commit
d0d36eb59a
@ -0,0 +1,23 @@
|
||||
(Adapted from the [upstream project](https://github.com/matrix-org/synapse/blob/develop/docs/CAPTCHA_SETUP.md))
|
||||
|
||||
# Overview
|
||||
Captcha can be enabled for this home server. This file explains how to do that.
|
||||
The captcha mechanism used is Google's [ReCaptcha](https://www.google.com/recaptcha/). This requires API keys from Google.
|
||||
|
||||
## Getting keys
|
||||
|
||||
Requires a site/secret key pair from:
|
||||
|
||||
<http://www.google.com/recaptcha/admin>
|
||||
|
||||
Must be a reCAPTCHA **v2** key using the "I'm not a robot" Checkbox option
|
||||
|
||||
## Setting ReCaptcha Keys
|
||||
|
||||
Once registered as above, set the following values:
|
||||
|
||||
```yaml
|
||||
matrix_synapse_enable_registration_captcha: true
|
||||
matrix_synapse_recaptcha_public_key: 'YOUR_SITE_KEY'
|
||||
matrix_synapse_recaptcha_private_key: 'YOUR_SECRET_KEY'
|
||||
```
|
@ -0,0 +1,59 @@
|
||||
# Setting up matrix-reminder-bot (optional)
|
||||
|
||||
The playbook can install and configure [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) for you.
|
||||
|
||||
It's a bot you can use to **schedule one-off & recurring reminders and alarms**.
|
||||
|
||||
See the project's [documentation](https://github.com/anoadragon453/matrix-reminder-bot#usage) to learn what it does and why it might be useful to you.
|
||||
|
||||
|
||||
## Registering the bot user
|
||||
|
||||
By default, the playbook will set up the bot with a username like this: `@bot.matrix-reminder-bot:DOMAIN`.
|
||||
|
||||
(to use a different username, adjust the `matrix_bot_matrix_reminder_bot_matrix_user_id_localpart` variable).
|
||||
|
||||
You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md):
|
||||
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.matrix-reminder-bot password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user
|
||||
```
|
||||
|
||||
Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`.
|
||||
|
||||
|
||||
## Adjusting the playbook configuration
|
||||
|
||||
Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:
|
||||
|
||||
```yaml
|
||||
matrix_bot_matrix_reminder_bot_enabled: true
|
||||
|
||||
# Adjust this to whatever password you chose when registering the bot user
|
||||
matrix_bot_matrix_reminder_bot_matrix_user_password: PASSWORD_FOR_THE_BOT
|
||||
|
||||
# Adjust this to your timezone
|
||||
matrix_bot_matrix_reminder_bot_reminders_timezone: Europe/London
|
||||
```
|
||||
|
||||
|
||||
## Installing
|
||||
|
||||
After configuring the playbook, run the [installation](installing.md) command again:
|
||||
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
To use the bot, start a chat with `@bot.matrix-reminder-bot:DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain).
|
||||
|
||||
You can also add the bot to any existing Matrix room (`/invite @bot.matrix-reminder-bot:DOMAIN`).
|
||||
|
||||
Basic usage is like this: `!remindme in 2 minutes; This is a test`
|
||||
|
||||
Send `!help commands` to the room to see the bot's help menu for additional commands.
|
||||
|
||||
You can also refer to the upstream [Usage documentation](https://github.com/anoadragon453/matrix-reminder-bot#usage).
|
@ -0,0 +1,36 @@
|
||||
# Setting up MX Puppet Discord (optional)
|
||||
|
||||
**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridge supported by the playbook.
|
||||
|
||||
The playbook can install and configure
|
||||
[mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) for you.
|
||||
|
||||
See the project page to learn what it does and why it might be useful to you.
|
||||
|
||||
To enable the [Discord](https://discordapp.com/) bridge just use the following
|
||||
playbook configuration:
|
||||
|
||||
|
||||
```yaml
|
||||
matrix_mx_puppet_discord_enabled: true
|
||||
matrix_mx_puppet_discord_client_id: ""
|
||||
matrix_mx_puppet_discord_client_secret: ""
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
Once the bot is enabled you need to start a chat with `Discord Puppet Bridge` with
|
||||
the handle `@_discordpuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base
|
||||
domain, not the `matrix.` domain).
|
||||
|
||||
Three authentication methods are available, Legacy Token, OAuth and xoxc token.
|
||||
See mx-puppet-discord [documentation](https://github.com/matrix-discord/mx-puppet-discord)
|
||||
for more information about how to configure the bridge.
|
||||
|
||||
Once logged in, send `list` to the bot user to list the available rooms.
|
||||
|
||||
Clicking rooms in the list will result in you receiving an invitation to the
|
||||
bridged room.
|
||||
|
||||
Also send `help` to the bot to see the commands available.
|
@ -0,0 +1,36 @@
|
||||
# Setting up mx-puppet-instagram (optional)
|
||||
|
||||
The playbook can install and configure
|
||||
[mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) for you.
|
||||
|
||||
This allows you to bridge Instagram DirectMessages into Matrix.
|
||||
|
||||
To enable the [Instagram](https://www.instagram.com/) bridge just use the following
|
||||
playbook configuration:
|
||||
|
||||
|
||||
```yaml
|
||||
matrix_mx_puppet_instagram_enabled: true
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
Once the bot is enabled, you need to start a chat with `Instagram Puppet Bridge` with
|
||||
the handle `@_instagrampuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base
|
||||
domain, not the `matrix.` domain).
|
||||
|
||||
Send `link <username> <password>` to the bridge bot to link your instagram account.
|
||||
|
||||
The `list` commands shows which accounts are linked and which `puppetId` is associated.
|
||||
|
||||
For double-puppeting, you probably want to issue these commands:
|
||||
|
||||
- `settype $puppetId puppet` to enable puppeting for the link (instead of relaying)
|
||||
- `setautoinvite $puppetId 1` to automatically invite you to chats
|
||||
- `setmatrixtoken $accessToken` to set the access token to enable puppeting from the other side (the "double" in double puppeting)
|
||||
|
||||
If you are linking only one Instagram account, your `$puppetId` is probably 1, but use the `list` command find out.
|
||||
|
||||
The `help` command shows which commands are available, though at the time of writing, not every command is fully implemented.
|
||||
|
@ -0,0 +1,34 @@
|
||||
# Setting up MX Puppet Steam (optional)
|
||||
|
||||
The playbook can install and configure
|
||||
[mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) for you.
|
||||
|
||||
See the project page to learn what it does and why it might be useful to you.
|
||||
|
||||
To enable the [Steam](https://steampowered.com/) bridge just use the following
|
||||
playbook configuration:
|
||||
|
||||
|
||||
```yaml
|
||||
matrix_mx_puppet_steam_enabled: true
|
||||
matrix_mx_puppet_steam_client_id: ""
|
||||
matrix_mx_puppet_steam_client_secret: ""
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
Once the bot is enabled you need to start a chat with `Steam Puppet Bridge` with
|
||||
the handle `@_steampuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base
|
||||
domain, not the `matrix.` domain).
|
||||
|
||||
Three authentication methods are available, Legacy Token, OAuth and xoxc token.
|
||||
See mx-puppet-steam [documentation](https://github.com/icewind1991/mx-puppet-steam)
|
||||
for more information about how to configure the bridge.
|
||||
|
||||
Once logged in, send `list` to the bot user to list the available rooms.
|
||||
|
||||
Clicking rooms in the list will result in you receiving an invitation to the
|
||||
bridged room.
|
||||
|
||||
Also send `help` to the bot to see the commands available.
|
@ -0,0 +1,34 @@
|
||||
# Setting up MX Puppet Twitter (optional)
|
||||
|
||||
The playbook can install and configure
|
||||
[mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) for you.
|
||||
|
||||
See the project page to learn what it does and why it might be useful to you.
|
||||
|
||||
To enable the [Twitter](https://twitter.com) bridge, make an app on [developer.twitter.com](https://developer.twitter.com/en/apps)
|
||||
and fill out the following playbook configuration.
|
||||
|
||||
```yaml
|
||||
matrix_mx_puppet_twitter_enabled: true
|
||||
matrix_mx_puppet_twitter_consumer_key: ''
|
||||
matrix_mx_puppet_twitter_consumer_secret: ''
|
||||
matrix_mx_puppet_twitter_access_token: ''
|
||||
matrix_mx_puppet_twitter_access_token_secret: ''
|
||||
matrix_mx_puppet_twitter_environment: ''
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
Once the bot is enabled you need to start a chat with `Twitter Puppet Bridge` with
|
||||
the handle `@_twitterpuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base
|
||||
domain, not the `matrix.` domain).
|
||||
|
||||
To log in, use `link` and click the link.
|
||||
|
||||
Once logged in, send `list` to the bot user to list the available rooms.
|
||||
|
||||
Clicking rooms in the list will result in you receiving an invitation to the
|
||||
bridged room.
|
||||
|
||||
Also send `help` to the bot to see the commands available.
|
@ -0,0 +1,41 @@
|
||||
# Configuring Element (optional)
|
||||
|
||||
By default, this playbook installs the [Element](https://github.com/vector-im/riot-web) Matrix client web application.
|
||||
If that's okay, you can skip this document.
|
||||
|
||||
|
||||
## Disabling Element
|
||||
|
||||
If you'd like for the playbook to not install (or to uninstall the previously installed Element), you can disable it in your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`):
|
||||
|
||||
```yaml
|
||||
matrix_client_element_enabled: false
|
||||
```
|
||||
|
||||
|
||||
## Configuring Element settings
|
||||
|
||||
The playbook provides some customization variables you could use to change Element's settings.
|
||||
|
||||
Their defaults are defined in [`roles/matrix-client-element/defaults/main.yml`](../roles/matrix-client-element/defaults/main.yml) and they ultimately end up in the generated `/matrix/element/config.json` file (on the server). This file is generated from the [`roles/matrix-client-element/templates/config.json.j2`](../roles/matrix-client-element/templates/config.json.j2) template.
|
||||
|
||||
**If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`) and [re-run the playbook](installing.md) to apply the changes.
|
||||
|
||||
Alternatively, **if there is no pre-defined variable** for an Element setting you wish to change:
|
||||
|
||||
- you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of Element's various settings that rarely get used.
|
||||
|
||||
- or, you can **extend and override the default configuration** ([`config.json.j2`](../roles/matrix-client-element/templates/config.json.j2)) by making use of the `matrix_client_element_configuration_extension_json_` variable. You can find information about this in [`roles/matrix-client-element/defaults/main.yml`](../roles/matrix-client-element/defaults/main.yml).
|
||||
|
||||
- or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_client_element_configuration_default` (or `matrix_client_element_configuration`). You can find information about this in [`roles/matrix-client-element/defaults/main.yml`](../roles/matrix-client-element/defaults/main.yml).
|
||||
|
||||
|
||||
## Themes
|
||||
|
||||
To change the look of Element, you can define your own themes manually by using the `matrix_client_element__settingDefaults_custom_themes` setting.
|
||||
|
||||
Or better yet, you can automatically pull it all themes provided by the [aaronraimist/element-themes](https://github.com/aaronraimist/element-themes) project by simply flipping a flag (`matrix_client_element_themes_enabled: true`).
|
||||
|
||||
If you make your own theme, we encourage you to submit it to the **aaronraimist/element-themes** project, so that the whole community could easily enjoy it.
|
||||
|
||||
Note that for a custom theme to work well, all Element instances that you use must have the same theme installed.
|
@ -1,40 +1,39 @@
|
||||
# Configuring Riot-web (optional)
|
||||
|
||||
By default, this playbook installs the [Riot-web](https://github.com/vector-im/riot-web) Matrix client web application.
|
||||
If that's okay, you can skip this document.
|
||||
By default, this playbook **used to install** the [Riot-web](https://github.com/vector-im/riot-web) Matrix client web application.
|
||||
|
||||
Riot has since been [renamed to Element](https://element.io/blog/welcome-to-element/).
