dns-records) for values which need to be specified. When setting up a SRV record, if you are asked for a service and protocol instead of a hostname split the host value from the table where the period is. For example use service as `_matrix-identity` and protocol as `_tcp`. -## Subdomains setup +### MX and TXT records for Postmoogle -As the table above illustrates, you need to create 2 subdomains (`matrix.example.com` and `element.example.com`) and point both of them to your new server's IP address (DNS `A` record or `CNAME` record is fine). - -The `element.example.com` subdomain may be necessary, because this playbook installs the [Element Web](https://github.com/element-hq/element-web) client for you. If you'd rather instruct the playbook not to install Element Web (`matrix_client_element_enabled: false` when [Configuring the playbook](configuring-playbook.md) later), feel free to skip the `element.example.com` DNS record. - -The `dimension.example.com` subdomain may be necessary, because this playbook could install the [Dimension integration manager](http://dimension.t2bot.io/) for you. The installation of Dimension is disabled by default, because it's only possible to install it after the other Matrix services are working (see [Setting up Dimension integration manager](configuring-playbook-dimension.md) later). If you do not wish to set up Dimension, feel free to skip the `dimension.example.com` DNS record. - -The `jitsi.example.com` subdomain may be necessary, because this playbook could install the [Jitsi video-conferencing platform](https://jitsi.org/) for you. The installation of Jitsi is disabled by default, because it may be heavy and is not a core required component. To learn how to install it, see our [Jitsi](configuring-playbook-jitsi.md) guide. If you do not wish to set up Jitsi, feel free to skip the `jitsi.example.com` DNS record. - -The `stats.example.com` subdomain may be necessary, because this playbook could install [Grafana](https://grafana.com/) and setup performance metrics for you. The installation of Grafana is disabled by default, it is not a core required component. To learn how to install it, see our [metrics and graphs guide](configuring-playbook-prometheus-grafana.md). If you do not wish to set up Grafana, feel free to skip the `stats.example.com` DNS record. It is possible to install Prometheus without installing Grafana, this would also not require the `stats.example.com` subdomain. - -The `goneb.example.com` subdomain may be necessary, because this playbook could install the [Go-NEB](https://github.com/matrix-org/go-neb) bot. The installation of Go-NEB is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Go-NEB guide](configuring-playbook-bot-go-neb.md). If you do not wish to set up Go-NEB, feel free to skip the `goneb.example.com` DNS record. - -The `sygnal.example.com` subdomain may be necessary, because this playbook could install the [Sygnal](https://github.com/matrix-org/sygnal) push gateway. The installation of Sygnal is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Sygnal guide](configuring-playbook-sygnal.md). If you do not wish to set up Sygnal (you probably don't, unless you're also developing/building your own Matrix apps), feel free to skip the `sygnal.example.com` DNS record. - -The `ntfy.example.com` subdomain may be necessary, because this playbook could install the [ntfy](https://ntfy.sh/) UnifiedPush-compatible push notifications server. The installation of ntfy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring ntfy guide](configuring-playbook-ntfy.md). If you do not wish to set up ntfy, feel free to skip the `ntfy.example.com` DNS record. - -The `etherpad.example.com` subdomain may be necessary, because this playbook could install the [Etherpad](https://etherpad.org/) a highly customizable open source online editor providing collaborative editing in really real-time. The installation of Etherpad is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Etherpad guide](configuring-playbook-etherpad.md). If you do not wish to set up Etherpad, feel free to skip the `etherpad.example.com` DNS record. - -The `hydrogen.example.com` subdomain may be necessary, because this playbook could install the [Hydrogen](https://github.com/element-hq/hydrogen-web) web client. The installation of Hydrogen is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Hydrogen guide](configuring-playbook-client-hydrogen.md). If you do not wish to set up Hydrogen, feel free to skip the `hydrogen.example.com` DNS record. - -The `cinny.example.com` subdomain may be necessary, because this playbook could install the [Cinny](https://github.com/ajbura/cinny) web client. The installation of Cinny is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Cinny guide](configuring-playbook-client-cinny.md). If you do not wish to set up Cinny, feel free to skip the `cinny.example.com` DNS record. - -The `schildichat.example.com` subdomain may be necessary, because this playbook could install the [SchildiChat Web](https://github.com/SchildiChat/schildichat-desktop) client. The installation of SchildiChat Web is disabled by default, it is not a core required component. To learn how to install it, see our [configuring SchildiChat Web guide](configuring-playbook-client-schildichat-web.md). If you do not wish to set up SchildiChat Web, feel free to skip the `schildichat.example.com` DNS record. - -The `wsproxy.example.com` subdomain may be necessary, because this playbook could install the [wsproxy](https://github.com/mautrix/wsproxy) web client. The installation of wsproxy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring wsproxy guide](configuring-playbook-bridge-mautrix-wsproxy.md). If you do not wish to set up wsproxy, feel free to skip the `wsproxy.example.com` DNS record. - -The `buscarron.example.com` subdomain may be necessary, because this playbook could install the [Buscarron](https://github.com/etkecc/buscarron) bot. The installation of Buscarron is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Buscarron guide](configuring-playbook-bot-buscarron.md). If you do not wish to set up Buscarron, feel free to skip the `buscarron.example.com` DNS record. - -The `rageshake.example.com` subdomain may be necessary, because this playbook could install the [rageshake](https://github.com/matrix-org/rageshake) bug report server. The installation of rageshake is disabled by default, it is not a core required component. To learn how to install it, see our [configuring rageshake guide](configuring-playbook-rageshake.md). If you do not wish to set up rageshake, feel free to skip the `rageshake.example.com` DNS record. - -## `_matrix-identity._tcp` SRV record setup - -To make the [ma1sd](https://github.com/ma1uta/ma1sd) Identity Server (which this playbook may optionally install for you) enable its federation features, set up an SRV record that looks like this: -- Name: `_matrix-identity._tcp` (use this text as-is) -- Content: `10 0 443 matrix.example.com` (replace `example.com` with your own) - -This is an optional feature for the optionally-installed [ma1sd service](configuring-playbook-ma1sd.md). See [ma1sd's documentation](https://github.com/ma1uta/ma1sd/wiki/mxisd-and-your-privacy#choices-are-never-easy) for information on the privacy implications of setting up this SRV record. - -**Note**: This `_matrix-identity._tcp` SRV record for the identity server is different from the `_matrix._tcp` that can be used for Synapse delegation. See [howto-server-delegation.md](howto-server-delegation.md) for more information about delegation. - -## `_dmarc`, `postmoogle._domainkey` TXT and `matrix` MX records setup - -To make the [postmoogle](configuring-playbook-bridge-postmoogle.md) email bridge enable its email sending features, you need to configure SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records +To make Postmoogle enable its email sending features, you need to configure MX and TXT (SPF, DMARC, and DKIM) records. See the table above for values which need to be specified. --------------------------------------------- diff --git a/docs/configuring-playbook-ma1sd.md b/docs/configuring-playbook-ma1sd.md index 52116e142..dd5b16003 100644 --- a/docs/configuring-playbook-ma1sd.md +++ b/docs/configuring-playbook-ma1sd.md @@ -34,6 +34,16 @@ matrix_ma1sd_matrixorg_forwarding_enabled: true If you'd like to change the default email templates used by ma1sd, take a look at the `matrix_ma1sd_threepid_medium_email_custom_` variables (in the `roles/custom/matrix-ma1sd/defaults/main.yml` file. +## Adjusting DNS records + +To make the ma1sd Identity Server enable its federation features, set up an SRV record that looks like this: +- Name: `_matrix-identity._tcp` (use this text as-is) +- Content: `10 0 443 matrix.example.com` (replace `example.com` with your own) + +See [ma1sd's documentation](https://github.com/ma1uta/ma1sd/wiki/mxisd-and-your-privacy#choices-are-never-easy) for information on the privacy implications of setting up this SRV record. + +**Note**: This `_matrix-identity._tcp` SRV record for the identity server is different from the `_matrix._tcp` that can be used for Synapse delegation. See [howto-server-delegation.md](howto-server-delegation.md) for more information about delegation. + ## Installing After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` From 8f11e1d5bc9acaa86c7c4fed1da29cc20a197902 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 12 Nov 2024 20:26:36 +0900 Subject: [PATCH 378/404] Update docs/configuring-playbook-bridge-hookshot.md: fix link to main.yml Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-hookshot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index f8f54b79c..ebc75f122 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -60,7 +60,7 @@ Unless indicated otherwise, the following endpoints are reachable on your `matri | widgets | `/hookshot/widgetapi/` | `matrix_hookshot_widgets_endpoint` | Widgets | | metrics | `/metrics/hookshot` | `matrix_hookshot_metrics_enabled` and exposure enabled via `matrix_hookshot_metrics_proxying_enabled` or `matrix_metrics_exposure_enabled`. Read more in the [Metrics section](#metrics) below. | Prometheus | -Also see the various `matrix_hookshot_container_labels_*` variables in [default/main.yml](/roles/custom/matrix-bridge-hookshot/default/main.yml), which expose URLs publicly. +Also see the various `matrix_hookshot_container_labels_*` variables in [main.yml](/roles/custom/matrix-bridge-hookshot/defaults/main.yml), which expose URLs publicly. The different listeners are also reachable *internally* in the docker-network via the container's name (configured by `matrix_hookshot_container_url`) and on different ports (e.g. `matrix_hookshot_appservice_port`). Read [main.yml](/roles/custom/matrix-bridge-hookshot/defaults/main.yml) in detail for more info. From 5bf09f5fdcc0fd7c7125432e659bb3129996bc25 Mon Sep 17 00:00:00 2001 From: Aine Date: Sun, 17 Nov 2024 13:47:06 +0200 Subject: [PATCH 379/404] add new variables to control message retention in Synapse --- roles/custom/matrix-synapse/defaults/main.yml | 21 ++++++++++ .../templates/synapse/homeserver.yaml.j2 | 38 +++++++++++++------ 2 files changed, 47 insertions(+), 12 deletions(-) diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index cdc117443..e8c0441e7 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -370,6 +370,27 @@ matrix_synapse_media_retention_remote_media_lifetime: # Controls the list of additional oembed providers to be added to the homeserver. matrix_synapse_oembed_additional_providers: [] +# Controls message retention policies +matrix_synapse_retention_enabled: false +# "A single var to control them all" - applied to all retention period vars, applied only if a value is set, e.g. : "1d", "1w", "1m", "1y" +matrix_synapse_retention_period: "" +# The default min lifetime, applied only if a value is set, e.g. : "1d", "1w", "1m", "1y" +matrix_synapse_retention_default_policy_min_lifetime: "{{ matrix_synapse_retention_period }}" +# The default max lifetime, applied only if a value is set, e.g. : "1d", "1w", "1m", "1y" +matrix_synapse_retention_default_policy_max_lifetime: "{{ matrix_synapse_retention_period }}" +# The allowed min lifetime, applied only if a value is set, e.g. : "1d", "1w", "1m", "1y" +matrix_synapse_retention_allowed_lifetime_min: "{{ matrix_synapse_retention_period }}" +# The allowed max lifetime, applied only if a value is set, e.g. : "1d", "1w", "1m", "1y" +matrix_synapse_retention_allowed_lifetime_max: "{{ matrix_synapse_retention_period }}" +# The list of the purge jobs, structure (all fields are optional, example below contains all available variants): +# - longest_max_lifetime: "1d" +# shortest_max_lifetime: "1d" +# interval: "12h" +# - longest_max_lifetime: "1d" +# - shortest_max_lifetime: "1d" +# - interval: "12h" +matrix_synapse_retention_purge_jobs: [] + # The tmpfs at /tmp needs to be large enough to handle multiple concurrent file uploads. matrix_synapse_tmp_directory_size_mb: "{{ matrix_synapse_max_upload_size_mb * 50 }}" diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 3408a1050..0e7d36b30 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -590,26 +590,37 @@ templates: # purged are ignored and not stored again. # retention: + {% if matrix_synapse_retention_enabled %} # The message retention policies feature is disabled by default. Uncomment the # following line to enable it. # - #enabled: true + enabled: {{ matrix_synapse_retention_enabled|to_json }} # Default retention policy. If set, Synapse will apply it to rooms that lack the # 'm.room.retention' state event. Currently, the value of 'min_lifetime' doesn't # matter much because Synapse doesn't take it into account yet. # - #default_policy: - # min_lifetime: 1d - # max_lifetime: 1y + {% if matrix_synapse_retention_default_policy_min_lifetime | length > 0 or matrix_synapse_retention_default_policy_max_lifetime | length > 0 %} + default_policy: + {% if matrix_synapse_retention_default_policy_min_lifetime | length > 0 %} + min_lifetime: {{ matrix_synapse_retention_default_policy_min_lifetime|to_json }} + {% endif %} + {% if matrix_synapse_retention_default_policy_max_lifetime | length > 0 %} + max_lifetime: {{ matrix_synapse_retention_default_policy_max_lifetime|to_json }} + {% endif %} + {% endif %} # Retention policy limits. If set, and the state of a room contains a # 'm.room.retention' event in its state which contains a 'min_lifetime' or a # 'max_lifetime' that's out of these bounds, Synapse will cap the room's policy # to these limits when running purge jobs. # - #allowed_lifetime_min: 1d - #allowed_lifetime_max: 1y + {% if matrix_synapse_retention_allowed_lifetime_min | length > 0 %} + allowed_lifetime_min: {{ matrix_synapse_retention_allowed_lifetime_min|to_json }} + {% endif %} + {% if matrix_synapse_retention_allowed_lifetime_max | length > 0 %} + allowed_lifetime_max: {{ matrix_synapse_retention_allowed_lifetime_max|to_json }} + {% endif %} # Server admins can define the settings of the background jobs purging the # events which lifetime has expired under the 'purge_jobs' section. @@ -640,12 +651,15 @@ retention: # room's policy to these values is done after the policies are retrieved from # Synapse's database (which is done using the range specified in a purge job's # configuration). - # - #purge_jobs: - # - longest_max_lifetime: 3d - # interval: 12h - # - shortest_max_lifetime: 3d - # interval: 1d + {% if matrix_synapse_retention_purge_jobs is not none %} + purge_jobs: + {% for job in matrix_synapse_retention_purge_jobs %} + - {% if job.longest_max_lifetime is defined %}longest_max_lifetime: {{ job.longest_max_lifetime|to_json }}{% endif %} + {% if job.shortest_max_lifetime is defined %}shortest_max_lifetime: {{ job.shortest_max_lifetime|to_json }}{% endif %} + {% if job.interval is defined %}interval: {{ job.interval|to_json }}{% endif %} + {% endfor %} + {% endif %} + {% endif %} ## TLS ## From 5e4c930d9010fc8156adbe31ef9da0c20910e2d7 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 17 Nov 2024 21:30:47 +0900 Subject: [PATCH 380/404] Fix broken anchor links Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-draupnir.md | 2 +- docs/configuring-playbook-bot-mjolnir.md | 2 +- docs/configuring-playbook-bridge-beeper-linkedin.md | 2 +- docs/configuring-playbook-etherpad.md | 2 +- docs/configuring-playbook-jitsi.md | 2 +- docs/configuring-playbook-ma1sd.md | 2 +- docs/configuring-playbook-s3-goofys.md | 2 +- docs/configuring-playbook.md | 4 ++-- docs/container-images.md | 2 +- docs/faq.md | 10 +++++----- docs/registering-users.md | 2 +- docs/updating-users-passwords.md | 4 ++-- 12 files changed, 18 insertions(+), 18 deletions(-) diff --git a/docs/configuring-playbook-bot-draupnir.md b/docs/configuring-playbook-bot-draupnir.md index 837e8230a..77d93f589 100644 --- a/docs/configuring-playbook-bot-draupnir.md +++ b/docs/configuring-playbook-bot-draupnir.md @@ -35,7 +35,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Draupnir will crash. This can be done using Synapse's [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). Please ask for help if you are uncomfortable with these steps or run into issues. -If your Synapse Admin API is exposed to the internet for some reason like running the Synapse Admin Role [Link](/docs/configuring-playbook-synapse-admin.md) or running `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true` in your playbook config. If your API is not externally exposed you should still be able to on the local host for your synapse run these commands. +If your Synapse Admin API is exposed to the internet for some reason like running the Synapse Admin Role [Link](configuring-playbook-synapse-admin.md) or running `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true` in your playbook config. If your API is not externally exposed you should still be able to on the local host for your synapse run these commands. The following command works on semi up to date Windows 10 installs and All Windows 11 installations and other systems that ship curl. `curl --header "Authorization: Bearer " -X POST https://matrix.example.com/_synapse/admin/v1/users/@example:example.com/override_ratelimit` Replace `@example:example.com` with the MXID of your Draupnir and example.com with your homeserver domain. You can easily obtain an access token for a homeserver admin account the same way you can obtain an access token for Draupnir itself. If you made Draupnir Admin you can just use the Draupnir token. diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 28a1a5b3a..f4ccca11c 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -31,7 +31,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. This can be done using Synapse's [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). Please ask for help if you are uncomfortable with these steps or run into issues. -If your Synapse Admin API is exposed to the internet for some reason like running the Synapse Admin Role [Link](/docs/configuring-playbook-synapse-admin.md) or running `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true` in your playbook config. If your API is not externally exposed you should still be able to on the local host for your synapse run these commands. +If your Synapse Admin API is exposed to the internet for some reason like running the Synapse Admin Role [Link](configuring-playbook-synapse-admin.md) or running `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true` in your playbook config. If your API is not externally exposed you should still be able to on the local host for your synapse run these commands. The following command works on semi up to date Windows 10 installs and All Windows 11 installations and other systems that ship curl. `curl --header "Authorization: Bearer " -X POST https://matrix.example.com/_synapse/admin/v1/users/@example:example.com/override_ratelimit` Replace `@example:example.com` with the MXID of your Mjolnir and example.com with your homeserver domain. You can easily obtain an access token for a homeserver admin account the same way you can obtain an access token for Mjolnir itself. If you made Mjolnir Admin you can just use the Mjolnir token. diff --git a/docs/configuring-playbook-bridge-beeper-linkedin.md b/docs/configuring-playbook-bridge-beeper-linkedin.md index 3c2143a6c..fb6591043 100644 --- a/docs/configuring-playbook-bridge-beeper-linkedin.md +++ b/docs/configuring-playbook-bridge-beeper-linkedin.md @@ -54,7 +54,7 @@ Send `login YOUR_LINKEDIN_EMAIL_ADDRESS` to the bridge bot to enable bridging fo If you run into trouble, check the [Troubleshooting](#troubleshooting) section below. -After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting), if you haven't already done so. +After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting-by-enabling-appservice-double-puppet-or-shared-secret-auth), if you haven't already done so. ## Troubleshooting diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index c32b60dda..6bdc4a382 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -50,7 +50,7 @@ After configuring the playbook and potentially [adjusting your DNS records](#adj The Etherpad UI should be available at `https://etherpad.example.com`, while the admin UI (if enabled) should then be available at `https://etherpad.example.com/admin`. -If you've [decided on another hostname or path-prefix](#decide-on-a-domain-and-path) (e.g. `https://matrix.example.com/etherpad`), adjust these URLs accordingly before usage. +If you've [decided on another hostname or path-prefix](#adjusting-the-etherpad-url) (e.g. `https://matrix.example.com/etherpad`), adjust these URLs accordingly before usage. ### Managing / Deleting old pads diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 19225bfe9..55f647d90 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -46,7 +46,7 @@ By default, you will need to create a CNAME record for `jitsi`. See [Configuring By default the Jitsi Meet instance does not require any kind of login and is open to use for anyone without registration. -If you're fine with such an open Jitsi instance, please skip to [Apply changes](#apply-changes). +If you're fine with such an open Jitsi instance, please skip to [Installing](#installing). If you would like to control who is allowed to open meetings on your new Jitsi instance, then please follow the following steps to enable Jitsi's authentication and optionally guests mode. diff --git a/docs/configuring-playbook-ma1sd.md b/docs/configuring-playbook-ma1sd.md index dd5b16003..d834e6e32 100644 --- a/docs/configuring-playbook-ma1sd.md +++ b/docs/configuring-playbook-ma1sd.md @@ -54,7 +54,7 @@ To use the [Registration](https://github.com/ma1uta/ma1sd/blob/master/docs/featu - `matrix_synapse_enable_registration` - to enable user-initiated registration in Synapse -- `matrix_synapse_enable_registration_captcha` - to