diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml
index 9d1f77a1..3f2a02a5 100644
--- a/roles/matrix-synapse/defaults/main.yml
+++ b/roles/matrix-synapse/defaults/main.yml
@@ -545,7 +545,7 @@ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists: []
 # Enable this to activate the E2EE disabling Synapse module.
 # See: https://github.com/digitalentity/matrix_encryption_disabler
 matrix_synapse_ext_encryption_disabler_enabled: false
-matrix_synapse_ext_encryption_disabler_download_url: "https://raw.githubusercontent.com/digitalentity/matrix_encryption_disabler/d1d2b22079ca511797f36edde5065b8fae5610e8/matrix_e2ee_filter.py"
+matrix_synapse_ext_encryption_disabler_download_url: "https://raw.githubusercontent.com/digitalentity/matrix_encryption_disabler/1182388f7019e8ec1e28f035070c7919d0e4cc24/matrix_e2ee_filter.py"
 # A list of server domain names for which to deny encryption if the event sender's domain matches the domain in the list.
 # By default, with the configuration below, we prevent all homeserver users from initiating encryption in ANY room.
 matrix_synapse_ext_encryption_disabler_deny_encryption_for_users_of: ["{{ matrix_domain }}"]
@@ -553,10 +553,17 @@ matrix_synapse_ext_encryption_disabler_deny_encryption_for_users_of: ["{{ matrix
 # By default, with the configuration below, we prevent locally-created encryption events by ANY user encrypt rooms on the homeserver.
 # Note: foreign users with enough room privileges will still be able to send an encryption event to your rooms and encrypt them.
 matrix_synapse_ext_encryption_disabler_deny_encryption_for_rooms_of: ["{{ matrix_domain }}"]
+# Specifies whether the power levels event (setting) provided during room creation should be patched.
+# This makes it impossible for anybody (locally or over federation) from enabling room encryption
+# for the lifetime of rooms created while this setting is enabled (irreversible).
+# Enabling this may have incompatiblity consequences with servers / clients.
+# Familiarize yourself with the caveats upstream: https://github.com/digitalentity/matrix_encryption_disabler
+matrix_synapse_ext_encryption_disabler_patch_power_levels: false
 matrix_synapse_ext_encryption_config: "{{ matrix_synapse_ext_encryption_config_yaml|from_yaml }}"
 matrix_synapse_ext_encryption_config_yaml: |
   deny_encryption_for_users_of: {{ matrix_synapse_ext_encryption_disabler_deny_encryption_for_users_of|to_json }}
   deny_encryption_for_rooms_of: {{ matrix_synapse_ext_encryption_disabler_deny_encryption_for_rooms_of|to_json }}
+  patch_power_levels: {{ matrix_synapse_ext_encryption_disabler_patch_power_levels|to_json }}
 
 
 matrix_s3_media_store_enabled: false