|
||||
|
||||
## Disabling riot-web
|
||||
- to learn more about Element and its configuration, see our dedicated [Configuring Element](configuring-playbook-client-element.md) documentation page
|
||||
- to learn how to migrate from Riot to Element, see [Migrating to Element](#migrating-to-element) below
|
||||
|
||||
If you'd like for the playbook to not install (or to uninstall the previously installed riot-web), you can disable it in your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`):
|
||||
|
||||
```yaml
|
||||
matrix_riot_web_enabled: false
|
||||
```
|
||||
## Migrating to Element
|
||||
|
||||
## Configuring riot-web settings
|
||||
### Migrating your custom settings
|
||||
|
||||
The playbook provides some customization variables you could use to change riot-web's settings.
|
||||
If you have custom `matrix_riot_web_` variables in your `inventory/host_vars/matrix.DOMAIN/vars.yml` file, you'll need to rename them (`matrix_riot_web_` -> `matrix_client_element_`).
|
||||
|
||||
Their defaults are defined in [`roles/matrix-riot-web/defaults/main.yml`](../roles/matrix-riot-web/defaults/main.yml) and they ultimately end up in the generated `/matrix/riot-web/config.json` file (on the server). This file is generated from the [`roles/matrix-riot-web/templates/config.json.j2`](../roles/matrix-riot-web/templates/config.json.j2) template.
|
||||
Some other playbook variables (but not all) with `riot` in their name are also renamed. The playbook checks and warns if you are using the old name for some commonly used ones.
|
||||
|
||||
**If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`) and [re-run the playbook](installing.md) to apply the changes.
|
||||
|
||||
Alternatively, **if there is no pre-defined variable** for a riot-web setting you wish to change:
|
||||
### Domain migration
|
||||
|
||||
- you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of riot-web's various settings that rarely get used.
|
||||
We used to set up Riot at the `riot.DOMAIN` domain. The playbook now sets up Element at `element.DOMAIN` by default.
|
||||
|
||||
- or, you can **extend and override the default configuration** ([`config.json.j2`](../roles/matrix-riot-web/templates/config.json.j2)) by making use of the `matrix_riot_web_configuration_extension_json_` variable. You can find information about this in [`roles/matrix-riot-web/defaults/main.yml`](../roles/matrix-riot-web/defaults/main.yml).
|
||||
There are a few options for handling this:
|
||||
|
||||
- or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_riot_web_configuration_default` (or `matrix_riot_web_configuration`). You can find information about this in [`roles/matrix-riot-web/defaults/main.yml`](../roles/matrix-riot-web/defaults/main.yml).
|
||||
- (**avoiding changes** - using the old `riot.DOMAIN` domain and avoiding DNS changes) -- to keep using `riot.DOMAIN` instead of `element.DOMAIN`, override the domain at which the playbook serves Element: `matrix_server_fqn_element: "riot.{{ matrix_domain }}"`
|
||||
|
||||
- (**embracing changes** - using only `element.DOMAIN`) - set up the `element.DOMAIN` DNS record (see [Configuring DNS](configuring-dns.md)). You can drop the `riot.DOMAIN` in this case. If so, you may also wish to remove old SSL certificates (`rm -rf /matrix/ssl/config/live/riot.DOMAIN`) and renewal configuration (`rm -f /matrix/ssl/config/renewal/riot.DOMAIN.conf`), so that `certbot` would stop trying to renew them.
|
||||
|
||||
## Themes
|
||||
- (**embracing changes and transitioning smoothly** - using both `element.DOMAIN` and `riot.DOMAIN`) - to serve Element at the new domain (`element.DOMAIN`) and to also have `riot.DOMAIN` redirect there - set up the `element.DOMAIN` DNS record (see [Configuring DNS](configuring-dns.md)) and enable Riot to Element redirection (`matrix_nginx_proxy_proxy_riot_compat_redirect_enabled: true`).
|
||||
|
||||
To change the look of riot-web, you can define your own themes manually by using the `matrix_riot_web_settingDefaults_custom_themes` setting.
|
||||
|
||||
Or better yet, you can automatically pull it all themes provided by the [aaronraimist/riot-web-themes](https://github.com/aaronraimist/riot-web-themes) project by simply flipping a flag (`matrix_riot_web_themes_enabled: true`).
|
||||
### Re-running the playbook
|
||||
|
||||
If you make your own theme, we encourage you to submit it to the **aaronraimist/riot-web-themes** project, so that the whole community could easily enjoy it.
|
||||
As always, after making the necessary DNS and configuration adjustments, re-run the playbook to apply the changes:
|
||||
|
||||
Note that for a custom theme to work well, all riot-web/riot-desktop instances that you use must have the same theme installed.
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
|
||||
```
|
||||
|
@ -0,0 +1,62 @@
|
||||
# Setting up Synapse Admin (optional)
|
||||
|
||||
The playbook can install and configure [synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) for you.
|
||||
|
||||
It's a web UI tool you can use to **administrate users and rooms on your Matrix server**.
|
||||
|
||||
See the project's [documentation](https://github.com/Awesome-Technologies/synapse-admin) to learn what it does and why it might be useful to you.
|
||||
|
||||
|
||||
## Adjusting the playbook configuration
|
||||
|
||||
Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:
|
||||
|
||||
```yaml
|
||||
matrix_synapse_admin_enabled: true
|
||||
```
|
||||
|
||||
|
||||
## Installing
|
||||
|
||||
After configuring the playbook, run the [installation](installing.md) command again:
|
||||
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
After installation, Synapse Admin will be accessible at: `https://matrix.DOMAIN/synapse-admin/`
|
||||
|
||||
To use Synapse Admin, you need to have [registered at least one administrator account](registering-users.md) on your server.
|
||||
|
||||
The Homeserver URL to use on Synapse Admin's login page is: `https://matrix.DOMAIN`
|
||||
|
||||
### Sample configuration for running behind Traefik 2.0
|
||||
|
||||
Below is a sample configuration for using this playbook with a [Traefik](https://traefik.io/) 2.0 reverse proxy.
|
||||
|
||||
This an extension to Traefik config sample in [own-webserver-documentation](./configuring-playbook-own-webserver.md).
|
||||
|
||||
```yaml
|
||||
# Don't bind any HTTP or federation port to the host
|
||||
# (Traefik will proxy directly into the containers)
|
||||
matrix_synapse_admin_container_http_host_bind_port: ""
|
||||
|
||||
matrix_synapse_admin_container_extra_arguments:
|
||||
# May be unnecessary depending on Traefik config, but can't hurt
|
||||
- '--label "traefik.enable=true"'
|
||||
|
||||
# The Synapse Admin container will only receive traffic from this subdomain and path
|
||||
- '--label "traefik.http.routers.matrix-synapse-admin.rule=(Host(`{{ matrix_server_fqn_matrix }}`) && Path(`{{matrix_synapse_admin_public_endpoint}}`))"'
|
||||
|
||||
# (Define your entrypoint)
|
||||
- '--label "traefik.http.routers.matrix-synapse-admin.entrypoints=web-secure"'
|
||||
|
||||
# (The 'default' certificate resolver must be defined in Traefik config)
|
||||
- '--label "traefik.http.routers.matrix-synapse-admin.tls.certResolver=default"'
|
||||
|
||||
# The Synapse Admin container uses port 80 by default
|
||||
- '--label "traefik.http.services.matrix-synapse-admin.loadbalancer.server.port=80"'
|
||||
```
|
@ -0,0 +1,8 @@
|
||||
https://element.DOMAIN {
|
||||
# These might differ if you are supplying your own certificates
|
||||
tls /matrix/ssl/config/live/element.DOMAIN/fullchain.pem /matrix/ssl/config/live/element.DOMAIN/privkey.pem
|
||||
|
||||
proxy / http://127.0.0.1:8765 {
|
||||
transparent
|
||||
}
|
||||
}
|
@ -1,8 +0,0 @@
|
||||
https://riot.DOMAIN {
|
||||
# These might differ if you are supplying your own certificates
|
||||
tls /matrix/ssl/config/live/riot.DOMAIN/fullchain.pem /matrix/ssl/config/live/riot.DOMAIN/privkey.pem
|
||||
|
||||
proxy / http://127.0.0.1:8765 {
|
||||
transparent
|
||||
}
|
||||
}
|
@ -1,11 +0,0 @@
|
||||
---
|
||||
|
||||
- name: (Deprecation) Warn about unused user/group variables
|
||||
fail:
|
||||
msg: >
|
||||
The `{{ item }}` variable defined in your configuration is not used by this playbook anymore.
|
||||
User/group creation is now dynamic. You can remove these variables from your configuration, as they have no effect on anything.
|
||||
when: "item in vars"
|
||||
with_items:
|
||||
- 'matrix_user_uid'
|
||||
- 'matrix_user_gid'
|
@ -0,0 +1,64 @@
|
||||
# matrix-reminder-bot is a bot for one-off and recurring reminders
|
||||
# See: https://github.com/anoadragon453/matrix-reminder-bot
|
||||
|
||||
matrix_bot_matrix_reminder_bot_enabled: true
|
||||
|
||||
matrix_bot_matrix_reminder_bot_docker_image: "anoa/matrix-reminder-bot:release-0.1.0"
|
||||
matrix_bot_matrix_reminder_bot_docker_image_force_pull: "{{ matrix_bot_matrix_reminder_bot_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_bot_matrix_reminder_bot_base_path: "{{ matrix_base_data_path }}/matrix-reminder-bot"
|
||||
matrix_bot_matrix_reminder_bot_config_path: "{{ matrix_bot_matrix_reminder_bot_base_path }}/config"
|
||||
matrix_bot_matrix_reminder_bot_data_path: "{{ matrix_bot_matrix_reminder_bot_base_path }}/data"
|
||||
matrix_bot_matrix_reminder_bot_data_store_path: "{{ matrix_bot_matrix_reminder_bot_data_path }}/store"
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_bot_matrix_reminder_bot_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-bot-matrix-reminder-bot.service depends on
|
||||
matrix_bot_matrix_reminder_bot_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-bot-matrix-reminder-bot.service wants
|
||||
matrix_bot_matrix_reminder_bot_systemd_wanted_services_list: []
|
||||
|
||||
|
||||
# The bot's username. This user needs to be created manually beforehand.
|
||||
# Also see `matrix_bot_matrix_reminder_bot_user_password`.
|
||||
matrix_bot_matrix_reminder_bot_matrix_user_id_localpart: "bot.matrix-reminder-bot"
|
||||
|
||||
matrix_bot_matrix_reminder_bot_matrix_user_id: '@{{ matrix_bot_matrix_reminder_bot_matrix_user_id_localpart }}:{{ matrix_domain }}'
|
||||
|
||||
# The password that the bot uses to authenticate.
|
||||
matrix_bot_matrix_reminder_bot_matrix_user_password: ''
|
||||
|
||||
matrix_bot_matrix_reminder_bot_matrix_homeserver_url: 'http://matrix-synapse:8008'
|
||||
|
||||
# The timezone to use when creating reminders.
|
||||
# Examples: 'Europe/London', 'Etc/UTC'
|
||||
matrix_bot_matrix_reminder_bot_reminders_timezone: ''
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_bot_matrix_reminder_bot_configuration_extension_yaml`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_bot_matrix_reminder_bot_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||
|
||||
matrix_bot_matrix_reminder_bot_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_bot_matrix_reminder_bot_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_bot_matrix_reminder_bot_configuration_yaml`.
|
||||
#
|
||||
# Example configuration extension follows:
|
||||
#
|
||||
# matrix:
|
||||
# device_name: My-Reminder-Bot
|
||||
|
||||
matrix_bot_matrix_reminder_bot_configuration_extension: "{{ matrix_bot_matrix_reminder_bot_configuration_extension_yaml|from_yaml if matrix_bot_matrix_reminder_bot_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||
|
||||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_bot_matrix_reminder_bot_configuration_yaml`.