validate registering users using reCAPTCHA, as described in the [enabling reCAPTCHA](configuring_captcha.md) documentation. +- `matrix_synapse_enable_registration_captcha` - to validate registering users using reCAPTCHA, as described in the [enabling reCAPTCHA](configuring-captcha.md) documentation. - `matrix_synapse_registrations_require_3pid` - a list of 3pid types (among `'email'`, `'msisdn'`) required by the Synapse server for registering diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md index 494f96752..81df60636 100644 --- a/docs/configuring-playbook-s3-goofys.md +++ b/docs/configuring-playbook-s3-goofys.md @@ -32,7 +32,7 @@ If you have local media store files and wish to migrate to Backblaze B2 subseque ## Migrating from local filesystem storage to S3 -It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before migrating your local media store to an S3-backed one. +It's a good idea to [make a complete server backup](faq.md#how-do-i-back-up-the-data-on-my-server) before migrating your local media store to an S3-backed one. After making the backup, follow one of the guides below for a migration path from a locally-stored media store to one stored on S3-compatible storage: diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 8e2383109..50cb3ec60 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -98,7 +98,7 @@ Extend and modify how users are authenticated on your homeserver. Use alternative file storage to the default `media_store` folder. -- [Storing Matrix media files on Amazon S3 with Goofys](docs/configuring-playbook-s3-goofys.md) +- [Storing Matrix media files on Amazon S3 with Goofys](configuring-playbook-s3-goofys.md) - [Storing Synapse media files on Amazon S3 or another compatible Object Storage](configuring-playbook-s3.md) @@ -197,7 +197,7 @@ Services that help you in administrating and monitoring your Matrix installation - [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) -- [Enabling metrics and graphs for NginX logs](docs/configuring-playbook-prometheus-nginxlog.md) +- [Enabling metrics and graphs for NginX logs](configuring-playbook-prometheus-nginxlog.md) - [Setting up the rageshake bug report server](configuring-playbook-rageshake.md) diff --git a/docs/container-images.md b/docs/container-images.md index 27034d8cd..77d83eeb3 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -95,7 +95,7 @@ Bridges can be used to connect your Matrix installation with third-party communi | [mx-puppet-groupme](configuring-playbook-bridge-mx-puppet-groupme.md) | [xangelix/mx-puppet-groupme](https://hub.docker.com/r/xangelix/mx-puppet-groupme) | ❌ | Bridge to [GroupMe](https://groupme.com/) | | [mx-puppet-steam](configuring-playbook-bridge-mx-puppet-steam.md) | [icewind1991/mx-puppet-steam](https://hub.docker.com/r/icewind1991/mx-puppet-steam) | ❌ | Bridge to [Steam](https://steamapp.com/) | | [Email2Matrix](configuring-playbook-email2matrix.md) | [devture/email2matrix](https://hub.docker.com/r/devture/email2matrix/) | ❌ | Bridge for relaying emails to Matrix rooms | -| [Postmoogle](docs/configuring-playbook-bridge-postmoogle.md) | [etke.cc/postmoogle](https://github.com/etkecc/postmoogle/container_registry) | ❌ | Email to Matrix bridge | +| [Postmoogle](configuring-playbook-bridge-postmoogle.md) | [etke.cc/postmoogle](https://github.com/etkecc/postmoogle/container_registry) | ❌ | Email to Matrix bridge | ## Bots diff --git a/docs/faq.md b/docs/faq.md index 740c2f297..4de692f01 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -226,15 +226,15 @@ Using a separate domain name is easier to manage (although it's a little hard to We allow `matrix.example.com` to be the Matrix server handling Matrix stuff for `example.com` by [Server Delegation](howto-server-delegation.md). During the installation procedure, we recommend that you set up server delegation using the [.well-known](configuring-well-known.md) method. -If you'd really like to install Matrix services directly on the base domain, see [How do I install on matrix.example.com without involving the base domain?](#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) +If you'd really like to install Matrix services directly on the base domain, see [How do I install on matrix.example.com without involving the base domain?](#how-do-i-install-on-matrixexamplecom-without-involving-the-base-domain) ### I don't control anything on the base domain and can't set up delegation to matrix.example.com. What do I do? -If you're not in control of your base domain (or the server handling it) at all, you can take a look at [How do I install on matrix.example.com without involving the base domain?](#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) +If you're not in control of your base domain (or the server handling it) at all, you can take a look at [How do I install on matrix.example.com without involving the base domain?](#how-do-i-install-on-matrixexamplecom-without-involving-the-base-domain) ### I can't set up HTTPS on the base domain. How will I get Matrix federating? -If you really can't obtain an HTTPS certificate for your base domain, you can take a look at [How do I install on matrix.example.com without involving the base domain?](#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) +If you really can't obtain an HTTPS certificate for your base domain, you can take a look at [How do I install on matrix.example.com without involving the base domain?](#how-do-i-install-on-matrixexamplecom-without-involving-the-base-domain) ### How do I install on matrix.example.com without involving the base domain? @@ -371,7 +371,7 @@ Yes, you can. You generally need to do a playbook installation (start at the [Prerequisites](prerequisites.md) page), followed by importing your existing data into it. -This Ansible playbook guides you into installing a server for `example.com` (user identifiers are like this: `@user:example.com`), while the server is at `matrix.example.com`. If your existing setup has a server name (`server_name` configuration setting in Synapse's `homeserver.yaml` file) other than the base `example.com`, you may need to tweak some additional variables. This FAQ entry may be of use if you're dealing with a more complicated setup - [How do I install on matrix.example.com without involving the base domain?](#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) +This Ansible playbook guides you into installing a server for `example.com` (user identifiers are like this: `@user:example.com`), while the server is at `matrix.example.com`. If your existing setup has a server name (`server_name` configuration setting in Synapse's `homeserver.yaml` file) other than the base `example.com`, you may need to tweak some additional variables. This FAQ entry may be of use if you're dealing with a more complicated setup - [How do I install on matrix.example.com without involving the base domain?](#how-do-i-install-on-matrixexamplecom-without-involving-the-base-domain) After configuring the playbook and installing and **before starting** services (done with `ansible-playbook ... --tags=start`) you'd import [your SQLite](importing-synapse-sqlite.md) (or [Postgres](importing-postgres.md)) database and also [import your media store](importing-synapse-media-store.md). @@ -451,7 +451,7 @@ You can later restore these roughly like this: - restore the `/matrix` directory and files on the new server manually - run the playbook again (see [Installing](installing.md)), but **don't** start services yet (**don't run** `... --tags=start`). This step will fix any file permission mismatches and will also set up additional software (Docker, etc.) and files on the server (systemd service, etc.). - perform a Postgres database import (see [Importing Postgres](importing-postgres.md)) to restore your database backup -- start services (see [Starting the services](installing.md#starting-the-services)) +- start services (see [Finalize the installation](installing.md#finalize-the-installation)) If your server's IP address has changed, you may need to [set up DNS](configuring-dns.md) again. diff --git a/docs/registering-users.md b/docs/registering-users.md index b28a19409..a7bf6a8ab 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -9,7 +9,7 @@ Table of contents: - [Managing users via a Web UI](#managing-users-via-a-web-ui) - [Letting certain users register on your private server](#letting-certain-users-register-on-your-private-server) - [Enabling public user registration](#enabling-public-user-registration) - - [Adding/Removing Administrator privileges to an existing Synapse user](#addingremoving-administrator-privileges-to-an-existing-synapse-user) + - [Adding/Removing Administrator privileges to an existing user](#addingremoving-administrator-privileges-to-an-existing-user) ## Registering users manually diff --git a/docs/updating-users-passwords.md b/docs/updating-users-passwords.md index d4b3b1ec0..c1c69cf7d 100644 --- a/docs/updating-users-passwords.md +++ b/docs/updating-users-passwords.md @@ -15,7 +15,7 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username= Date: Mon, 18 Nov 2024 00:42:12 +0900 Subject: [PATCH 381/404] Update docs/installing.md: add "Create your user account" section before "Finalize the installation" (#3789) * Update docs/installing.md: add "Create your user account" section before "Finalize the installation" docs/registering-users.md has correctly instructed that service delegation should be conducted after creating user accounts to finalize the installation process. Since it does not really make sense to claim that installation has finished if there is not a user, this commit adds instruction to create a user account before configuring server delegation. Signed-off-by: Suguru Hirahara * Update docs/installing.md Co-authored-by: Slavi Pantaleev * Update installing.md: remove a whitespace character --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara Co-authored-by: Slavi Pantaleev --- docs/installing.md | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/docs/installing.md b/docs/installing.md index cf7bed0b6..f6b61d5ef 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -66,9 +66,31 @@ You can now: ansible-playbook -i inventory/hosts setup.yml --tags=ensure-matrix-users-created,start ``` +## Create your user account + +ℹ️ *You can skip this step if you have installed a server and imported old data to it.