|
||||
matrix_bot_matrix_reminder_bot_configuration: "{{ matrix_bot_matrix_reminder_bot_configuration_yaml|from_yaml|combine(matrix_bot_matrix_reminder_bot_configuration_extension, recursive=True) }}"
|
@ -0,0 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot'] }}"
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
@ -0,0 +1,14 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_bot_matrix_reminder_bot_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-bot-matrix-reminder-bot
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup.yml"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-bot-matrix-reminder-bot
|
@ -0,0 +1,88 @@
|
||||
---
|
||||
|
||||
#
|
||||
# Tasks related to setting up matrix-reminder-bot
|
||||
#
|
||||
|
||||
- name: Ensure matrix-reminder-bot paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true }
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool and item.when
|
||||
|
||||
- name: Ensure matrix-reminder-bot image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_bot_matrix_reminder_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_docker_image_force_pull }}"
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
||||
|
||||
- name: Ensure matrix-reminder-bot config installed
|
||||
copy:
|
||||
content: "{{ matrix_bot_matrix_reminder_bot_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_bot_matrix_reminder_bot_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
||||
|
||||
- name: Ensure matrix-matrix-reminder-bot.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2"
|
||||
dest: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service"
|
||||
mode: 0644
|
||||
register: matrix_bot_matrix_reminder_bot_systemd_service_result
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-matrix-reminder-bot.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_systemd_service_result.changed"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of matrix-reminder-bot (if it was previously enabled)
|
||||
#
|
||||
|
||||
- name: Check existence of matrix-matrix-reminder-bot service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-matrix-reminder-bot.service"
|
||||
register: matrix_bot_matrix_reminder_bot_service_stat
|
||||
|
||||
- name: Ensure matrix-matrix-reminder-bot is stopped
|
||||
service:
|
||||
name: matrix-matrix-reminder-bot
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-matrix-reminder-bot.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-matrix-reminder-bot.service"
|
||||
state: absent
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-matrix-reminder-bot.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Matrix matrix-reminder-bot paths don't exist
|
||||
file:
|
||||
path: "{{ matrix_bot_matrix_reminder_bot_base_path }}"
|
||||
state: absent
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-reminder-bot Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool"
|
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_bot_matrix_reminder_bot_matrix_user_password"
|
||||
- "matrix_bot_matrix_reminder_bot_reminders_timezone"
|
@ -0,0 +1,50 @@
|
||||
# The string to prefix bot commands with
|
||||
command_prefix: "!"
|
||||
|
||||
# Options for connecting to the bot's Matrix account
|
||||
matrix:
|
||||
# The Matrix User ID of the bot account
|
||||
user_id: {{ matrix_bot_matrix_reminder_bot_matrix_user_id|to_json }}
|
||||
# Matrix account password
|
||||
user_password: {{ matrix_bot_matrix_reminder_bot_matrix_user_password|to_json }}
|
||||
# The public URL at which the homeserver's Client-Server API can be accessed
|
||||
homeserver_url: {{ matrix_bot_matrix_reminder_bot_matrix_homeserver_url }}
|
||||
# The device ID that is a **non pre-existing** device
|
||||
# If this device ID already exists, messages will be dropped silently in
|
||||
# encrypted rooms
|
||||
device_id: REMINDER
|
||||
# What to name the logged in device
|
||||
device_name: Reminder Bot
|
||||
|
||||
storage:
|
||||
# The database connection string
|
||||
# For SQLite3, this would look like:
|
||||
# database: "sqlite://bot.db"
|
||||
# For Postgres, this would look like:
|
||||
# database: "postgres://username:password@localhost/dbname?sslmode=disable"
|
||||
#database: "postgres://matrix-reminder-bot:remindme@localhost/matrix-reminder-bot?sslmode=disable"
|
||||
database: "sqlite:///data/bot.db"
|
||||
# The path to a directory for internal bot storage
|
||||
# containing encryption keys, sync tokens, etc.
|
||||
store_path: "/data/store"
|
||||
|
||||
reminders:
|
||||
# Uncomment to set a default timezone that will be used when creating reminders.
|
||||
# If not set, UTC will be used
|
||||
timezone: {{ matrix_bot_matrix_reminder_bot_reminders_timezone }}
|
||||
|
||||
# Logging setup
|
||||
logging:
|
||||
# Logging level
|
||||
# Allowed levels are 'INFO', 'WARNING', 'ERROR', 'DEBUG' where DEBUG is most verbose
|
||||
level: INFO
|
||||
# Configure logging to a file
|
||||
file_logging:
|
||||
# Whether logging to a file is enabled
|
||||
enabled: false
|
||||
# The path to the file to log to. May be relative or absolute
|
||||
filepath: /data/bot.log
|
||||
# Configure logging to the console (stdout/stderr)
|
||||
console_logging:
|
||||
# Whether console logging is enabled
|
||||
enabled: true
|
@ -0,0 +1,40 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=matrix-reminder-bot
|
||||
{% for service in matrix_bot_matrix_reminder_bot_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_bot_matrix_reminder_bot_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-reminder-bot \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--read-only \
|
||||
--network={{ matrix_docker_network }} \
|
||||
-e 'TZ={{ matrix_bot_matrix_reminder_bot_reminders_timezone }}' \
|
||||
-v {{ matrix_bot_matrix_reminder_bot_config_path }}:/config:ro \
|
||||
-v {{ matrix_bot_matrix_reminder_bot_data_path }}:/data:rw \
|
||||
--entrypoint=/bin/sh \
|
||||
{% for arg in matrix_bot_matrix_reminder_bot_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_bot_matrix_reminder_bot_docker_image }} \
|
||||
-c "matrix-reminder-bot /config/config.yaml"
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-bot-matrix-reminder-bot
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,95 @@
|
||||
# Mx Puppet Discord is a Matrix <-> Discord bridge
|
||||
# See: https://github.com/matrix-discord/mx-puppet-discord
|
||||
|
||||
matrix_mx_puppet_discord_enabled: true
|
||||
|
||||
matrix_mx_puppet_discord_container_image_self_build: false
|
||||
|
||||
# Controls whether the mx-puppet-discord container exposes its HTTP port (tcp/8432 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8432"), or empty string to not expose.
|
||||
matrix_mx_puppet_discord_container_http_host_bind_port: ''
|
||||
|
||||
matrix_mx_puppet_discord_docker_image: "sorunome/mx-puppet-discord:latest"
|
||||
matrix_mx_puppet_discord_docker_image_force_pull: "{{ matrix_mx_puppet_discord_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_mx_puppet_discord_base_path: "{{ matrix_base_data_path }}/mx-puppet-discord"
|
||||
matrix_mx_puppet_discord_config_path: "{{ matrix_mx_puppet_discord_base_path }}/config"
|
||||
matrix_mx_puppet_discord_data_path: "{{ matrix_mx_puppet_discord_base_path }}/data"
|
||||
matrix_mx_puppet_discord_docker_src_files_path: "{{ matrix_mx_puppet_discord_base_path }}/docker-src"
|
||||
|
||||
matrix_mx_puppet_discord_appservice_port: "8432"
|
||||
|
||||
matrix_mx_puppet_discord_homeserver_address: 'http://matrix-synapse:8008'
|
||||
matrix_mx_puppet_discord_homeserver_domain: '{{ matrix_domain }}'
|
||||
matrix_mx_puppet_discord_appservice_address: 'http://matrix-mx-puppet-discord:{{ matrix_mx_puppet_discord_appservice_port }}'
|
||||
|
||||
matrix_mx_puppet_discord_client_id: ''
|
||||
matrix_mx_puppet_discord_client_secret: ''
|
||||
|
||||
# "@user:server.com" to allow specific user
|
||||
# "@.*:yourserver.com" to allow users on a specific homeserver
|
||||
# "@.*" to allow anyone
|
||||
matrix_mx_puppet_discord_provisioning_whitelist:
|
||||
- "@.*:{{ matrix_domain|regex_escape }}"
|
||||
|
||||
# Leave empty to disable blacklist
|
||||
# "@user:server.com" disallow a specific user
|
||||
# "@.*:yourserver.com" disallow users on a specific homeserver
|
||||
matrix_mx_puppet_discord_provisioning_blacklist: []
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mx_puppet_discord_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-puppet-discord.service depends on.
|
||||
matrix_mx_puppet_discord_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-puppet-discord.service wants
|
||||
matrix_mx_puppet_discord_systemd_wanted_services_list: []
|
||||
|
||||
matrix_mx_puppet_discord_appservice_token: ''
|
||||
matrix_mx_puppet_discord_homeserver_token: ''
|
||||
|
||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
||||
matrix_mx_puppet_discord_login_shared_secret: ''
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_mx_puppet_discord_configuration_extension_yaml`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_mx_puppet_discord_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||
|
||||
matrix_mx_puppet_discord_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_mx_puppet_discord_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_mx_puppet_discord_configuration_yaml`.
|
||||
|
||||
matrix_mx_puppet_discord_configuration_extension: "{{ matrix_mx_puppet_discord_configuration_extension_yaml|from_yaml if matrix_mx_puppet_discord_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||
|
||||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_mx_puppet_discord_configuration_yaml`.
|
||||
matrix_mx_puppet_discord_configuration: "{{ matrix_mx_puppet_discord_configuration_yaml|from_yaml|combine(matrix_mx_puppet_discord_configuration_extension, recursive=True) }}"
|
||||
|
||||
matrix_mx_puppet_discord_registration_yaml: |
|
||||
as_token: "{{ matrix_mx_puppet_discord_appservice_token }}"
|
||||
hs_token: "{{ matrix_mx_puppet_discord_homeserver_token }}"
|
||||
id: discord-puppet
|
||||
namespaces:
|
||||
users:
|
||||
- exclusive: true
|
||||
regex: '@_discordpuppet_.*:{{ matrix_mx_puppet_discord_homeserver_domain|regex_escape }}'
|
||||
rooms: []
|
||||
aliases:
|
||||
- exclusive: true
|
||||
regex: '#_discordpuppet_.*:{{ matrix_mx_puppet_discord_homeserver_domain|regex_escape }}'
|
||||
protocols: []
|
||||
rate_limited: false
|
||||
sender_localpart: _discordpuppet_bot
|
||||
url: {{ matrix_mx_puppet_discord_appservice_address }}
|
||||
|
||||
matrix_mx_puppet_discord_registration: "{{ matrix_mx_puppet_discord_registration_yaml|from_yaml }}"
|
@ -0,0 +1,23 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mx-puppet-discord'] }}"
|
||||
when: matrix_mx_puppet_discord_enabled|bool
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
["--mount type=bind,src={{ matrix_mx_puppet_discord_config_path }}/registration.yaml,dst=/matrix-mx-puppet-discord-registration.yaml,ro"]
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["/matrix-mx-puppet-discord-registration.yaml"] }}
|
||||
when: matrix_mx_puppet_discord_enabled|bool
|
||||
|
||||
# ansible lower than 2.8, does not support docker_image build parameters
|
||||
# for self buildig it is explicitly needed, so we rather fail here
|
||||
- name: Fail if running on Ansible lower than 2.8 and trying self building
|
||||
fail:
|
||||
msg: "To self build Puppet Slack image, you should usa ansible 2.8 or higher. E.g. pip contains such packages."
|
||||
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_discord_container_image_self_build"
|
@ -0,0 +1,21 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_discord_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-discord
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_discord_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-discord
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup|bool and not matrix_mx_puppet_discord_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-discord
|
@ -0,0 +1,93 @@
|
||||
---
|
||||
|
||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||
# We don't want to fail in such cases.
|
||||
- name: Fail if matrix-synapse role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
The matrix-bridge-mx-puppet-discord role needs to execute before the matrix-synapse role.
|
||||
when: "matrix_synapse_role_executed|default(False)"
|
||||
|
||||
- name: Ensure MX Puppet Discord image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_discord_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_mx_puppet_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_discord_docker_image_force_pull }}"
|
||||
when: matrix_mx_puppet_discord_enabled|bool and not matrix_mx_puppet_discord_container_image_self_build
|
||||
|
||||
- name: Ensure MX Puppet Discord paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mx_puppet_discord_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_discord_config_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_discord_data_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_discord_docker_src_files_path }}", when: "{{ matrix_mx_puppet_discord_container_image_self_build }}" }
|
||||
when: matrix_mx_puppet_discord_enabled|bool and item.when|bool
|
||||
|
||||
- name: Ensure MX Puppet Discord repository is present on self build
|
||||
git:
|
||||
repo: https://github.com/matrix-discord/mx-puppet-discord.git
|
||||
dest: "{{ matrix_mx_puppet_discord_docker_src_files_path }}"
|
||||
force: "yes"
|
||||
when: "matrix_mx_puppet_discord_enabled|bool and matrix_mx_puppet_discord_container_image_self_build"
|
||||
|
||||
- name: Ensure MX Puppet Discord Docker image is built
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_discord_docker_image }}"
|
||||
source: build
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_mx_puppet_discord_docker_src_files_path }}"
|
||||
pull: yes
|
||||
when: "matrix_mx_puppet_discord_enabled|bool and matrix_mx_puppet_discord_container_image_self_build"
|
||||
|
||||
- name: Check if an old database file already exists
|
||||
stat:
|
||||
path: "{{ matrix_mx_puppet_discord_base_path }}/database.db"
|
||||
register: matrix_mx_puppet_discord_stat_database
|
||||
|
||||
- name: (Data relocation) Ensure matrix-mx-puppet-discord.service is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-discord
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
failed_when: false
|
||||
when: "matrix_mx_puppet_discord_stat_database.stat.exists"
|
||||
|
||||
- name: (Data relocation) Move mx-puppet-discord database file to ./data directory
|
||||
command: "mv {{ matrix_mx_puppet_discord_base_path }}/database.db {{ matrix_mx_puppet_discord_data_path }}/database.db"
|
||||
when: "matrix_mx_puppet_discord_stat_database.stat.exists"
|
||||
|
||||
- name: Ensure mx-puppet-discord config.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_discord_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_discord_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mx-puppet-discord discord-registration.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_discord_registration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_discord_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-discord.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-mx-puppet-discord.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-mx-puppet-discord.service"
|
||||
mode: 0644
|
||||
register: matrix_mx_puppet_discord_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-discord.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_discord_systemd_service_result.changed"
|
@ -0,0 +1,24 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-mx-puppet-discord service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-discord.service"
|
||||
register: matrix_mx_puppet_discord_service_stat
|
||||
|
||||
- name: Ensure matrix-mx-puppet-discord is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-discord
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_discord_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-discord.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-discord.service"
|
||||
state: absent
|
||||
when: "matrix_mx_puppet_discord_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-discord.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_discord_service_stat.stat.exists"
|
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mx_puppet_discord_appservice_token"
|
||||
- "matrix_mx_puppet_discord_homeserver_token"
|
@ -0,0 +1,138 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
bridge:
|
||||
# Port to host the bridge on
|
||||
# Used for communication between the homeserver and the bridge
|
||||
port: {{ matrix_mx_puppet_discord_appservice_port }}
|
||||
# The host connections to the bridge's webserver are allowed from
|
||||
bindAddress: 0.0.0.0
|
||||
# Public domain of the homeserver
|
||||
domain: {{ matrix_mx_puppet_discord_homeserver_domain }}
|
||||
# Reachable URL of the Matrix homeserver
|
||||
homeserverUrl: {{ matrix_mx_puppet_discord_homeserver_address }}
|
||||
{% if matrix_mx_puppet_discord_login_shared_secret != '' %}
|
||||
loginSharedSecretMap:
|
||||
{{ matrix_domain }}: {{ matrix_mx_puppet_discord_login_shared_secret }}
|
||||
{% endif %}
|
||||
# Display name of the bridge bot
|
||||
displayname: Discord Puppet Bridge
|
||||
# Optionally specify a different media URL used for the media store
|
||||
#
|
||||
# This is where Discord will download user profile pictures and media
|
||||
# from
|
||||
#mediaUrl: https://external-url.org
|
||||
|
||||
presence:
|
||||
# Bridge Discord online/offline status
|
||||
enabled: true
|
||||
# How often to send status to the homeserver in milliseconds
|
||||
interval: 500
|
||||
|
||||
provisioning:
|
||||
# Regex of Matrix IDs allowed to use the puppet bridge
|
||||
whitelist: {{ matrix_mx_puppet_discord_provisioning_whitelist|to_json }}
|
||||
# Allow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Allow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
# Allow anyone
|
||||
#- ".*"
|
||||
# Regex of Matrix IDs forbidden from using the puppet bridge
|
||||
#blacklist:
|
||||
# Disallow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Disallow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
blacklist: {{ matrix_mx_puppet_discord_provisioning_blacklist|to_json }}
|
||||
|
||||
relay:
|
||||
# Regex of Matrix IDs who are allowed to use the bridge in relay mode.
|
||||
# Relay mode is when a single Discord bot account relays messages of
|
||||
# multiple Matrix users
|
||||
#
|
||||
# Same format as in provisioning
|
||||
whitelist: {{ matrix_mx_puppet_discord_provisioning_whitelist|to_json }}
|
||||
blacklist: {{ matrix_mx_puppet_discord_provisioning_blacklist|to_json }}
|
||||
|
||||
selfService:
|
||||
# Regex of Matrix IDs who are allowed to use bridge self-servicing (plumbed rooms)
|
||||
#
|
||||
# Same format as in provisioning
|
||||
whitelist: {{ matrix_mx_puppet_discord_provisioning_whitelist|to_json }}
|
||||
blacklist: {{ matrix_mx_puppet_discord_provisioning_blacklist|to_json }}
|
||||
|
||||
# Override the default name patterns for users, rooms and groups
|
||||
#
|
||||
# Variable names must be prefixed with a ':'
|
||||
namePatterns:
|
||||
# The default displayname for a bridged user
|
||||
#
|
||||
# Available variables:
|
||||
#
|
||||
# name: username of the user
|
||||
# discriminator: hashtag of the user (ex. #1234)
|
||||
user: :name
|
||||
|
||||
# A user's guild-specific displayname - if they've set a custom nick in
|
||||
# a guild
|
||||
#
|
||||
# Available variables:
|
||||
#
|
||||
# name: username of the user
|
||||
# discriminator: hashtag of the user (ex. #1234)
|
||||
# displayname: the user's custom group-specific nick
|
||||
# channel: the name of the channel
|
||||
# guild: the name of the guild
|
||||
userOverride: :name
|
||||
|
||||
# Room names for bridged Discord channels
|
||||
#
|
||||
# Available variables:
|
||||
#
|
||||
# name: name of the channel
|
||||
# guild: name of the guild
|
||||
room: :name
|
||||
|
||||
# Group names for bridged Discord servers
|
||||
#
|
||||
# Available variables:
|
||||
#
|
||||
# name: name of the guide
|
||||
group: :name
|
||||
|
||||
database:
|
||||
# Use Postgres as a database backend
|
||||
# If set, will be used instead of SQLite3
|
||||
# Connection string to connect to the Postgres instance
|
||||
# with username "user", password "pass", host "localhost" and database name "dbname".
|
||||
# Modify each value as necessary
|
||||
#connString: "postgres://user:pass@localhost/dbname?sslmode=disable"
|
||||
# Use SQLite3 as a database backend
|
||||
# The name of the database file
|
||||
filename: /data/database.db
|
||||
|
||||
logging:
|
||||
# Log level of console output
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
console: info
|
||||
# Date and time formatting
|
||||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
@ -0,0 +1,41 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix Mx Puppet Discord server
|
||||
{% for service in matrix_mx_puppet_discord_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_mx_puppet_discord_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-discord \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
-e CONFIG_PATH=/config/config.yaml \
|
||||
-e REGISTRATION_PATH=/config/registration.yaml \
|
||||
-v {{ matrix_mx_puppet_discord_config_path }}:/config:z \
|
||||
-v {{ matrix_mx_puppet_discord_data_path }}:/data:z \
|
||||
{% for arg in matrix_mx_puppet_discord_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mx_puppet_discord_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-discord
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,86 @@
|
||||
# mx-puppet-instagram bridges instagram DMs
|
||||
# See: https://github.com/Sorunome/mx-puppet-instagram
|
||||
|
||||
matrix_mx_puppet_instagram_enabled: true
|
||||
|
||||
matrix_mx_puppet_instagram_container_image_self_build: false
|
||||
|
||||
matrix_mx_puppet_instagram_docker_image: "docker.io/sorunome/mx-puppet-instagram:latest"
|
||||
matrix_mx_puppet_instagram_docker_image_force_pull: "{{ matrix_mx_puppet_instagram_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_mx_puppet_instagram_base_path: "{{ matrix_base_data_path }}/mx-puppet-instagram"
|
||||
matrix_mx_puppet_instagram_config_path: "{{ matrix_mx_puppet_instagram_base_path }}/config"
|
||||
matrix_mx_puppet_instagram_data_path: "{{ matrix_mx_puppet_instagram_base_path }}/data"
|
||||
matrix_mx_puppet_instagram_docker_src_files_path: "{{ matrix_mx_puppet_instagram_base_path }}/docker-src"
|
||||
|
||||
matrix_mx_puppet_instagram_appservice_port: "8440"
|
||||
matrix_mx_puppet_instagram_homeserver_address: 'http://matrix-synapse:8008'
|
||||
matrix_mx_puppet_instagram_homeserver_domain: '{{ matrix_domain }}'
|
||||
matrix_mx_puppet_instagram_appservice_address: 'http://matrix-mx-puppet-instagram:{{ matrix_mx_puppet_instagram_appservice_port }}'
|
||||
|
||||
# "@user:server.com" to allow specific user
|
||||
# "@.*:yourserver.com" to allow users on a specific homeserver
|
||||
# "@.*" to allow anyone
|
||||
matrix_mx_puppet_instagram_provisioning_whitelist:
|
||||
- "@.*:{{ matrix_domain|regex_escape }}"
|
||||
|
||||
# Leave empty to disable blacklist
|
||||
# "@user:server.com" disallow a specific user
|
||||
# "@.*:yourserver.com" disallow users on a specific homeserver
|
||||
matrix_mx_puppet_instagram_provisioning_blacklist: []
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mx_puppet_instagram_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-puppet-instagram.service depends on.
|
||||
matrix_mx_puppet_instagram_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-puppet-instagram.service wants
|
||||
matrix_mx_puppet_instagram_systemd_wanted_services_list: []
|
||||
|
||||
matrix_mx_puppet_instagram_appservice_token: ''
|
||||
matrix_mx_puppet_instagram_homeserver_token: ''
|
||||
|
||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
||||
matrix_mx_puppet_instagram_login_shared_secret: ''
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_mx_puppet_instagram_configuration_extension_yaml`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_mx_puppet_instagram_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||
|
||||
matrix_mx_puppet_instagram_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_mx_puppet_instagram_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_mx_puppet_instagram_configuration_yaml`.
|
||||
|
||||
matrix_mx_puppet_instagram_configuration_extension: "{{ matrix_mx_puppet_instagram_configuration_extension_yaml|from_yaml if matrix_mx_puppet_instagram_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||
|
||||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_mx_puppet_instagram_configuration_yaml`.