* + +As you have configured your brand new server and the client, you need to **create your user account** on your Matrix server. + +After creating the user account, you can log in to it with [Element Web](configuring-playbook-client-element-web.md) that this playbook has installed for you at this URL: `https://element.example.com/`. + +To register a user via this Ansible playbook, run the command below on your local computer. + +**Notes**: +- Before running it, make sure to edit `YOUR_USERNAME_HERE` and `YOUR_PASSWORD_HERE` +- In the command below, `YOUR_USERNAME_HERE` is just a plain username (like `john`), not your full `@user:example.com` identifier + +```sh +ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=YOUR_USERNAME_HERE password=YOUR_PASSWORD_HERE admin=' --tags=register-user + +# Example: `ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=john password=secret-password admin=yes' --tags=register-user` +``` + +For more information, see the documentation for [registering users](registering-users.md). + ## Finalize the installation -Now that services are running, you need to **finalize the installation process** by [delegating (redirecting) the server](howto-server-delegation.md) to your base domain (`example.com`). +Now you've configured Matrix services and your user account, you need to **finalize the installation process** by [setting up Matrix delegation (redirection)](howto-server-delegation.md), so that your Matrix server (`matrix.example.com`) can present itself as the base domain (`example.com`) in the Matrix network. This is required for federation to work! Without a proper configuration, your server will effectively not be part of the Matrix network. @@ -93,7 +115,6 @@ ansible-playbook -i inventory/hosts setup.yml --tags=install-all,start After finilizing the installation, you can: - [check if services work](maintenance-checking-services.md) -- or [create your first Matrix user account](registering-users.md) - or [set up additional services](configuring-playbook.md#other-configuration-options) (bridges to other chat networks, bots, etc.) - or learn how to [upgrade services when new versions are released](maintenance-upgrading-services.md) - or learn how to [maintain your server](faq.md#maintenance) From 6e9c143d561e0f197cee6f8cae415b4eea3373b5 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Sun, 17 Nov 2024 20:21:24 +0900 Subject: [PATCH 382/404] Update docs/registering-users.md: add details about delegation The change is based on 7e45325338106a09efbdd8db8daba09932bb866e. Signed-off-by: Suguru Hirahara --- docs/registering-users.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/registering-users.md b/docs/registering-users.md index a7bf6a8ab..a43d26177 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -81,8 +81,9 @@ This `register-user` script actually invokes the `mas-cli manage register-user` ## Things to do after registering users -If you've just installed Matrix and created some users, **to finalize the installation process** it's best if you proceed with [Configuring service discovery via .well-known](configuring-well-known.md) +If you've just installed Matrix and created some users, you mostly need to **finalize the installation process** by [setting up Matrix delegation (redirection)](howto-server-delegation.md), so that your Matrix server (`matrix.example.com`) can present itself as the base domain (`example.com`) in the Matrix network. +This is required for federation to work! Without a proper configuration, your server will effectively not be part of the Matrix network. ## Managing users via a Web UI From 7fc8509f045e73901dff1079ae1d2169ea812d91 Mon Sep 17 00:00:00 2001 From: Aine Date: Sun, 17 Nov 2024 18:34:22 +0200 Subject: [PATCH 383/404] synapse - update retention purge jobs template --- .../custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 0e7d36b30..1313dba06 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -651,7 +651,7 @@ retention: # room's policy to these values is done after the policies are retrieved from # Synapse's database (which is done using the range specified in a purge job's # configuration). - {% if matrix_synapse_retention_purge_jobs is not none %} + {% if matrix_synapse_retention_purge_jobs | length > 0 %} purge_jobs: {% for job in matrix_synapse_retention_purge_jobs %} - {% if job.longest_max_lifetime is defined %}longest_max_lifetime: {{ job.longest_max_lifetime|to_json }}{% endif %} From 0df0f8578e451193a983308cae8f85d150d57a0c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 18 Nov 2024 12:21:14 +0900 Subject: [PATCH 384/404] Update docs/registering-users.md: remove a section for recommending delegation Signed-off-by: Suguru Hirahara --- docs/registering-users.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/docs/registering-users.md b/docs/registering-users.md index a43d26177..f57108a7e 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -79,12 +79,6 @@ This `register-user` script actually invokes the `mas-cli manage register-user` ⚠ **Warning**: Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information. -## Things to do after registering users - -If you've just installed Matrix and created some users, you mostly need to **finalize the installation process** by [setting up Matrix delegation (redirection)](howto-server-delegation.md), so that your Matrix server (`matrix.example.com`) can present itself as the base domain (`example.com`) in the Matrix network. - -This is required for federation to work! Without a proper configuration, your server will effectively not be part of the Matrix network. - ## Managing users via a Web UI To manage users more easily (via a web user-interace), you can install [Synapse Admin](configuring-playbook-synapse-admin.md). From 54af9606db240844fa6e6c923330f14ed457aecc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 18 Nov 2024 07:44:44 +0200 Subject: [PATCH 385/404] Fix incorrect variable name in docs/howto-srv-server-delegation.md (traefik_environment_variables -> traefik_environment_variables_additional_variables) Ref: https://github.com/mother-of-all-self-hosting/ansible-role-traefik/blob/a008706c32328ebb110701741ba9a4f179393169/defaults/main.yml#L109-L115 --- docs/howto-srv-server-delegation.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/howto-srv-server-delegation.md b/docs/howto-srv-server-delegation.md index 9de7b297e..d8adafcd9 100644 --- a/docs/howto-srv-server-delegation.md +++ b/docs/howto-srv-server-delegation.md @@ -73,7 +73,7 @@ traefik_configuration_extension_yaml: | storage: {{ traefik_config_certificatesResolvers_acme_storage | to_json }} # 2. Configure the environment variables needed by Rraefik to automate the ACME DNS Challenge (example for Cloudflare) -traefik_environment_variables: | +traefik_environment_variables_additional_variables: | CF_API_EMAIL=redacted CF_ZONE_API_TOKEN=redacted CF_DNS_API_TOKEN=redacted @@ -153,7 +153,7 @@ traefik_configuration_extension_yaml: | traefik_certResolver_primary: "dns" # Configure the environment variables needed by Traefik to automate the ACME DNS Challenge (example for Cloudflare) -traefik_environment_variables: | +traefik_environment_variables_additional_variables: | CF_API_EMAIL=redacted CF_ZONE_API_TOKEN=redacted CF_DNS_API_TOKEN=redacted From 01bed6d51279c4b1913b2c88d6e19e4f24f527a6 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 18 Nov 2024 03:13:42 +0900 Subject: [PATCH 386/404] Edit docs/prerequisites.md: add an item for a password generator Since it is required to create and input a strong password (random strings) on vars.yml, this commit adds a password generator as a required software to configure and run the playbook. Password Tech, reportedly formerly known as "PWGen for Windows", is linked from https://github.com/jbernard/pwgen Signed-off-by: Suguru Hirahara --- docs/prerequisites.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 7ce3714e5..9741ff578 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -30,6 +30,8 @@ To install Matrix services using this Ansible playbook, you need: - [`just`](https://github.com/casey/just) for running `just roles`, `just update`, etc. (see [`justfile`](../justfile)), although you can also run these commands manually +- Strong password (random strings) generator on your own computer. The playbook often requires you to create a strong password and use it for settings on `vars.yml`, components, etc. As any tools should be fine, this playbook has adopted [`pwgen`](https://linux.die.net/man/1/pwgen) (running `pwgen -s 64 1`). [Password Tech](https://pwgen-win.sourceforge.io/), formerly known as "PWGen for Windows", is available as free and open source password generator for Windows. Generally, using a random generator available on the internet is not recommended. + - An HTTPS-capable web server at the base domain name (`example.com`) which is capable of serving static files. Unless you decide to [Serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md) or alternatively, to use DNS SRV records for [Server Delegation](howto-server-delegation.md). - Properly configured DNS records for `example.com` (details in [Configuring DNS](configuring-dns.md)). From 39c21816ca472e7a17fef2f15c69f064bbee5079 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 18 Nov 2024 12:38:39 +0900 Subject: [PATCH 387/404] Edit docs/prerequisites.md: create categories for required software on the remote server and local computer Signed-off-by: Suguru Hirahara --- docs/prerequisites.md | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 9741ff578..2fea38d1f 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -4,6 +4,8 @@ To install Matrix services using this Ansible playbook, you need: +## Server + - (Recommended) An **x86** server ([What kind of server specs do I need?](faq.md#what-kind-of-server-specs-do-i-need)) running one of these operating systems that make use of [systemd](https://systemd.io/): - **Archlinux** - **CentOS**, **Rocky Linux**, **AlmaLinux**, or possibly other RHEL alternatives (although your mileage may vary) @@ -22,16 +24,6 @@ To install Matrix services using this Ansible playbook, you need: - [sudo](https://www.sudo.ws/) being installed on the server, even when you've configured Ansible to log in as `root`. Some distributions, like a minimal Debian net install, do not include the `sudo` package by default. -- The [Ansible](http://ansible.com/) program being installed on your own computer. It's used to run this playbook and configures your server for you. Take a look at [our guide about Ansible](ansible.md) for more information, as well as [version requirements](ansible.md#supported-ansible-versions) and alternative ways to run Ansible. - -- the [passlib](https://passlib.readthedocs.io/en/stable/index.html) Python library installed on the computer you run Ansible. On most distros, you need to install some `python-passlib` or `py3-passlib` package, etc. - -- [`git`](https://git-scm.com/) is the recommended way to download the playbook to your computer. `git` may also be required on the server if you will be [self-building](self-building.md) components. - -- [`just`](https://github.com/casey/just) for running `just roles`, `just update`, etc. (see [`justfile`](../justfile)), although you can also run these commands manually - -- Strong password (random strings) generator on your own computer. The playbook often requires you to create a strong password and use it for settings on `vars.yml`, components, etc. As any tools should be fine, this playbook has adopted [`pwgen`](https://linux.die.net/man/1/pwgen) (running `pwgen -s 64 1`). [Password Tech](https://pwgen-win.sourceforge.io/), formerly known as "PWGen for Windows", is available as free and open source password generator for Windows. Generally, using a random generator available on the internet is not recommended. - - An HTTPS-capable web server at the base domain name (`example.com`) which is capable of serving static files. Unless you decide to [Serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md) or alternatively, to use DNS SRV records for [Server Delegation](howto-server-delegation.md). - Properly configured DNS records for `example.com` (details in [Configuring DNS](configuring-dns.md)). @@ -48,6 +40,18 @@ To install Matrix services using this Ansible playbook, you need: - the range `49152-49172/udp`: TURN over UDP - potentially some other ports, depending on the additional (non-default) services that you enable in the **configuring the