|
||||
matrix_mx_puppet_instagram_configuration: "{{ matrix_mx_puppet_instagram_configuration_yaml|from_yaml|combine(matrix_mx_puppet_instagram_configuration_extension, recursive=True) }}"
|
||||
|
||||
matrix_mx_puppet_instagram_registration_yaml: |
|
||||
as_token: "{{ matrix_mx_puppet_instagram_appservice_token }}"
|
||||
hs_token: "{{ matrix_mx_puppet_instagram_homeserver_token }}"
|
||||
id: instagram-puppet
|
||||
namespaces:
|
||||
users:
|
||||
- exclusive: true
|
||||
regex: '@_instagrampuppet_.*:{{ matrix_mx_puppet_instagram_homeserver_domain|regex_escape }}'
|
||||
rooms: []
|
||||
aliases:
|
||||
- exclusive: true
|
||||
regex: '#_instagrampuppet_.*:{{ matrix_mx_puppet_instagram_homeserver_domain|regex_escape }}'
|
||||
protocols: []
|
||||
rate_limited: false
|
||||
sender_localpart: _instagrampuppet_bot
|
||||
url: {{ matrix_mx_puppet_instagram_appservice_address }}
|
||||
|
||||
matrix_mx_puppet_instagram_registration: "{{ matrix_mx_puppet_instagram_registration_yaml|from_yaml }}"
|
@ -0,0 +1,17 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mx-puppet-instagram'] }}"
|
||||
when: matrix_mx_puppet_instagram_enabled|bool
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
["--mount type=bind,src={{ matrix_mx_puppet_instagram_config_path }}/registration.yaml,dst=/matrix-mx-puppet-instagram-registration.yaml,ro"]
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["/matrix-mx-puppet-instagram-registration.yaml"] }}
|
||||
when: matrix_mx_puppet_instagram_enabled|bool
|
||||
|
@ -0,0 +1,21 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_instagram_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-instagram
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_instagram_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-instagram
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup|bool and not matrix_mx_puppet_instagram_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-instagram
|
@ -0,0 +1,78 @@
|
||||
---
|
||||
|
||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||
# We don't want to fail in such cases.
|
||||
- name: Fail if matrix-synapse role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
The matrix-bridge-mx-puppet-instagram role needs to execute before the matrix-synapse role.
|
||||
when: "matrix_synapse_role_executed|default(False)"
|
||||
|
||||
- name: Ensure mx-puppet-instagram image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_instagram_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_mx_puppet_instagram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_instagram_docker_image_force_pull }}"
|
||||
when: matrix_mx_puppet_instagram_enabled|bool and not matrix_mx_puppet_instagram_container_image_self_build
|
||||
|
||||
- name: Ensure mx-puppet-instagram paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mx_puppet_instagram_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_instagram_config_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_instagram_data_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_instagram_docker_src_files_path }}", when: "{{ matrix_mx_puppet_instagram_container_image_self_build }}" }
|
||||
when: matrix_mx_puppet_instagram_enabled|bool and item.when|bool
|
||||
|
||||
- name: Ensure mx-puppet-instagram repository is present on self build
|
||||
git:
|
||||
repo: https://github.com/Sorunome/mx-puppet-instagram.git
|
||||
dest: "{{ matrix_mx_puppet_instagram_docker_src_files_path }}"
|
||||
force: "yes"
|
||||
when: "matrix_mx_puppet_instagram_enabled|bool and matrix_mx_puppet_instagram_container_image_self_build"
|
||||
|
||||
- name: Ensure mx-puppet-instagram Docker image is built
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_instagram_docker_image }}"
|
||||
source: build
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_mx_puppet_instagram_docker_src_files_path }}"
|
||||
pull: yes
|
||||
when: "matrix_mx_puppet_instagram_enabled|bool and matrix_mx_puppet_instagram_container_image_self_build"
|
||||
|
||||
- name: Ensure mx-puppet-instagram config.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_instagram_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_instagram_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mx-puppet-instagram-registration.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_instagram_registration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_instagram_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-instagram.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-mx-puppet-instagram.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-mx-puppet-instagram.service"
|
||||
mode: 0644
|
||||
register: matrix_mx_puppet_instagram_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-instagram.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_instagram_systemd_service_result.changed"
|
||||
|
||||
|
@ -0,0 +1,24 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-mx-puppet-instagram service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-instagram.service"
|
||||
register: matrix_mx_puppet_instagram_service_stat
|
||||
|
||||
- name: Ensure matrix-mx-puppet-instagram is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-instagram
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_instagram_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-instagram.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-instagram.service"
|
||||
state: absent
|
||||
when: "matrix_mx_puppet_instagram_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-instagram.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_instagram_service_stat.stat.exists"
|
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mx_puppet_instagram_appservice_token"
|
||||
- "matrix_mx_puppet_instagram_homeserver_token"
|
@ -0,0 +1,82 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
bridge:
|
||||
# Port to host the bridge on
|
||||
# Used for communication between the homeserver and the bridge
|
||||
port: {{ matrix_mx_puppet_instagram_appservice_port }}
|
||||
# The host connections to the bridge's webserver are allowed from
|
||||
bindAddress: 0.0.0.0
|
||||
# Public domain of the homeserver
|
||||
domain: {{ matrix_mx_puppet_instagram_homeserver_domain }}
|
||||
# Reachable URL of the Matrix homeserver
|
||||
homeserverUrl: {{ matrix_mx_puppet_instagram_homeserver_address }}
|
||||
{% if matrix_mx_puppet_instagram_login_shared_secret != '' %}
|
||||
loginSharedSecretMap:
|
||||
{{ matrix_domain }}: {{ matrix_mx_puppet_instagram_login_shared_secret }}
|
||||
{% endif %}
|
||||
|
||||
presence:
|
||||
# Bridge Instagram online/offline status
|
||||
enabled: true
|
||||
# How often to send status to the homeserver in milliseconds
|
||||
interval: 500
|
||||
|
||||
provisioning:
|
||||
# Regex of Matrix IDs allowed to use the puppet bridge
|
||||
whitelist: {{ matrix_mx_puppet_instagram_provisioning_whitelist|to_json }}
|
||||
# Allow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Allow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
# Allow anyone
|
||||
#- ".*"
|
||||
# Regex of Matrix IDs forbidden from using the puppet bridge
|
||||
#blacklist:
|
||||
# Disallow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Disallow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
blacklist: {{ matrix_mx_puppet_instagram_provisioning_blacklist|to_json }}
|
||||
|
||||
# Shared secret for the provisioning API for use by integration managers.
|
||||
# If this is not set, the provisioning API will not be enabled.
|
||||
#sharedSecret: random string
|
||||
# Path prefix for the provisioning API. /v1 will be appended to the prefix automatically.
|
||||
apiPrefix: /_matrix/provision
|
||||
|
||||
database:
|
||||
# Use Postgres as a database backend
|
||||
# If set, will be used instead of SQLite3
|
||||
# Connection string to connect to the Postgres instance
|
||||
# with username "user", password "pass", host "localhost" and database name "dbname".
|
||||
# Modify each value as necessary
|
||||
#connString: "postgres://user:pass@localhost/dbname?sslmode=disable"
|
||||
# Use SQLite3 as a database backend
|
||||
# The name of the database file
|
||||
filename: /data/database.db
|
||||
|
||||
logging:
|
||||
# Log level of console output
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
console: info
|
||||
# Date and time formatting
|
||||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
@ -0,0 +1,41 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix mx-puppet-instagram bridge
|
||||
{% for service in matrix_mx_puppet_instagram_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_mx_puppet_instagram_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-instagram \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
-e CONFIG_PATH=/config/config.yaml \
|
||||
-e REGISTRATION_PATH=/config/registration.yaml \
|
||||
-v {{ matrix_mx_puppet_instagram_config_path }}:/config:z \
|
||||
-v {{ matrix_mx_puppet_instagram_data_path }}:/data:z \
|
||||
{% for arg in matrix_mx_puppet_instagram_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mx_puppet_instagram_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-instagram
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,95 @@
|
||||
# Mx Puppet Steam is a Matrix <-> Steam bridge
|
||||
# See: https://github.com/matrix-steam/mx-puppet-steam
|
||||
|
||||
matrix_mx_puppet_steam_enabled: true
|
||||
|
||||
matrix_mx_puppet_steam_container_image_self_build: false
|
||||
|
||||
# Controls whether the mx-puppet-steam container exposes its HTTP port (tcp/8432 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8432"), or empty string to not expose.
|
||||
matrix_mx_puppet_steam_container_http_host_bind_port: ''
|
||||
|
||||
matrix_mx_puppet_steam_docker_image: "icewind1991/mx-puppet-steam:latest"
|
||||
matrix_mx_puppet_steam_docker_image_force_pull: "{{ matrix_mx_puppet_steam_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_mx_puppet_steam_base_path: "{{ matrix_base_data_path }}/mx-puppet-steam"
|
||||
matrix_mx_puppet_steam_config_path: "{{ matrix_mx_puppet_steam_base_path }}/config"
|
||||
matrix_mx_puppet_steam_data_path: "{{ matrix_mx_puppet_steam_base_path }}/data"
|
||||
matrix_mx_puppet_steam_docker_src_files_path: "{{ matrix_mx_puppet_steam_base_path }}/docker-src"
|
||||
|
||||
matrix_mx_puppet_steam_appservice_port: "8432"
|
||||
|
||||
matrix_mx_puppet_steam_homeserver_address: 'http://matrix-synapse:8008'
|
||||
matrix_mx_puppet_steam_homeserver_domain: '{{ matrix_domain }}'
|
||||
matrix_mx_puppet_steam_appservice_address: 'http://matrix-mx-puppet-steam:{{ matrix_mx_puppet_steam_appservice_port }}'
|
||||
|
||||
matrix_mx_puppet_steam_client_id: ''
|
||||
matrix_mx_puppet_steam_client_secret: ''
|
||||
|
||||
# "@user:server.com" to allow specific user
|
||||
# "@.*:yourserver.com" to allow users on a specific homeserver
|
||||
# "@.*" to allow anyone
|
||||
matrix_mx_puppet_steam_provisioning_whitelist:
|
||||
- "@.*:{{ matrix_domain|regex_escape }}"
|
||||
|
||||
# Leave empty to disable blacklist
|
||||
# "@user:server.com" disallow a specific user
|
||||
# "@.*:yourserver.com" disallow users on a specific homeserver
|
||||
matrix_mx_puppet_steam_provisioning_blacklist: []
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mx_puppet_steam_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-puppet-steam.service depends on.
|
||||
matrix_mx_puppet_steam_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-puppet-steam.service wants
|
||||
matrix_mx_puppet_steam_systemd_wanted_services_list: []
|
||||
|
||||
matrix_mx_puppet_steam_appservice_token: ''
|
||||
matrix_mx_puppet_steam_homeserver_token: ''
|
||||
|
||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
||||
matrix_mx_puppet_steam_login_shared_secret: ''
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_mx_puppet_steam_configuration_extension_yaml`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_mx_puppet_steam_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||
|
||||
matrix_mx_puppet_steam_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_mx_puppet_steam_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_mx_puppet_steam_configuration_yaml`.
|
||||
|
||||
matrix_mx_puppet_steam_configuration_extension: "{{ matrix_mx_puppet_steam_configuration_extension_yaml|from_yaml if matrix_mx_puppet_steam_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||
|
||||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_mx_puppet_steam_configuration_yaml`.
|
||||
matrix_mx_puppet_steam_configuration: "{{ matrix_mx_puppet_steam_configuration_yaml|from_yaml|combine(matrix_mx_puppet_steam_configuration_extension, recursive=True) }}"
|
||||
|
||||
matrix_mx_puppet_steam_registration_yaml: |
|
||||
as_token: "{{ matrix_mx_puppet_steam_appservice_token }}"
|
||||
hs_token: "{{ matrix_mx_puppet_steam_homeserver_token }}"
|
||||
id: steam-puppet
|
||||
namespaces:
|
||||
users:
|
||||
- exclusive: true
|
||||
regex: '@_steampuppet_.*:{{ matrix_mx_puppet_steam_homeserver_domain|regex_escape }}'
|
||||
rooms: []
|
||||
aliases:
|
||||
- exclusive: true
|
||||
regex: '#_steampuppet_.*:{{ matrix_mx_puppet_steam_homeserver_domain|regex_escape }}'
|
||||
protocols: []
|
||||
rate_limited: false
|
||||
sender_localpart: _steampuppet_bot
|
||||
url: {{ matrix_mx_puppet_steam_appservice_address }}
|
||||
|
||||
matrix_mx_puppet_steam_registration: "{{ matrix_mx_puppet_steam_registration_yaml|from_yaml }}"
|
@ -0,0 +1,23 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mx-puppet-steam'] }}"
|
||||
when: matrix_mx_puppet_steam_enabled|bool
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
["--mount type=bind,src={{ matrix_mx_puppet_steam_config_path }}/registration.yaml,dst=/matrix-mx-puppet-steam-registration.yaml,ro"]
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["/matrix-mx-puppet-steam-registration.yaml"] }}
|
||||
when: matrix_mx_puppet_steam_enabled|bool
|
||||
|
||||
# ansible lower than 2.8, does not support docker_image build parameters
|
||||
# for self buildig it is explicitly needed, so we rather fail here
|
||||
- name: Fail if running on Ansible lower than 2.8 and trying self building
|
||||
fail:
|
||||
msg: "To self build Puppet Slack image, you should usa ansible 2.8 or higher. E.g. pip contains such packages."
|
||||
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_steam_container_image_self_build"
|
@ -0,0 +1,21 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_steam_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-steam
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_steam_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-steam
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup|bool and not matrix_mx_puppet_steam_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-steam
|
@ -0,0 +1,93 @@
|
||||
---
|
||||
|
||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||
# We don't want to fail in such cases.
|
||||
- name: Fail if matrix-synapse role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
The matrix-bridge-mx-puppet-steam role needs to execute before the matrix-synapse role.
|
||||
when: "matrix_synapse_role_executed|default(False)"
|
||||
|
||||
- name: Ensure MX Puppet Steam image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_steam_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_mx_puppet_steam_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_steam_docker_image_force_pull }}"
|
||||
when: matrix_mx_puppet_steam_enabled|bool and not matrix_mx_puppet_steam_container_image_self_build
|
||||
|
||||
- name: Ensure MX Puppet Steam paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mx_puppet_steam_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_steam_config_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_steam_data_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_steam_docker_src_files_path }}", when: "{{ matrix_mx_puppet_steam_container_image_self_build }}" }
|
||||
when: matrix_mx_puppet_steam_enabled|bool and item.when|bool
|
||||
|
||||
- name: Ensure MX Puppet Steam repository is present on self build
|
||||
git:
|
||||
repo: https://github.com/icewind1991/mx-puppet-steam.git
|
||||
dest: "{{ matrix_mx_puppet_steam_docker_src_files_path }}"
|
||||
force: "yes"
|
||||
when: "matrix_mx_puppet_steam_enabled|bool and matrix_mx_puppet_steam_container_image_self_build"
|
||||
|
||||
- name: Ensure MX Puppet Steam Docker image is built
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_steam_docker_image }}"
|
||||
source: build
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_mx_puppet_steam_docker_src_files_path }}"
|
||||
pull: yes
|
||||
when: "matrix_mx_puppet_steam_enabled|bool and matrix_mx_puppet_steam_container_image_self_build"
|
||||
|
||||
- name: Check if an old database file already exists
|
||||
stat:
|
||||
path: "{{ matrix_mx_puppet_steam_base_path }}/database.db"
|
||||
register: matrix_mx_puppet_steam_stat_database
|
||||
|
||||
- name: (Data relocation) Ensure matrix-mx-puppet-steam.service is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-steam
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
failed_when: false
|
||||
when: "matrix_mx_puppet_steam_stat_database.stat.exists"
|
||||
|
||||
- name: (Data relocation) Move mx-puppet-steam database file to ./data directory
|
||||
command: "mv {{ matrix_mx_puppet_steam_base_path }}/database.db {{ matrix_mx_puppet_steam_data_path }}/database.db"
|
||||
when: "matrix_mx_puppet_steam_stat_database.stat.exists"
|
||||
|
||||
- name: Ensure mx-puppet-steam config.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_steam_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_steam_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mx-puppet-steam steam-registration.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_steam_registration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_steam_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-steam.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-mx-puppet-steam.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-mx-puppet-steam.service"
|
||||
mode: 0644
|
||||
register: matrix_mx_puppet_steam_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-steam.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_steam_systemd_service_result.changed"
|
@ -0,0 +1,24 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-mx-puppet-steam service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-steam.service"
|
||||
register: matrix_mx_puppet_steam_service_stat
|
||||
|
||||
- name: Ensure matrix-mx-puppet-steam is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-steam
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_steam_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-steam.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-steam.service"
|
||||
state: absent
|
||||
when: "matrix_mx_puppet_steam_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-steam.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_steam_service_stat.stat.exists"
|
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mx_puppet_steam_appservice_token"
|
||||
- "matrix_mx_puppet_steam_homeserver_token"
|
@ -0,0 +1,99 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
bridge:
|
||||
# Port to host the bridge on
|
||||
# Used for communication between the homeserver and the bridge
|
||||
port: {{ matrix_mx_puppet_steam_appservice_port }}
|
||||
# The host connections to the bridge's webserver are allowed from
|
||||
bindAddress: 0.0.0.0
|
||||
# Public domain of the homeserver
|
||||
domain: {{ matrix_mx_puppet_steam_homeserver_domain }}
|
||||
# Reachable URL of the Matrix homeserver
|
||||
homeserverUrl: {{ matrix_mx_puppet_steam_homeserver_address }}
|
||||
{% if matrix_mx_puppet_steam_login_shared_secret != '' %}
|
||||
loginSharedSecretMap:
|
||||
{{ matrix_domain }}: {{ matrix_mx_puppet_steam_login_shared_secret }}
|
||||
{% endif %}
|
||||
# Display name of the bridge bot
|
||||
displayname: Steam Puppet Bridge
|
||||
# Optionally specify a different media URL used for the media store
|
||||
#
|
||||
# This is where Steam will download user profile pictures and media
|
||||
# from
|
||||
#mediaUrl: https://external-url.org
|
||||
|
||||
presence:
|
||||
# Bridge Steam online/offline status
|
||||
enabled: true
|
||||
# How often to send status to the homeserver in milliseconds
|
||||
interval: 5000
|
||||
|
||||
provisioning:
|
||||
# Regex of Matrix IDs allowed to use the puppet bridge
|
||||
whitelist: {{ matrix_mx_puppet_steam_provisioning_whitelist|to_json }}
|
||||
# Allow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Allow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
# Allow anyone
|
||||
#- ".*"
|
||||
# Regex of Matrix IDs forbidden from using the puppet bridge
|
||||
#blacklist:
|
||||
# Disallow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Disallow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
blacklist: {{ matrix_mx_puppet_steam_provisioning_blacklist|to_json }}
|
||||
|
||||
relay:
|
||||
# Regex of Matrix IDs who are allowed to use the bridge in relay mode.
|
||||
# Relay mode is when a single Steam bot account relays messages of
|
||||
# multiple Matrix users
|
||||
#
|
||||
# Same format as in provisioning
|
||||
whitelist: {{ matrix_mx_puppet_steam_provisioning_whitelist|to_json }}
|
||||
blacklist: {{ matrix_mx_puppet_steam_provisioning_blacklist|to_json }}
|
||||
|
||||
selfService:
|
||||
# Regex of Matrix IDs who are allowed to use bridge self-servicing (plumbed rooms)
|
||||
#
|
||||
# Same format as in provisioning
|
||||
whitelist: {{ matrix_mx_puppet_steam_provisioning_whitelist|to_json }}
|
||||
blacklist: {{ matrix_mx_puppet_steam_provisioning_blacklist|to_json }}
|
||||
|
||||
database:
|
||||
# Use Postgres as a database backend
|
||||
# If set, will be used instead of SQLite3
|
||||
# Connection string to connect to the Postgres instance
|
||||
# with username "user", password "pass", host "localhost" and database name "dbname".
|
||||
# Modify each value as necessary
|
||||
#connString: "postgres://user:pass@localhost/dbname?sslmode=disable"
|
||||
# Use SQLite3 as a database backend
|
||||
# The name of the database file
|
||||
filename: /data/database.db
|
||||
|
||||
logging:
|
||||
# Log level of console output
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
console: info
|
||||
# Date and time formatting
|
||||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
@ -0,0 +1,41 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix Mx Puppet Steam server
|
||||
{% for service in matrix_mx_puppet_steam_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_mx_puppet_steam_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-steam \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
-e CONFIG_PATH=/config/config.yaml \
|
||||
-e REGISTRATION_PATH=/config/registration.yaml \
|
||||
-v {{ matrix_mx_puppet_steam_config_path }}:/config:z \
|
||||
-v {{ matrix_mx_puppet_steam_data_path }}:/data:z \
|
||||
{% for arg in matrix_mx_puppet_steam_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mx_puppet_steam_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-steam
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,104 @@
|
||||
# Mx Puppet Twitter is a Matrix <-> Twitter bridge
|
||||
# See: https://github.com/Sorunome/mx-puppet-twitter
|
||||
|
||||
matrix_mx_puppet_twitter_enabled: true
|
||||
|
||||
matrix_mx_puppet_twitter_container_image_self_build: false
|
||||
|
||||
# Controls whether the mx-puppet-twitter container exposes its HTTP port (tcp/8432 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8432"), or empty string to not expose.
|
||||
matrix_mx_puppet_twitter_container_http_host_bind_port: ''
|
||||
|
||||
matrix_mx_puppet_twitter_docker_image: "sorunome/mx-puppet-twitter:latest"
|
||||
matrix_mx_puppet_twitter_docker_image_force_pull: "{{ matrix_mx_puppet_twitter_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_mx_puppet_twitter_base_path: "{{ matrix_base_data_path }}/mx-puppet-twitter"
|
||||
matrix_mx_puppet_twitter_config_path: "{{ matrix_mx_puppet_twitter_base_path }}/config"
|
||||
matrix_mx_puppet_twitter_data_path: "{{ matrix_mx_puppet_twitter_base_path }}/data"
|
||||
matrix_mx_puppet_twitter_docker_src_files_path: "{{ matrix_mx_puppet_twitter_base_path }}/docker-src"
|
||||
|
||||
matrix_mx_puppet_twitter_appservice_port: "8432"
|
||||
|
||||
matrix_mx_puppet_twitter_homeserver_address: 'http://matrix-synapse:8008'
|
||||
matrix_mx_puppet_twitter_homeserver_domain: '{{ matrix_domain }}'
|
||||
matrix_mx_puppet_twitter_appservice_address: 'http://matrix-mx-puppet-twitter:{{ matrix_mx_puppet_twitter_appservice_port }}'
|
||||
|
||||
matrix_mx_puppet_twitter_consumer_key: ''
|
||||
matrix_mx_puppet_twitter_consumer_secret: ''
|
||||
matrix_mx_puppet_twitter_access_token: ''
|
||||
matrix_mx_puppet_twitter_access_token_secret: ''
|
||||
matrix_mx_puppet_twitter_environment: ''
|
||||
matrix_mx_puppet_twitter_webhook_path: '/twitter/webhook'
|
||||
matrix_mx_puppet_twitter_webhook_url: 'https://{{ matrix_server_fqn_matrix }}{{ matrix_mx_puppet_twitter_webhook_path }}'
|
||||
|
||||
# "@user:server.com" to allow specific user
|
||||
# "@.*:yourserver.com" to allow users on a specific homeserver
|
||||
# "@.*" to allow anyone
|
||||
matrix_mx_puppet_twitter_provisioning_whitelist:
|
||||
- "@.*:{{ matrix_domain|regex_escape }}"
|
||||
|
||||
# Leave empty to disable blacklist
|
||||
# "@user:server.com" disallow a specific user
|
||||
# "@.*:yourserver.com" disallow users on a specific homeserver
|
||||
matrix_mx_puppet_twitter_provisioning_blacklist: []
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mx_puppet_twitter_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that mx-puppet-twitter.service depends on.