playbook** step (later on). Consult each service's documentation page in `docs/` for that. +## Your local computer + +- The [Ansible](http://ansible.com/) program being installed on your own computer. It's used to run this playbook and configures your server for you. Take a look at [our guide about Ansible](ansible.md) for more information, as well as [version requirements](ansible.md#supported-ansible-versions) and alternative ways to run Ansible. + +- the [passlib](https://passlib.readthedocs.io/en/stable/index.html) Python library installed on the computer you run Ansible. On most distros, you need to install some `python-passlib` or `py3-passlib` package, etc. + +- [`git`](https://git-scm.com/) is the recommended way to download the playbook to your computer. `git` may also be required on the server if you will be [self-building](self-building.md) components. + +- [`just`](https://github.com/casey/just) for running `just roles`, `just update`, etc. (see [`justfile`](../justfile)), although you can also run these commands manually + +- Strong password (random strings) generator on your own computer. The playbook often requires you to create a strong password and use it for settings on `vars.yml`, components, etc. As any tools should be fine, this playbook has adopted [`pwgen`](https://linux.die.net/man/1/pwgen) (running `pwgen -s 64 1`). [Password Tech](https://pwgen-win.sourceforge.io/), formerly known as "PWGen for Windows", is available as free and open source password generator for Windows. Generally, using a random generator available on the internet is not recommended. + --------------------------------------------- [▶️](configuring-dns.md) When ready to proceed, continue with [Configuring DNS](configuring-dns.md). From c7148d8b0566c720cc06a9699291edfd3aaa989b Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 18 Nov 2024 12:44:06 +0900 Subject: [PATCH 388/404] Edit docs/prerequisites.md: remove instructions to install whether on the remove server or on your local computer Signed-off-by: Suguru Hirahara --- docs/prerequisites.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 2fea38d1f..e4f10b83c 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -20,9 +20,9 @@ To install Matrix services using this Ansible playbook, you need: - `root` access to your server (or a user capable of elevating to `root` via `sudo`). -- [Python](https://www.python.org/) being installed on the server. Most distributions install Python by default, but some don't (e.g. Ubuntu 18.04) and require manual installation (something like `apt-get install python3`). On some distros, Ansible may incorrectly [detect the Python version](https://docs.ansible.com/ansible/latest/reference_appendices/interpreter_discovery.html) (2 vs 3) and you may need to explicitly specify the interpreter path in `inventory/hosts` during installation (e.g. `ansible_python_interpreter=/usr/bin/python3`) +- [Python](https://www.python.org/). Most distributions install Python by default, but some don't (e.g. Ubuntu 18.04) and require manual installation (something like `apt-get install python3`). On some distros, Ansible may incorrectly [detect the Python version](https://docs.ansible.com/ansible/latest/reference_appendices/interpreter_discovery.html) (2 vs 3) and you may need to explicitly specify the interpreter path in `inventory/hosts` during installation (e.g. `ansible_python_interpreter=/usr/bin/python3`) -- [sudo](https://www.sudo.ws/) being installed on the server, even when you've configured Ansible to log in as `root`. Some distributions, like a minimal Debian net install, do not include the `sudo` package by default. +- [sudo](https://www.sudo.ws/), even when you've configured Ansible to log in as `root`. Some distributions, like a minimal Debian net install, do not include the `sudo` package by default. - An HTTPS-capable web server at the base domain name (`example.com`) which is capable of serving static files. Unless you decide to [Serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md) or alternatively, to use DNS SRV records for [Server Delegation](howto-server-delegation.md). @@ -42,15 +42,15 @@ To install Matrix services using this Ansible playbook, you need: ## Your local computer -- The [Ansible](http://ansible.com/) program being installed on your own computer. It's used to run this playbook and configures your server for you. Take a look at [our guide about Ansible](ansible.md) for more information, as well as [version requirements](ansible.md#supported-ansible-versions) and alternative ways to run Ansible. +- The [Ansible](http://ansible.com/) program. It's used to run this playbook and configures your server for you. Take a look at [our guide about Ansible](ansible.md) for more information, as well as [version requirements](ansible.md#supported-ansible-versions) and alternative ways to run Ansible. -- the [passlib](https://passlib.readthedocs.io/en/stable/index.html) Python library installed on the computer you run Ansible. On most distros, you need to install some `python-passlib` or `py3-passlib` package, etc. +- the [passlib](https://passlib.readthedocs.io/en/stable/index.html) Python library. On most distros, you need to install some `python-passlib` or `py3-passlib` package, etc. -- [`git`](https://git-scm.com/) is the recommended way to download the playbook to your computer. `git` may also be required on the server if you will be [self-building](self-building.md) components. +- [`git`](https://git-scm.com/) is the recommended way to download the playbook. `git` may also be required on the server if you will be [self-building](self-building.md) components. - [`just`](https://github.com/casey/just) for running `just roles`, `just update`, etc. (see [`justfile`](../justfile)), although you can also run these commands manually -- Strong password (random strings) generator on your own computer. The playbook often requires you to create a strong password and use it for settings on `vars.yml`, components, etc. As any tools should be fine, this playbook has adopted [`pwgen`](https://linux.die.net/man/1/pwgen) (running `pwgen -s 64 1`). [Password Tech](https://pwgen-win.sourceforge.io/), formerly known as "PWGen for Windows", is available as free and open source password generator for Windows. Generally, using a random generator available on the internet is not recommended. +- Strong password (random strings) generator. The playbook often requires you to create a strong password and use it for settings on `vars.yml`, components, etc. As any tools should be fine, this playbook has adopted [`pwgen`](https://linux.die.net/man/1/pwgen) (running `pwgen -s 64 1`). [Password Tech](https://pwgen-win.sourceforge.io/), formerly known as "PWGen for Windows", is available as free and open source password generator for Windows. Generally, using a random generator available on the internet is not recommended. --------------------------------------------- From 43d1760077f17038d14ec8390f698b6b77e442be Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 18 Nov 2024 12:48:56 +0900 Subject: [PATCH 389/404] Edit docs/prerequisites.md: move the section for the local computer up This change should make it easier to notice Ansible version requirement Signed-off-by: Suguru Hirahara --- docs/prerequisites.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index e4f10b83c..bac852efe 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -4,6 +4,18 @@ To install Matrix services using this Ansible playbook, you need: +## Your local computer + +- The [Ansible](http://ansible.com/) program. It's used to run this playbook and configures your server for you. Take a look at [our guide about Ansible](ansible.md) for more information, as well as [version requirements](ansible.md#supported-ansible-versions) and alternative ways to run Ansible. + +- the [passlib](https://passlib.readthedocs.io/en/stable/index.html) Python library. On most distros, you need to install some `python-passlib` or `py3-passlib` package, etc. + +- [`git`](https://git-scm.com/) is the recommended way to download the playbook. `git` may also be required on the server if you will be [self-building](self-building.md) components. + +- [`just`](https://github.com/casey/just) for running `just roles`, `just update`, etc. (see [`justfile`](../justfile)), although you can also run these commands manually + +- Strong password (random strings) generator. The playbook often requires you to create a strong password and use it for settings on `vars.yml`, components, etc. As any tools should be fine, this playbook has adopted [`pwgen`](https://linux.die.net/man/1/pwgen) (running `pwgen -s 64 1`). [Password Tech](https://pwgen-win.sourceforge.io/), formerly known as "PWGen for Windows", is available as free and open source password generator for Windows. Generally, using a random generator available on the internet is not recommended. + ## Server - (Recommended) An **x86** server ([What kind of server specs do I need?](faq.md#what-kind-of-server-specs-do-i-need)) running one of these operating systems that make use of [systemd](https://systemd.io/): @@ -40,18 +52,6 @@ To install Matrix services using this Ansible playbook, you need: - the range `49152-49172/udp`: TURN over UDP - potentially some other ports, depending on the additional (non-default) services that you enable in the **configuring the playbook** step (later on). Consult each service's documentation page in `docs/` for that. -## Your local computer - -- The [Ansible](http://ansible.com/) program. It's used to run this playbook and configures your server for you. Take a look at [our guide about Ansible](ansible.md) for more information, as well as [version requirements](ansible.md#supported-ansible-versions) and alternative ways to run Ansible. - -- the [passlib](https://passlib.readthedocs.io/en/stable/index.html) Python library. On most distros, you need to install some `python-passlib` or `py3-passlib` package, etc. - -- [`git`](https://git-scm.com/) is the recommended way to download the playbook. `git` may also be required on the server if you will be [self-building](self-building.md) components. - -- [`just`](https://github.com/casey/just) for running `just roles`, `just update`, etc. (see [`justfile`](../justfile)), although you can also run these commands manually - -- Strong password (random strings) generator. The playbook often requires you to create a strong password and use it for settings on `vars.yml`, components, etc. As any tools should be fine, this playbook has adopted [`pwgen`](https://linux.die.net/man/1/pwgen) (running `pwgen -s 64 1`). [Password Tech](https://pwgen-win.sourceforge.io/), formerly known as "PWGen for Windows", is available as free and open source password generator for Windows. Generally, using a random generator available on the internet is not recommended. - --------------------------------------------- [▶️](configuring-dns.md) When ready to proceed, continue with [Configuring DNS](configuring-dns.md). From 12b67f7925ccfd8b4fff1e8ee560dbf0d5c696df Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 18 Nov 2024 12:50:20 +0900 Subject: [PATCH 390/404] Edit docs/prerequisites.md: entries for local computer Signed-off-by: Suguru Hirahara --- docs/prerequisites.