|
||||
matrix_mx_puppet_twitter_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that mx-puppet-twitter.service wants
|
||||
matrix_mx_puppet_twitter_systemd_wanted_services_list: []
|
||||
|
||||
matrix_mx_puppet_twitter_appservice_token: ''
|
||||
matrix_mx_puppet_twitter_homeserver_token: ''
|
||||
|
||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
||||
matrix_mx_puppet_twitter_login_shared_secret: ''
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_mx_puppet_twitter_configuration_extension_yaml`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_mx_puppet_twitter_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||
|
||||
matrix_mx_puppet_twitter_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_mx_puppet_twitter_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_mx_puppet_twitter_configuration_yaml`.
|
||||
|
||||
matrix_mx_puppet_twitter_configuration_extension: "{{ matrix_mx_puppet_twitter_configuration_extension_yaml|from_yaml if matrix_mx_puppet_twitter_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||
|
||||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_mx_puppet_twitter_configuration_yaml`.
|
||||
matrix_mx_puppet_twitter_configuration: "{{ matrix_mx_puppet_twitter_configuration_yaml|from_yaml|combine(matrix_mx_puppet_twitter_configuration_extension, recursive=True) }}"
|
||||
|
||||
# The prefix for user IDs and aliases
|
||||
matrix_mx_puppet_twitter_namespace_prefix: _twitterpuppet_
|
||||
matrix_mx_puppet_twitter_bot_localpart: _twitterpuppet_bot
|
||||
|
||||
matrix_mx_puppet_twitter_registration_yaml: |
|
||||
as_token: "{{ matrix_mx_puppet_twitter_appservice_token }}"
|
||||
hs_token: "{{ matrix_mx_puppet_twitter_homeserver_token }}"
|
||||
id: twitter-puppet
|
||||
namespaces:
|
||||
users:
|
||||
- exclusive: true
|
||||
regex: '@{{ matrix_mx_puppet_twitter_namespace_prefix|regex_escape }}.*:{{ matrix_mx_puppet_twitter_homeserver_domain|regex_escape }}'
|
||||
rooms: []
|
||||
aliases:
|
||||
- exclusive: true
|
||||
regex: '#{{ matrix_mx_puppet_twitter_namespace_prefix|regex_escape }}.*:{{ matrix_mx_puppet_twitter_homeserver_domain|regex_escape }}'
|
||||
protocols: []
|
||||
rate_limited: false
|
||||
sender_localpart: "{{ matrix_mx_puppet_twitter_bot_localpart }}"
|
||||
url: {{ matrix_mx_puppet_twitter_appservice_address }}
|
||||
|
||||
matrix_mx_puppet_twitter_registration: "{{ matrix_mx_puppet_twitter_registration_yaml|from_yaml }}"
|
@ -0,0 +1,70 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mx-puppet-twitter'] }}"
|
||||
when: matrix_mx_puppet_twitter_enabled|bool
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
["--mount type=bind,src={{ matrix_mx_puppet_twitter_config_path }}/registration.yaml,dst=/matrix-mx-puppet-twitter-registration.yaml,ro"]
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["/matrix-mx-puppet-twitter-registration.yaml"] }}
|
||||
when: matrix_mx_puppet_twitter_enabled|bool
|
||||
|
||||
- block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
Trying to append Twitter Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your plabook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-mx-puppet-twitter role.
|
||||
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
||||
|
||||
- name: Generate Matrix MX Puppet Twitter proxying configuration for matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mx_puppet_twitter_webhook_path }} {
|
||||
{% if matrix_nginx_proxy_enabled|default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_mx_puppet_twitter_appservice_address }}";
|
||||
proxy_pass $backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_mx_puppet_twitter_appservice_port }};
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Twitter Appservice proxying configuration with matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
||||
+
|
||||
[matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
when: matrix_mx_puppet_twitter_enabled|bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Matrix Twitter bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mx_puppet_twitter_redirect_path }}`
|
||||
URL endpoint to the matrix-mx-puppet-twitter container.
|
||||
You can expose the container's port using the `matrix_mx_puppet_twitter_container_http_host_bind_port` variable.
|
||||
when: "matrix_mx_puppet_twitter_enabled|bool and matrix_nginx_proxy_enabled is not defined"
|
||||
|
||||
# ansible lower than 2.8, does not support docker_image build parameters
|
||||
# for self buildig it is explicitly needed, so we rather fail here
|
||||
- name: Fail if running on Ansible lower than 2.8 and trying self building
|
||||
fail:
|
||||
msg: "To self build Puppet Twitter image, you should usa ansible 2.8 or higher. E.g. pip contains such packages."
|
||||
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_twitter_container_image_self_build"
|
@ -0,0 +1,21 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_twitter_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-twitter
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_twitter_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-twitter
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup|bool and not matrix_mx_puppet_twitter_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-twitter
|
@ -0,0 +1,93 @@
|
||||
---
|
||||
|
||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||
# We don't want to fail in such cases.
|
||||
- name: Fail if matrix-synapse role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
The matrix-bridge-mx-puppet-twitter role needs to execute before the matrix-synapse role.
|
||||
when: "matrix_synapse_role_executed|default(False)"
|
||||
|
||||
- name: Ensure MX Puppet Twitter image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_twitter_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_mx_puppet_twitter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_twitter_docker_image_force_pull }}"
|
||||
when: matrix_mx_puppet_twitter_enabled|bool and not matrix_mx_puppet_twitter_container_image_self_build
|
||||
|
||||
- name: Ensure MX Puppet Twitter paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mx_puppet_twitter_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_twitter_config_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_twitter_data_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_twitter_docker_src_files_path }}", when: "{{ matrix_mx_puppet_twitter_container_image_self_build }}" }
|
||||
when: matrix_mx_puppet_twitter_enabled|bool and item.when|bool
|
||||
|
||||
- name: Ensure MX Puppet Twitter repository is present on self build
|
||||
git:
|
||||
repo: https://github.com/Sorunome/mx-puppet-twitter.git
|
||||
dest: "{{ matrix_mx_puppet_twitter_docker_src_files_path }}"
|
||||
force: "yes"
|
||||
when: "matrix_mx_puppet_twitter_enabled|bool and matrix_mx_puppet_twitter_container_image_self_build"
|
||||
|
||||
- name: Ensure MX Puppet Twitter Docker image is built
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_twitter_docker_image }}"
|
||||
source: build
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_mx_puppet_twitter_docker_src_files_path }}"
|
||||
pull: yes
|
||||
when: "matrix_mx_puppet_twitter_enabled|bool and matrix_mx_puppet_twitter_container_image_self_build"
|
||||
|
||||
- name: Check if an old database file already exists
|
||||
stat:
|
||||
path: "{{ matrix_mx_puppet_twitter_base_path }}/database.db"
|
||||
register: matrix_mx_puppet_twitter_stat_database
|
||||
|
||||
- name: (Data relocation) Ensure matrix-mx-puppet-twitter.service is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-twitter
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
failed_when: false
|
||||
when: "matrix_mx_puppet_twitter_stat_database.stat.exists"
|
||||
|
||||
- name: (Data relocation) Move mx-puppet-twitter database file to ./data directory
|
||||
command: "mv {{ matrix_mx_puppet_twitter_base_path }}/database.db {{ matrix_mx_puppet_twitter_data_path }}/database.db"
|
||||
when: "matrix_mx_puppet_twitter_stat_database.stat.exists"
|
||||
|
||||
- name: Ensure mx-puppet-twitter config.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_twitter_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_twitter_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mx-puppet-twitter twitter-registration.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_twitter_registration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_twitter_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-twitter.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-mx-puppet-twitter.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-mx-puppet-twitter.service"
|
||||
mode: 0644
|
||||
register: matrix_mx_puppet_twitter_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-twitter.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_twitter_systemd_service_result.changed"
|
@ -0,0 +1,24 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-mx-puppet-twitter service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-twitter.service"
|
||||
register: matrix_mx_puppet_twitter_service_stat
|
||||
|
||||
- name: Ensure matrix-mx-puppet-twitter is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-twitter
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_twitter_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-twitter.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-twitter.service"
|
||||
state: absent
|
||||
when: "matrix_mx_puppet_twitter_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-twitter.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_twitter_service_stat.stat.exists"
|
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mx_puppet_twitter_appservice_token"
|
||||
- "matrix_mx_puppet_twitter_homeserver_token"
|
@ -0,0 +1,92 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
bridge:
|
||||
# Port to host the bridge on
|
||||
# Used for communication between the homeserver and the bridge
|
||||
port: {{ matrix_mx_puppet_twitter_appservice_port }}
|
||||
# The host connections to the bridge's webserver are allowed from
|
||||
bindAddress: 0.0.0.0
|
||||
# Public domain of the homeserver
|
||||
domain: {{ matrix_mx_puppet_twitter_homeserver_domain }}
|
||||
# Reachable URL of the Matrix homeserver
|
||||
homeserverUrl: {{ matrix_mx_puppet_twitter_homeserver_address }}
|
||||
{% if matrix_mx_puppet_twitter_login_shared_secret != '' %}
|
||||
loginSharedSecretMap:
|
||||
{{ matrix_domain }}: {{ matrix_mx_puppet_twitter_login_shared_secret }}
|
||||
{% endif %}
|
||||
|
||||
twitter:
|
||||
consumerKey: "{{ matrix_mx_puppet_twitter_consumer_key }}"
|
||||
consumerSecret: "{{ matrix_mx_puppet_twitter_consumer_secret }}"
|
||||
accessToken: "{{ matrix_mx_puppet_twitter_access_token }}"
|
||||
accessTokenSecret: "{{ matrix_mx_puppet_twitter_access_token_secret }}"
|
||||
environment: "{{ matrix_mx_puppet_twitter_environment }}"
|
||||
server:
|
||||
url: "{{ matrix_mx_puppet_twitter_webhook_url }}"
|
||||
path: "{{ matrix_mx_puppet_twitter_webhook_path }}"
|
||||
|
||||
presence:
|
||||
# Bridge Twitter online/offline status
|
||||
enabled: true
|
||||
# How often to send status to the homeserver in milliseconds
|
||||
interval: 500
|
||||
|
||||
provisioning:
|
||||
# Regex of Matrix IDs allowed to use the puppet bridge
|
||||
whitelist: {{ matrix_mx_puppet_twitter_provisioning_whitelist|to_json }}
|
||||
# Allow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Allow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
# Allow anyone
|
||||
#- ".*"
|
||||
# Regex of Matrix IDs forbidden from using the puppet bridge
|
||||
#blacklist:
|
||||
# Disallow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Disallow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
blacklist: {{ matrix_mx_puppet_twitter_provisioning_blacklist|to_json }}
|
||||
|
||||
# Shared secret for the provisioning API for use by integration managers.
|
||||
# If this is not set, the provisioning API will not be enabled.
|
||||
#sharedSecret: random string
|
||||
# Path prefix for the provisioning API. /v1 will be appended to the prefix automatically.
|
||||
apiPrefix: /_matrix/provision
|
||||
|
||||
database:
|
||||
# Use Postgres as a database backend
|
||||
# If set, will be used instead of SQLite3
|
||||
# Connection string to connect to the Postgres instance
|
||||
# with username "user", password "pass", host "localhost" and database name "dbname".
|
||||
# Modify each value as necessary
|
||||
#connString: "postgres://user:pass@localhost/dbname?sslmode=disable"
|
||||
# Use SQLite3 as a database backend
|
||||
# The name of the database file
|
||||
filename: /data/database.db
|
||||
|
||||
logging:
|
||||
# Log level of console output
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
console: info
|
||||
# Date and time formatting
|
||||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
@ -0,0 +1,44 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix Mx Puppet Twitter server
|
||||
{% for service in matrix_mx_puppet_twitter_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_mx_puppet_twitter_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-twitter \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
{% if matrix_mx_puppet_twitter_container_http_host_bind_port %}
|
||||
-p {{ matrix_mx_puppet_twitter_container_http_host_bind_port }}:{{ matrix_mx_puppet_twitter_appservice_port }} \
|
||||
{% endif %}
|
||||
-e CONFIG_PATH=/config/config.yaml \
|
||||
-e REGISTRATION_PATH=/config/registration.yaml \
|
||||
-v {{ matrix_mx_puppet_twitter_config_path }}:/config:z \
|
||||
-v {{ matrix_mx_puppet_twitter_data_path }}:/data:z \
|
||||
{% for arg in matrix_mx_puppet_twitter_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mx_puppet_twitter_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-twitter
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,122 @@
|
||||
matrix_client_element_enabled: true
|
||||
|
||||
matrix_client_element_container_image_self_build: false
|
||||
|
||||
matrix_client_element_docker_image: "vectorim/riot-web:v1.7.1"
|
||||
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_client_element_data_path: "{{ matrix_base_data_path }}/client-element"
|
||||
matrix_client_element_docker_src_files_path: "{{ matrix_client_element_data_path }}/docker-src"
|
||||
|
||||
# Controls whether the matrix-client-element container exposes its HTTP port (tcp/8080 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8765"), or empty string to not expose.