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index bac852efe..a6bce0891 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -6,11 +6,11 @@ To install Matrix services using this Ansible playbook, you need: ## Your local computer -- The [Ansible](http://ansible.com/) program. It's used to run this playbook and configures your server for you. Take a look at [our guide about Ansible](ansible.md) for more information, as well as [version requirements](ansible.md#supported-ansible-versions) and alternative ways to run Ansible. +- [Ansible](http://ansible.com/) program. It's used to run this playbook and configures your server for you. Take a look at [our guide about Ansible](ansible.md) for more information, as well as [version requirements](ansible.md#supported-ansible-versions) and alternative ways to run Ansible. -- the [passlib](https://passlib.readthedocs.io/en/stable/index.html) Python library. On most distros, you need to install some `python-passlib` or `py3-passlib` package, etc. +- [passlib](https://passlib.readthedocs.io/en/stable/index.html) Python library. On most distros, you need to install some `python-passlib` or `py3-passlib` package, etc. -- [`git`](https://git-scm.com/) is the recommended way to download the playbook. `git` may also be required on the server if you will be [self-building](self-building.md) components. +- [`git`](https://git-scm.com/) as the recommended way to download the playbook. `git` may also be required on the server if you will be [self-building](self-building.md) components. - [`just`](https://github.com/casey/just) for running `just roles`, `just update`, etc. (see [`justfile`](../justfile)), although you can also run these commands manually From e38f433177e72ee63502332b891f6f5fa5316d24 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 18 Nov 2024 13:08:17 +0900 Subject: [PATCH 391/404] Edit docs/prerequisites.md: add an introductory paragraph Signed-off-by: Suguru Hirahara --- docs/prerequisites.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index a6bce0891..0045104ef 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -2,7 +2,7 @@ ⚡️[Quick start](README.md) | Prerequisites > [Configuring your DNS settings](configuring-dns.md) > [Getting the playbook](getting-the-playbook.md) > [Configuring the playbook](configuring-playbook.md) > [Installing](installing.md) -To install Matrix services using this Ansible playbook, you need: +To install Matrix services using this Ansible playbook, you need to prepare several requirements both on your local computer (where you will run the playbook to configure the server) and the server (where the playbook will install the Matrix services for you). **These requirements need to be set up manually** before proceeding to the next step. ## Your local computer From b1dec4a123db9c783fbcbd2315245c08e817fd07 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 18 Nov 2024 15:46:26 +0900 Subject: [PATCH 392/404] Edit docs/prerequisites.md: add an anchor link to the official documentation of passlib Signed-off-by: Suguru Hirahara --- docs/prerequisites.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 0045104ef..744227823 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -8,7 +8,7 @@ To install Matrix services using this Ansible playbook, you need to prepare seve - [Ansible](http://ansible.com/) program. It's used to run this playbook and configures your server for you. Take a look at [our guide about Ansible](ansible.md) for more information, as well as [version requirements](ansible.md#supported-ansible-versions) and alternative ways to run Ansible. -- [passlib](https://passlib.readthedocs.io/en/stable/index.html) Python library. On most distros, you need to install some `python-passlib` or `py3-passlib` package, etc. +- [passlib](https://passlib.readthedocs.io/en/stable/index.html) Python library. See [this official documentation](https://passlib.readthedocs.io/en/stable/install.html#installation-instructions) for an instruction to install it. On most distros, you need to install some `python-passlib` or `py3-passlib` package, etc. - [`git`](https://git-scm.com/) as the recommended way to download the playbook. `git` may also be required on the server if you will be [self-building](self-building.md) components. From 769a31d3ca11beee1efd01e3d0ab1efba02f36a9 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 18 Nov 2024 10:00:12 +0200 Subject: [PATCH 393/404] adjust synapse purge jobs template --- .../matrix-synapse/templates/synapse/homeserver.yaml.j2 | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 1313dba06..a5d578bc2 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -651,14 +651,7 @@ retention: # room's policy to these values is done after the policies are retrieved from # Synapse's database (which is done using the range specified in a purge job's # configuration). - {% if matrix_synapse_retention_purge_jobs | length > 0 %} - purge_jobs: - {% for job in matrix_synapse_retention_purge_jobs %} - - {% if job.longest_max_lifetime is defined %}longest_max_lifetime: {{ job.longest_max_lifetime|to_json }}{% endif %} - {% if job.shortest_max_lifetime is defined %}shortest_max_lifetime: {{ job.shortest_max_lifetime|to_json }}{% endif %} - {% if job.interval is defined %}interval: {{ job.interval|to_json }}{% endif %} - {% endfor %} - {% endif %} + purge_jobs: {{ matrix_synapse_retention_purge_jobs | to_json }} {% endif %} From 2008b8595b57f97ed51858592b4240dc4fce4d1e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 19 Nov 2024 17:41:04 +0000 Subject: [PATCH 394/404] Update vectorim/element-web Docker tag to v1.11.86 --- roles/custom/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index d8b33102f..4cea592b2 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -11,7 +11,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" # renovate: datasource=docker depName=vectorim/element-web -matrix_client_element_version: v1.11.85 +matrix_client_element_version: v1.11.86 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" From bccdcbe19b2b7160f6d402e36253613ed7cf6f13 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 19 Nov 2024 22:47:14 +0200 Subject: [PATCH 395/404] Upgrade baibot (v1.3.2 -> v1.4.0) --- roles/custom/matrix-bot-baibot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bot-baibot/defaults/main.yml b/roles/custom/matrix-bot-baibot/defaults/main.yml index 2847eb298..792e98abb 100644 --- a/roles/custom/matrix-bot-baibot/defaults/main.yml +++ b/roles/custom/matrix-bot-baibot/defaults/main.yml @@ -11,7 +11,7 @@ matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_versio matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src" # renovate: datasource=docker depName=ghcr.io/etkecc/baibot -matrix_bot_baibot_version: v1.3.2 +matrix_bot_baibot_version: v1.4.0 matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_name_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}" matrix_bot_baibot_container_image_name_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else 'ghcr.io/' }}" matrix_bot_baibot_container_image_force_pull: "{{ matrix_bot_baibot_container_image.endswith(':latest') }}" From b363c17cd917331f13a56cbddd82b4ba11ccb783 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 19 Nov 2024 23:31:39 +0200 Subject: [PATCH 396/404] updated backup_borg (v1.4.0-1.9.1-0 -> v1.4.0-1.9.2-0); updated grafana (v11.3.0-0 -> v11.3.1-0); --- requirements.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.yml b/requirements.yml index 1daef159e..3328d03d4 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,7 +4,7 @@ version: v1.0.0-5 name: auxiliary - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git - version: v1.4.0-1.9.1-0 + version: v1.4.0-1.9.2-0 name: backup_borg - src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git version: v0.2.0-0 @@ -22,7 +22,7 @@ version: v4.98-r0-1-1 name: exim_relay - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-grafana.git - version: v11.3.0-0 + version: v11.3.1-0 name: grafana - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git version: v9823-1 From ef8581e323f0608921f888bbc4890b98f0cae1dd Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Nov 2024 09:24:43 +0200 Subject: [PATCH 397/404] Upgrade Postgres (v17.0-1 -> v17.0-2) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 3328d03d4..237b70af7 100644 --- a/requirements.yml +++ b/requirements.yml @@ -43,7 +43,7 @@ version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16 name: playbook_state_preserver - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres.git - version: v17.0-1 + version: v17.0-2 name: postgres - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres-backup.git version: v16-0 From 5645ec0eda2a6d535396558ed5958faaec2aa949 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 20 Nov 2024 07:25:22 +0000 Subject: [PATCH 398/404] Update docker.io/metio/matrix-alertmanager-receiver Docker tag to v2024.11.20 --- roles/custom/matrix-alertmanager-receiver/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml index 2e24f2b7b..c2967cce5 100644 --- a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml +++ b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml @@ -6,7 +6,7 @@ matrix_alertmanager_receiver_enabled: true # renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver -matrix_alertmanager_receiver_version: 2024.10.30 +matrix_alertmanager_receiver_version: 2024.11.20 matrix_alertmanager_receiver_scheme: https From caef30064a58d0715518f2df27efd5ca061cac0b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 20 Nov 2024 17:42:42 +0000 Subject: [PATCH 399/404] Update dependency docker to v7.4.2 --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 237b70af7..114eca818 100644 --- a/requirements.yml +++ b/requirements.yml @@ -10,7 +10,7 @@ version: v0.2.0-0 name: container_socket_proxy - src: git+https://github.com/geerlingguy/ansible-role-docker - version: 7.4.1 + version: 7.4.2 name: docker - src: git+https://github.com/devture/com.devture.ansible.role.docker_sdk_for_python.git version: 129c8590e106b83e6f4c259649a613c6279e937a From 9b72852afe91ee4cde43c42e4145b0c8c78d580a Mon Sep 17 00:00:00 2001 From: Aine Date: Wed, 20 Nov 2024 23:10:08 +0200 Subject: [PATCH 400/404] updated backup_borg (v1.4.0-1.9.2-0 -> v1.4.0-1.9.2-1); --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 114eca818..8247a4f95 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,7 +4,7 @@ version: v1.0.0-5 name: auxiliary - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git - version: v1.4.0-1.9.2-0 + version: v1.4.0-1.9.2-1 name: backup_borg - src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git version: v0.2.0-0 From ccd6c003abc1acdde2f97251424cd7b321b3327e Mon Sep 17 00:00:00 2001 From: Aine <97398200+aine-etke@users.noreply.github.com> Date: Thu, 21 Nov 2024 08:13:07 +0200 Subject: [PATCH 401/404] Synapse Admin v0.10.3-etke31 https://github.com/etkecc/synapse-admin/releases/tag/v0.10.3-etke31 --- roles/custom/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index a52f9b0f8..4dc80e510 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git" # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin -matrix_synapse_admin_version: v0.10.3-etke30 +matrix_synapse_admin_version: v0.10.3-etke31 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From e2d31ec9c3dabff2bcf1a0bce27a834b87075638 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Thu, 21 Nov 2024 18:14:00 +0900 Subject: [PATCH 402/404] Update docs/configuring-playbook-ma1sd.md (#3795) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Update docs/configuring-playbook-ma1sd.md: edit top paragraphs Signed-off-by: Suguru Hirahara * Update docs/configuring-playbook-ma1sd.md: use common expressions for instruction to add configuration Signed-off-by: Suguru Hirahara * Update docs/configuring-playbook-ma1sd.md: move instructions up Signed-off-by: Suguru Hirahara * Update docs/configuring-playbook-ma1sd.md: move the instruction for additional features up Move instructions for features which use the "matrix_ma1sd_configuration_extension_yaml" variable under "Additional features". Also: adjust headers' level Signed-off-by: Suguru Hirahara * Update docs/configuring-playbook-ma1sd.md Co-authored-by: Slavi Pantaleev * Update configuring-playbook-ma1sd.md: adjust to follow other examples such as on configuring-playbook-bridge-appservice-webhooks.md This commit: - Move the note about installing to the top - Add warning emoji (⚠️: U+26A0 FE0F) - Use a common expression to discourage installing Signed-off-by: Suguru Hirahara * Update docs/configuring-playbook-ma1sd.md: move instruction to configure DNS settings up Signed-off-by: Suguru Hirahara * Fix typo and add an extra newline --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara Co-authored-by: Slavi Pantaleev --- docs/configuring-playbook-ma1sd.md | 76 ++++++++++++++++-------------- 1 file changed, 40 insertions(+), 36 deletions(-) diff --git a/docs/configuring-playbook-ma1sd.md b/docs/configuring-playbook-ma1sd.md index d834e6e32..adebb4abd 100644 --- a/docs/configuring-playbook-ma1sd.md +++ b/docs/configuring-playbook-ma1sd.md @@ -1,15 +1,26 @@ # Setting up ma1sd Identity Server (optional) -The playbook can configure the [ma1sd](https://github.com/ma1uta/ma1sd) Identity Server for you. +**⚠️Note**: ma1sd itself has also been unmaintained for years (the latest commit and release being from 2021). The role of identity servers in the Matrix specification also has an uncertain future. **We recommend not bothering with installing it unless it's the only way you can do what you need to do**. For example, certain things like LDAP integration can also be implemented via [the LDAP provider module for Synapse](./configuring-playbook-ldap-auth.md). -ma1sd, being an Identity Server, is not strictly needed. It is only used for 3PIDs (3rd party identifiers like E-mail and phone numbers) and some [enhanced features](https://github.com/ma1uta/ma1sd/#features). +The playbook can configure the [ma1sd](https://github.com/ma1uta/ma1sd) Identity Server for you. It is a fork of [mxisd](https://github.com/kamax-io/mxisd) which was pronounced end of life 2019-06-21. -This server is private by default, potentially at the expense of user discoverability. +ma1sd is used for 3PIDs (3rd party identifiers like E-mail and phone numbers) and some [enhanced features](https://github.com/ma1uta/ma1sd/#features). It is private by default, potentially at the expense of user discoverability. -*ma1sd is a fork of [mxisd](https://github.com/kamax-io/mxisd) which was pronounced end of life 2019-06-21.* +See the project's [documentation](https://github.com/ma1uta/ma1sd) to learn what it does and why it might be useful to you. **Note**: enabling ma1sd, means that the `openid` API endpoints will be exposed on the Matrix Federation port (usually `8448`), even if [federation](configuring-playbook-federation.md) is disabled. It's something to be aware of, especially in terms of firewall whitelisting (make sure port `8448` is accessible). +## Adjusting DNS records + +To make the ma1sd Identity Server enable its federation features, set up a SRV record that looks like this: + +- Name: `_matrix-identity._tcp` (use this text as-is) +- Content: `10 0 443 matrix.example.com` (replace `example.com` with your own) + +See [ma1sd's documentation](https://github.com/ma1uta/ma1sd/wiki/mxisd-and-your-privacy#choices-are-never-easy) for information on the privacy implications of setting up this SRV record. + +**Note**: This `_matrix-identity._tcp` SRV record for the identity server is different from the `_matrix._tcp` that can be used for Synapse delegation. See [howto-server-delegation.md](howto-server-delegation.md) for more information about delegation. + ## Adjusting the playbook configuration To enable ma1sd, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: @@ -24,31 +35,28 @@ To ensure maximum discovery, you can make your identity server also forward look Enabling this is discouraged and you'd better [learn more](https://github.com/ma1uta/ma1sd/blob/master/docs/features/identity.md#lookups) before proceeding. -Enabling matrix.org forwarding can happen with the following configuration: +To enable matrix.org forwarding, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_ma1sd_matrixorg_forwarding_enabled: true ``` -### Customizing email templates +### Additional features + +What this playbook configures for your is some bare minimum Identity Server functionality, so that you won't need to rely on external 3rd party services. + +A few variables can be toggled in this playbook to alter the ma1sd configuration that gets generated. + +Still, ma1sd can do much more. You can refer to the [ma1sd website](https://github.com/ma1uta/ma1sd) for more details and configuration options. + +To use a more custom configuration, you can define a `matrix_ma1sd_configuration_extension_yaml` string variable and put your configuration in it. To learn more about how to do this, refer to the information about `matrix_ma1sd_configuration_extension_yaml` in the [default variables file](../roles/custom/matrix-ma1sd/defaults/main.yml) of the ma1sd component. + + +#### Customizing email templates If you'd like to change the default email templates used by ma1sd, take a look at the `matrix_ma1sd_threepid_medium_email_custom_` variables (in the `roles/custom/matrix-ma1sd/defaults/main.yml` file. -## Adjusting DNS records - -To make the ma1sd Identity Server enable its federation features, set up an SRV record that looks like this: -- Name: `_matrix-identity._tcp` (use this text as-is) -- Content: `10 0 443 matrix.example.com` (replace `example.com` with your own) - -See [ma1sd's documentation](https://github.com/ma1uta/ma1sd/wiki/mxisd-and-your-privacy#choices-are-never-easy) for information on the privacy implications of setting up this SRV record. - -**Note**: This `_matrix-identity._tcp` SRV record for the identity server is different from the `_matrix._tcp` that can be used for Synapse delegation. See [howto-server-delegation.md](howto-server-delegation.md) for more information about delegation. - -## Installing - -After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` - -## ma1sd-controlled Registration +#### ma1sd-controlled Registration To use the [Registration](https://github.com/ma1uta/ma1sd/blob/master/docs/features/registration.md) feature of ma1sd, you can make use of the following variables: @@ -65,9 +73,11 @@ To use the [Registration](https://github.com/ma1uta/ma1sd/blob/master/docs/featu **Note**: For this to work, either the homeserver needs to [federate](configuring-playbook-federation.md) or the `openid` APIs need to exposed on the federation port. When federation is disabled and ma1sd is enabled, we automatically expose the `openid` APIs (only!) on the federation port. Make sure the federation port (usually `https://matrix.example.com:8448`) is whitelisted in your firewall (even if you don't actually use/need federation). -## Authentication +#### Authentication -[Authentication](https://github.com/ma1uta/ma1sd/blob/master/docs/features/authentication.md) provides the possibility to use your own [Identity Stores](https://github.com/ma1uta/ma1sd/blob/master/docs/stores/README.md) (for example LDAP) to authenticate users on your Homeserver. The following configuration can be used to authenticate against an LDAP server: +[Authentication](https://github.com/ma1uta/ma1sd/blob/master/docs/features/authentication.md) provides the possibility to use your own [Identity Stores](https://github.com/ma1uta/ma1sd/blob/master/docs/stores/README.md) (for example LDAP) to authenticate users on your Homeserver. + +To enable authentication against an LDAP server, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_synapse_ext_password_provider_rest_auth_enabled: true @@ -87,17 +97,7 @@ matrix_ma1sd_configuration_extension_yaml: | bindPassword: TheUserPassword ``` -## Additional features - -What this playbook configures for your is some bare minimum Identity Server functionality, so that you won't need to rely on external 3rd party services. - -A few variables can be toggled in this playbook to alter the ma1sd configuration that gets generated. - -Still, ma1sd can do much more. You can refer to the [ma1sd website](https://github.com/ma1uta/ma1sd) for more details and configuration options. - -To use a more custom configuration, you can define a `matrix_ma1sd_configuration_extension_yaml` string variable and put your configuration in it. To learn more about how to do this, refer to the information about `matrix_ma1sd_configuration_extension_yaml` in the [default variables file](../roles/custom/matrix-ma1sd/defaults/main.yml) of the ma1sd component. - -## Example: SMS verification +#### Example: SMS verification If your use case requires mobile verification, it is quite simple to integrate ma1sd with [Twilio](https://www.twilio.com/), an online telephony services gateway. Their prices are reasonable for low-volume projects and integration can be done with the following configuration: @@ -113,7 +113,7 @@ matrix_ma1sd_configuration_extension_yaml: | number: '+' ``` -## Example: Open Registration for every Domain +#### Example: Open Registration for every Domain If you want to open registration for any domain, you have to setup the allowed domains with ma1sd's `blacklist` and `whitelist`. The default behavior when neither the `blacklist`, nor the `whitelist` match, is to allow registration. Beware: you can't block toplevel domains (aka `.xy`) because the internal architecture of ma1sd doesn't allow that. @@ -129,13 +129,17 @@ matrix_ma1sd_configuration_extension_yaml: | whitelist: ~ ``` +## Installing + +After configuring the playbook, run the [installation](installing.md) command: `just install-all` or `just setup-all` + ## Troubleshooting If email address validation emails sent by ma1sd are not reaching you, you should look into [Adjusting email-sending settings](configuring-playbook-email.md). If you'd like additional logging information, temporarily enable verbose logging for ma1sd. -Example configuration (`inventory/host_vars/matrix.example.com/vars.yml`): +To enable it, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: ```yaml matrix_ma1sd_verbose_logging: true From 67070f6951206dc0ace67c6f58f6d32edb94af4b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 21 Nov 2024 09:14:31 +0000 Subject: [PATCH 403/404] Update dependency traefik to v3.2.1-0 --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 8247a4f95..2d22bf610 100644 --- a/requirements.yml +++ b/requirements.yml @@ -70,7 +70,7 @@ version: v1.0.0-0 name: timesync - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git - version: v3.2.0-1 + version: v3.2.1-0 name: traefik - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git version: v2.8.3-5 From 0c9fc4358d539d41223bdbb64c8509df86e1c2eb Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 21 Nov 2024 12:22:57 +0200 Subject: [PATCH 404/404] Fix variable name typos (matrix_playbook_reverse_proxy_traefik_middleware_compession_* -> matrix_playbook_reverse_proxy_traefik_middleware_compression_*) Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3803 --- CHANGELOG.md | 4 ++-- docs/configuring-playbook-own-webserver.md | 4 ++-- group_vars/matrix_servers | 24 +++++++++---------- roles/custom/matrix-base/defaults/main.yml | 4 ++-- .../tasks/validate_config.yml | 4 ++++ 5 files changed, 22 insertions(+), 18 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 127d5b751..94ad55ef9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,8 +15,8 @@ This middleware's configuration can be configured via variables in the Traefik r If you're using your own Traefik reverse-proxy server ([Traefik managed by you](./docs/configuring-playbook-own-webserver.md#traefik-managed-by-you)) instead of the playbook's integrated Traefik service, you can benefit from the same by: - defining a [compress](https://doc.traefik.io/traefik/middlewares/http/compress/) middleware (via the [file](https://doc.traefik.io/traefik/providers/file/) or [Docker](https://doc.traefik.io/traefik/providers/docker/) providers) -- setting `matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled` to `true` -- specifying the middleware's name in `matrix_playbook_reverse_proxy_traefik_middleware_compession_name` (e.g. `matrix_playbook_reverse_proxy_traefik_middleware_compession_name: my-compression-middleware@file`) +- setting `matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled` to `true` +- specifying the middleware's name in `matrix_playbook_reverse_proxy_traefik_middleware_compression_name` (e.g. `matrix_playbook_reverse_proxy_traefik_middleware_compression_name: my-compression-middleware@file`) ## Timeout adjustments for Traefik-based setups diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 3a0d70c3c..c3aff0ac3 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -47,8 +47,8 @@ traefik_certs_dumper_ssl_dir_path: "/path/to/your/traefiks/acme.json/directory" # For this to work, you will need to define a compress middleware (https://doc.traefik.io/traefik/middlewares/http/compress/) for your Traefik instance # using a file (https://doc.traefik.io/traefik/providers/file/) or Docker (https://doc.traefik.io/traefik/providers/docker/) configuration provider. # -# matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled: true -# matrix_playbook_reverse_proxy_traefik_middleware_compession_name: my-compression-middleware@file +# matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled: true +# matrix_playbook_reverse_proxy_traefik_middleware_compression_name: my-compression-middleware@file ``` In this mode all roles will still have Traefik labels attached. You will, however, need to configure your Traefik instance and its entrypoints. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 480680729..e21fdc749 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -35,8 +35,8 @@ matrix_playbook_traefik_labels_enabled: "{{ matrix_playbook_reverse_proxy_type i matrix_playbook_reverse_proxy_container_network: "{{ traefik_container_network if traefik_enabled else 'traefik' }}" matrix_playbook_reverse_proxy_hostname: "{{ traefik_identifier if traefik_enabled else 'traefik' }}" -matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled: "{{ traefik_config_http_middlewares_compression_enabled if (traefik_enabled and traefik_config_http_middlewares_compression_enabled) else false }}" -matrix_playbook_reverse_proxy_traefik_middleware_compession_name: "{{ (traefik_config_http_middlewares_compression_middleware_name + '@file') if traefik_enabled else '' }}" +matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled: "{{ traefik_config_http_middlewares_compression_enabled if (traefik_enabled and traefik_config_http_middlewares_compression_enabled) else false }}" +matrix_playbook_reverse_proxy_traefik_middleware_compression_name: "{{ (traefik_config_http_middlewares_compression_middleware_name + '@file') if traefik_enabled else '' }}" # A separate Matrix Federation entrypoint is always enabled, unless the federation port matches one of the ports for existing (default) entrypoints matrix_playbook_public_matrix_federation_api_traefik_entrypoint_enabled: "{{ matrix_federation_public_port not in [traefik_config_entrypoint_web_port, traefik_config_entrypoint_web_secure_port] }}" @@ -4467,8 +4467,8 @@ matrix_client_element_container_labels_traefik_docker_network: "{{ matrix_playbo matrix_client_element_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}" matrix_client_element_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" -matrix_client_element_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled }}" -matrix_client_element_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_name if matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled else '' }}" +matrix_client_element_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled }}" +matrix_client_element_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compression_name if matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled else '' }}" matrix_client_element_default_hs_url: "{{ matrix_homeserver_url }}" matrix_client_element_default_is_url: "{{ matrix_identity_server_url }}" @@ -4519,8 +4519,8 @@ matrix_client_hydrogen_container_labels_traefik_docker_network: "{{ matrix_playb matrix_client_hydrogen_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}" matrix_client_hydrogen_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" -matrix_client_hydrogen_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled }}" -matrix_client_hydrogen_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_name if matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled else '' }}" +matrix_client_hydrogen_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled }}" +matrix_client_hydrogen_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compression_name if matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled else '' }}" matrix_client_hydrogen_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}" @@ -4555,8 +4555,8 @@ matrix_client_cinny_container_labels_traefik_docker_network: "{{ matrix_playbook matrix_client_cinny_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}" matrix_client_cinny_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" -matrix_client_cinny_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled }}" -matrix_client_cinny_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_name if matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled else '' }}" +matrix_client_cinny_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled }}" +matrix_client_cinny_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compression_name if matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled else '' }}" matrix_client_cinny_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}" @@ -4676,8 +4676,8 @@ matrix_synapse_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_prim matrix_synapse_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" matrix_synapse_container_labels_traefik_hostname: "{{ matrix_server_fqn_matrix }}" -matrix_synapse_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled }}" -matrix_synapse_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_name if matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled else '' }}" +matrix_synapse_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled }}" +matrix_synapse_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compression_name if matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled else '' }}" matrix_synapse_container_labels_matrix_labels_enabled: "{{ not matrix_synapse_workers_enabled }}" @@ -4869,8 +4869,8 @@ matrix_synapse_reverse_proxy_companion_container_labels_traefik_entrypoints: "{{ matrix_synapse_reverse_proxy_companion_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" matrix_synapse_reverse_proxy_companion_container_labels_traefik_hostname: "{{ matrix_server_fqn_matrix }}" -matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled }}" -matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compession_name if matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled else '' }}" +matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_enabled: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled }}" +matrix_synapse_reverse_proxy_companion_container_labels_traefik_compression_middleware_name: "{{ matrix_playbook_reverse_proxy_traefik_middleware_compression_name if matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled else '' }}" matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_client_api_enabled: "{{ matrix_synapse_container_labels_public_client_synapse_client_api_enabled }}" matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_admin_api_enabled: "{{ matrix_synapse_container_labels_public_client_synapse_admin_api_enabled }}" diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index e3152edb4..c3f2ffd07 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -240,11 +240,11 @@ matrix_playbook_reverse_proxy_container_network: 'traefik' matrix_playbook_reverse_proxy_hostname: 'matrix-traefik' # Specifies whether the Traefik reverse-proxy (if `matrix_playbook_reverse_proxy_type` indicates that Traefik is being used) defines a compression middleware. -matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled: false +matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled: false # Specifies the name of the compression middleware defined for the Traefik reverse-proxy (if `matrix_playbook_reverse_proxy_type` indicates that Traefik is being used). # It's better to use a fully-qualified middleware name (e.g. `compression@docker` or `compression@file`) here to prevent ambiguity. -matrix_playbook_reverse_proxy_traefik_middleware_compession_name: '' +matrix_playbook_reverse_proxy_traefik_middleware_compression_name: '' # Controls the additional network that reverse-proxyable services will be connected to. matrix_playbook_reverse_proxyable_services_additional_network: "{{ matrix_playbook_reverse_proxy_container_network }}" diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index e9606032f..b3b792a78 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -56,6 +56,7 @@ - {'old': 'matrix_prometheus_scraper_hookshot_targets', 'new': ''} - {'old': 'matrix_prometheus_scraper_nginxlog_enabled', 'new': 'matrix_prometheus_services_connect_scraper_nginxlog_enabled'} - {'old': 'matrix_prometheus_scraper_nginxlog_server_port', 'new': 'matrix_prometheus_services_connect_scraper_nginxlog_static_configs_target'} + - {'old': 'matrix_prosody_jitsi_max_participants', 'new': 'jitsi_prosody_max_participants'} - {'old': 'jitsi_require_well_known', 'new': 'jitsi_web_well_known_element_jitsi_enabled'} - {'old': 'jitsi_wellknown_element_jitsi_json', 'new': 'jitsi_web_well_known_element_jitsi_json'} @@ -63,6 +64,9 @@ - {'old': 'exim_relay_docker_image_name_prefix', 'new': 'exim_relay_container_image_name_prefix'} - {'old': 'exim_relay_docker_image_force_pull', 'new': 'exim_relay_container_image_force_pull'} + - {'old': 'matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled', 'new': 'matrix_playbook_reverse_proxy_traefik_middleware_compression_enabled'} + - {'old': 'matrix_playbook_reverse_proxy_traefik_middleware_compession_name', 'new': 'matrix_playbook_reverse_proxy_traefik_middleware_compression_name'} + - name: (Deprecation) Catch and report matrix_postgres variables ansible.builtin.fail: msg: |-