|
||||
matrix_client_element_container_http_host_bind_port: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_client_element_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-client-element.service depends on
|
||||
matrix_client_element_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# Element config.json customizations
|
||||
matrix_client_element_default_server_name: "{{ matrix_domain }}"
|
||||
matrix_client_element_default_hs_url: ""
|
||||
matrix_client_element_default_is_url: ~
|
||||
matrix_client_element_disable_custom_urls: true
|
||||
matrix_client_element_disable_guests: true
|
||||
matrix_client_element_integrations_ui_url: "https://scalar.vector.im/"
|
||||
matrix_client_element_integrations_rest_url: "https://scalar.vector.im/api"
|
||||
matrix_client_element_integrations_widgets_urls: ["https://scalar.vector.im/api"]
|
||||
matrix_client_element_integrations_jitsi_widget_url: "https://scalar.vector.im/api/widgets/jitsi.html"
|
||||
matrix_client_element_permalinkPrefix: "https://matrix.to"
|
||||
# Element public room directory server(s)
|
||||
matrix_client_element_roomdir_servers: ['matrix.org']
|
||||
matrix_client_element_welcome_user_id: "@riot-bot:matrix.org"
|
||||
# Branding of Element
|
||||
matrix_client_element_brand: "Element"
|
||||
|
||||
# URL to Logo on welcome page
|
||||
matrix_client_element_welcome_logo: "welcome/images/logo.svg"
|
||||
|
||||
# URL of link on welcome image
|
||||
matrix_client_element_welcome_logo_link: "https://element.io"
|
||||
|
||||
matrix_client_element_welcome_headline: "_t('Welcome to Element')"
|
||||
matrix_client_element_welcome_text: "_t('Decentralised, encrypted chat & collaboration powered by [matrix]')"
|
||||
|
||||
# Links, shown in footer of welcome page:
|
||||
# [{"text": "Link text", "url": "https://link.target"}, {"text": "Other link"}]
|
||||
matrix_client_element_branding_authFooterLinks: ~
|
||||
|
||||
# URL to image, shown during Login
|
||||
matrix_client_element_branding_authHeaderLogoUrl: "{{ matrix_client_element_welcome_logo }}"
|
||||
|
||||
# URL to Wallpaper, shown in background of welcome page
|
||||
matrix_client_element_branding_welcomeBackgroundUrl: ~
|
||||
|
||||
# By default, there's no Element homepage (when logged in). If you wish to have one,
|
||||
# point this to a `home.html` template file on your local filesystem.
|
||||
matrix_client_element_embedded_pages_home_path: ~
|
||||
|
||||
matrix_client_element_jitsi_preferredDomain: ''
|
||||
|
||||
# Controls whether the self-check feature should validate SSL certificates.
|
||||
matrix_client_element_self_check_validate_certificates: true
|
||||
|
||||
# don't show the registration button on welcome page
|
||||
matrix_client_element_registration_enabled: false
|
||||
|
||||
# Controls whether presence will be enabled
|
||||
matrix_client_element_enable_presence_by_hs_url: ~
|
||||
|
||||
# Controls whether custom Element themes will be installed.
|
||||
# When enabled, all themes found in the `matrix_client_element_themes_repository_url` repository
|
||||
# will be installed and enabled automatically.
|
||||
matrix_client_element_themes_enabled: false
|
||||
matrix_client_element_themes_repository_url: https://github.com/aaronraimist/element-themes
|
||||
|
||||
# Controls the default theme
|
||||
matrix_client_element_default_theme: 'light'
|
||||
|
||||
# Controls the `settingsDefault.custom_themes` setting of the Element configuration.
|
||||
# You can use this setting to define custom themes.
|
||||
#
|
||||
# Also, look at `matrix_client_element_themes_enabled` for a way to pull in a bunch of custom themes automatically.
|
||||
# If you define your own themes here and set `matrix_client_element_themes_enabled: true`, your themes will be preserved as well.
|
||||
#
|
||||
# Note that for a custom theme to work well, all Element instances that you use must have the same theme installed.
|
||||
matrix_client_element_settingDefaults_custom_themes: []
|
||||
|
||||
# Default Element configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_client_element_configuration_extension_json`)
|
||||
# or completely replace this variable with your own template.
|
||||
#
|
||||
# The side-effect of this lookup is that Ansible would even parse the JSON for us, returning a dict.
|
||||
# This is unlike what it does when looking up YAML template files (no automatic parsing there).
|
||||
matrix_client_element_configuration_default: "{{ lookup('template', 'templates/config.json.j2') }}"
|
||||
|
||||
# Your custom JSON configuration for Element should go to `matrix_client_element_configuration_extension_json`.
|
||||
# This configuration extends the default starting configuration (`matrix_client_element_configuration_default`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_client_element_configuration_default`.
|
||||
#
|
||||
# Example configuration extension follows:
|
||||
#
|
||||
# matrix_client_element_configuration_extension_json: |
|
||||
# {
|
||||
# "disable_3pid_login": true,
|
||||
# "disable_login_language_selector": true
|
||||
# }
|
||||
matrix_client_element_configuration_extension_json: '{}'
|
||||
|
||||
matrix_client_element_configuration_extension: "{{ matrix_client_element_configuration_extension_json|from_json if matrix_client_element_configuration_extension_json|from_json is mapping else {} }}"
|
||||
|
||||
# Holds the final Element configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_client_element_configuration_default`.
|
||||
matrix_client_element_configuration: "{{ matrix_client_element_configuration_default|combine(matrix_client_element_configuration_extension, recursive=True) }}"
|
@ -1,10 +1,10 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-riot-web'] }}"
|
||||
when: matrix_riot_web_enabled|bool
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-client-element'] }}"
|
||||
when: matrix_client_element_enabled|bool
|
||||
|
||||
# ansible lower than 2.8, does not support docker_image build parameters
|
||||
# for self buildig it is explicitly needed, so we rather fail here
|
||||
- name: Fail if running on Ansible lower than 2.8 and trying self building
|
||||
fail:
|
||||
msg: "To self build Riot Web image, you should usa ansible 2.8 or higher. E.g. pip contains such packages."
|
||||
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_riot_web_container_image_self_build"
|
||||
msg: "To self build the Element image, you should usa ansible 2.8 or higher. E.g. pip contains such packages."
|
||||
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_client_element_container_image_self_build"
|
@ -0,0 +1,34 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_client_element_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-client-element
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/prepare_themes.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-client-element
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/migrate_riot_web.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-client-element
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-client-element
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/self_check.yml"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: "run_self_check|bool and matrix_client_element_enabled|bool"
|
||||
tags:
|
||||
- self-check
|
@ -0,0 +1,36 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-riot-web.service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-riot-web.service"
|
||||
register: matrix_client_riot_web_service_stat
|
||||
when: "matrix_client_element_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-riot-web is stopped
|
||||
service:
|
||||
name: matrix-riot-web
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "matrix_client_element_enabled|bool and matrix_client_riot_web_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-riot-web.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-riot-web.service"
|
||||
state: absent
|
||||
when: "matrix_client_element_enabled|bool and matrix_client_riot_web_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-riot-web.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_client_element_enabled|bool and matrix_client_riot_web_service_stat.stat.exists"
|
||||
|
||||
- name: Check existence of /matrix/riot-web
|
||||
stat:
|
||||
path: "/matrix/riot-web"
|
||||
register: matrix_client_riot_web_dir_stat
|
||||
when: "matrix_client_element_enabled|bool"
|
||||
|
||||
- name: Relocate /matrix/riot-web to /matrix/client-element
|
||||
command: "mv /matrix/riot-web /matrix/client-element"
|
||||
when: "matrix_client_element_enabled|bool and matrix_client_riot_web_dir_stat.stat.exists"
|
@ -0,0 +1,48 @@
|
||||
---
|
||||
|
||||
#
|
||||
# Tasks related to setting up Element themes
|
||||
#
|
||||
|
||||
- block:
|
||||
- name: Ensure Element themes repository is pulled
|
||||
git:
|
||||
repo: "{{ matrix_client_element_themes_repository_url }}"
|
||||
dest: "{{ role_path }}/files/scratchpad/themes"
|
||||
|
||||
- name: Find all Element theme files
|
||||
find:
|
||||
paths: "{{ role_path }}/files/scratchpad/themes"
|
||||
patterns: "*.json"
|
||||
recurse: true
|
||||
register: matrix_client_element_theme_file_list
|
||||
|
||||
- name: Read Element theme
|
||||
slurp:
|
||||
path: "{{ item.path }}"
|
||||
register: "matrix_client_element_theme_file_contents"
|
||||
with_items: "{{ matrix_client_element_theme_file_list.files }}"
|
||||
|
||||
- name: Load Element theme
|
||||
set_fact:
|
||||
matrix_client_element_settingDefaults_custom_themes: "{{ matrix_client_element_settingDefaults_custom_themes + [item['content'] | b64decode | from_json] }}"
|
||||
with_items: "{{ matrix_client_element_theme_file_contents.results }}"
|
||||
|
||||
run_once: true
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: matrix_client_element_themes_enabled|bool
|
||||
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of Element themes (if it was previously enabled)
|
||||
#
|
||||
|
||||
- name: Ensure Element themes repository is removed
|
||||
file:
|
||||
path: "{{ role_path }}/files/scratchpad/themes"
|
||||
state: absent
|
||||
run_once: true
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: "not matrix_client_element_themes_enabled|bool"
|
@ -0,0 +1,22 @@
|
||||
---
|
||||
|
||||
- set_fact:
|
||||
matrix_client_element_url_endpoint_public: "https://{{ matrix_server_fqn_element }}/config.json"
|
||||
|
||||
- name: Check Element
|
||||
uri:
|
||||
url: "{{ matrix_client_element_url_endpoint_public }}"
|
||||
follow_redirects: none
|
||||
validate_certs: "{{ matrix_client_element_self_check_validate_certificates }}"
|
||||
register: matrix_client_element_self_check_result
|
||||
check_mode: no
|
||||
ignore_errors: true
|
||||
|
||||
- name: Fail if Element not working
|
||||
fail:
|
||||
msg: "Failed checking Element is up at `{{ matrix_server_fqn_element }}` (checked endpoint: `{{ matrix_client_element_url_endpoint_public }}`). Is Element running? Is port 443 open in your firewall? Full error: {{ matrix_client_element_self_check_result }}"
|
||||
when: "matrix_client_element_self_check_result.failed or 'json' not in matrix_client_element_self_check_result"
|
||||
|
||||
- name: Report working Element
|
||||
debug:
|
||||
msg: "Element at `{{ matrix_server_fqn_element }}` is working (checked endpoint: `{{ matrix_client_element_url_endpoint_public }}`)"
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue