Compare commits
144 Commits
db817dfeee
...
d0d36eb59a
Author | SHA1 | Date |
---|---|---|
josiah | d0d36eb59a | 4 years ago |
josiah | 8d8fd226bb | 4 years ago |
josiah | 2b9596dff9 | 4 years ago |
Slavi Pantaleev | 196eb2da70 | 4 years ago |
Matthias | 95954fda43 | 4 years ago |
Matthias | f005049dbe | 4 years ago |
Slavi Pantaleev | c468aa9e86 | 4 years ago |
Matthias | 038b398d0e | 4 years ago |
Slavi Pantaleev | f404a771cf | 4 years ago |
Slavi Pantaleev | ae002d8ae4 | 4 years ago |
rebru | 8a0d8651d0 | 4 years ago |
Slavi Pantaleev | 3f8e5b4363 | 4 years ago |
Tommy Kelly | d76d91a33e | 4 years ago |
Slavi Pantaleev | 2a50b8b6bb | 4 years ago |
Slavi Pantaleev | 16251355d9 | 4 years ago |
Slavi Pantaleev | e0c1c94fa3 | 4 years ago |
Dan Arnfield | 7a3491a32a | 4 years ago |
TwoTwenty | b106a9592e | 4 years ago |
TwoTwenty | c97e7c5a3e | 4 years ago |
TwoTwenty | 18ba885ca2 | 4 years ago |
Slavi Pantaleev | 31b79553e0 | 4 years ago |
Slavi Pantaleev | 46135fb30c | 4 years ago |
Slavi Pantaleev | 296bd6e211 | 4 years ago |
Slavi Pantaleev | b2ae669566 | 4 years ago |
Slavi Pantaleev | 34eec3bf11 | 4 years ago |
Slavi Pantaleev | 0fe1899d96 | 4 years ago |
Slavi Pantaleev | 6fe477c2fd | 4 years ago |
Slavi Pantaleev | 78b1ef9a5f | 4 years ago |
Slavi Pantaleev | cdd27734dc | 4 years ago |
Rónán Duddy | 46f1137c42 | 4 years ago |
Slavi Pantaleev | 4b38040efd | 4 years ago |
hungrymonkey | d093b9b148 | 4 years ago |
Slavi Pantaleev | c3284d6f03 | 4 years ago |
Slavi Pantaleev | 484fccecdb | 4 years ago |
Slavi Pantaleev | b872053a50 | 4 years ago |
Slavi Pantaleev | 28855d1bb4 | 4 years ago |
Slavi Pantaleev | ab188018f3 | 4 years ago |
Slavi Pantaleev | c6ab1c6a90 | 4 years ago |
Matt Cengia | fede58fe96 | 4 years ago |
Slavi Pantaleev | de0efe96e7 | 4 years ago |
Slavi Pantaleev | 298d277c6c | 4 years ago |
Matt Cengia | b0e984136f | 4 years ago |
Slavi Pantaleev | b3911185ea | 4 years ago |
Dan Arnfield | c47a55d170 | 4 years ago |
Slavi Pantaleev | e980c711f8 | 4 years ago |
aa1874 | 8b44a024e0 | 4 years ago |
Slavi Pantaleev | 820dc6d7fa | 4 years ago |
Slavi Pantaleev | 7c55e94cff | 4 years ago |
Slavi Pantaleev | 4eb87c1dcb | 4 years ago |
benkuly | a1e248e0e1 | 4 years ago |
Slavi Pantaleev | b50cfe8d18 | 4 years ago |
Slavi Pantaleev | 25c5a1071c | 4 years ago |
bertiebaggio | 866d6fc1c9 | 4 years ago |
bertiebaggio | 000b482d18 | 4 years ago |
Julian Strobl | c23a0620f2 | 4 years ago |
Slavi Pantaleev | 200f912c04 | 4 years ago |
Slavi Pantaleev | 0074ca646e | 4 years ago |
shadow | ddfc945fcf | 4 years ago |
Slavi Pantaleev | eff55e4d00 | 4 years ago |
benkuly | 3553d3d513 | 4 years ago |
benkuly | 8e1a418a45 | 4 years ago |
benkuly | bd3223cdd4 | 4 years ago |
benkuly | 226d5a9c64 | 4 years ago |
benkuly | c5f9e02103 | 4 years ago |
Slavi Pantaleev | 928982cffe | 4 years ago |
Slavi Pantaleev | 18ab677a96 | 4 years ago |
Slavi Pantaleev | 227f1a28e3 | 4 years ago |
Slavi Pantaleev | 024d3b84de | 4 years ago |
Panagiotis Vasilopoulos | baed917a13 | 4 years ago |
Slavi Pantaleev | f4412c10c1 | 4 years ago |
Panagiotis Vasilopoulos | 8b19ceb6fc | 4 years ago |
Slavi Pantaleev | ddeefa5f79 | 4 years ago |
shadow | 6293f1bdb0 | 4 years ago |
Slavi Pantaleev | b6b5435746 | 4 years ago |
Slavi Pantaleev | a851a14df0 | 4 years ago |
Slavi Pantaleev | e2a5278d41 | 4 years ago |
dasTholo | eb2766386f | 4 years ago |
Slavi Pantaleev | 56640aeebb | 4 years ago |
Slavi Pantaleev | f7e4281751 | 4 years ago |
Slavi Pantaleev | f758ee90cb | 4 years ago |
Justin Croonenberghs | b2a0830638 | 4 years ago |
Justin Croonenberghs | 35c2655fa4 | 4 years ago |
Justin Croonenberghs | 1f21f0c09a | 4 years ago |
Slavi Pantaleev | b08ee2f2fa | 4 years ago |
Slavi Pantaleev | a8f7ccf3f3 | 4 years ago |
Slavi Pantaleev | 3710e04e10 | 4 years ago |
Slavi Pantaleev | d5eb7eb949 | 4 years ago |
Aaron Raimist | 78382b0ce4 | 4 years ago |
Hugues Morisset | 57f498217a | 4 years ago |
Slavi Pantaleev | 76352bcbd8 | 4 years ago |
Slavi Pantaleev | a2ba6b1b08 | 4 years ago |
Hugues Morisset | eb0df37247 | 4 years ago |
Hugues Morisset | 42e7f5e9bc | 4 years ago |
Slavi Pantaleev | b5bed60e6b | 4 years ago |
Slavi Pantaleev | 270c85ab19 | 4 years ago |
Slavi Pantaleev | 9686a0fc5b | 4 years ago |
Slavi Pantaleev | 744667b270 | 4 years ago |
Slavi Pantaleev | 31f9e7bbea | 4 years ago |
Slavi Pantaleev | 8b59402f79 | 4 years ago |
Slavi Pantaleev | f41c5e89e5 | 4 years ago |
Tulir Asokan | 5b960bcfb5 | 4 years ago |
Tulir Asokan | 13186a1ddc | 4 years ago |
Slavi Pantaleev | de545f9c5f | 4 years ago |
Slavi Pantaleev | 635f385971 | 4 years ago |
Slavi Pantaleev | f30d5e0950 | 4 years ago |
Slavi Pantaleev | e181049baf | 4 years ago |
teutat3s | 784cb3e325 | 4 years ago |
teutat3s | 0162fe31d1 | 4 years ago |
teutat3s | 4cf59098ad | 4 years ago |
jdreichmann | ad05c7f758 | 4 years ago |
jdreichmann | 2073cd6cae | 4 years ago |
Slavi Pantaleev | a2464a365d | 4 years ago |
Slavi Pantaleev | 19b9a1b16c | 4 years ago |
Pablo | f7ea5705f1 | 4 years ago |
pcorace | eab32691d5 | 4 years ago |
jdreichmann | 0fea35cdd2 | 4 years ago |
Slavi Pantaleev | 4543f026a4 | 4 years ago |
Slavi Pantaleev | a081979d39 | 4 years ago |
Julian Foad | 671cd51797 | 4 years ago |
Pablo | 69570de8a9 | 4 years ago |
Slavi Pantaleev | 224c21878e | 4 years ago |
Slavi Pantaleev | 7a38876594 | 4 years ago |
Slavi Pantaleev | 25290f780c | 4 years ago |
Justin Croonenberghs | 3527200ac4 | 4 years ago |
Slavi Pantaleev | 5c5f1c6ab9 | 4 years ago |
Slavi Pantaleev | d44541ff6e | 4 years ago |
Slavi Pantaleev | 3452347648 | 4 years ago |
Pablo | c341608480 | 4 years ago |
Slavi Pantaleev | d2a0ec6aa9 | 4 years ago |
Slavi Pantaleev | 105b3524bb | 4 years ago |
Slavi Pantaleev | 10bc85962e | 4 years ago |
Slavi Pantaleev | 7729511a84 | 4 years ago |
Slavi Pantaleev | 67ab7e7a1b | 4 years ago |
Slavi Pantaleev | 967b06e932 | 4 years ago |
benkuly | d49ee51035 | 4 years ago |
benkuly | a0661a6012 | 4 years ago |
benkuly | e44cc9e2a1 | 4 years ago |
benkuly | 11e53c4fbc | 4 years ago |
benkuly | 99639d7d7a | 4 years ago |
Slavi Pantaleev | 6538ae34f5 | 4 years ago |
Slavi Pantaleev | 8275739926 | 4 years ago |
Hugues Morisset | d4938333e6 | 4 years ago |
benkuly | 1937398342 | 4 years ago |
benkuly | 77fd23149b | 4 years ago |
@ -0,0 +1,23 @@
|
||||
(Adapted from the [upstream project](https://github.com/matrix-org/synapse/blob/develop/docs/CAPTCHA_SETUP.md))
|
||||
|
||||
# Overview
|
||||
Captcha can be enabled for this home server. This file explains how to do that.
|
||||
The captcha mechanism used is Google's [ReCaptcha](https://www.google.com/recaptcha/). This requires API keys from Google.
|
||||
|
||||
## Getting keys
|
||||
|
||||
Requires a site/secret key pair from:
|
||||
|
||||
<http://www.google.com/recaptcha/admin>
|
||||
|
||||
Must be a reCAPTCHA **v2** key using the "I'm not a robot" Checkbox option
|
||||
|
||||
## Setting ReCaptcha Keys
|
||||
|
||||
Once registered as above, set the following values:
|
||||
|
||||
```yaml
|
||||
matrix_synapse_enable_registration_captcha: true
|
||||
matrix_synapse_recaptcha_public_key: 'YOUR_SITE_KEY'
|
||||
matrix_synapse_recaptcha_private_key: 'YOUR_SECRET_KEY'
|
||||
```
|
@ -0,0 +1,59 @@
|
||||
# Setting up matrix-reminder-bot (optional)
|
||||
|
||||
The playbook can install and configure [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) for you.
|
||||
|
||||
It's a bot you can use to **schedule one-off & recurring reminders and alarms**.
|
||||
|
||||
See the project's [documentation](https://github.com/anoadragon453/matrix-reminder-bot#usage) to learn what it does and why it might be useful to you.
|
||||
|
||||
|
||||
## Registering the bot user
|
||||
|
||||
By default, the playbook will set up the bot with a username like this: `@bot.matrix-reminder-bot:DOMAIN`.
|
||||
|
||||
(to use a different username, adjust the `matrix_bot_matrix_reminder_bot_matrix_user_id_localpart` variable).
|
||||
|
||||
You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md):
|
||||
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.matrix-reminder-bot password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user
|
||||
```
|
||||
|
||||
Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`.
|
||||
|
||||
|
||||
## Adjusting the playbook configuration
|
||||
|
||||
Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:
|
||||
|
||||
```yaml
|
||||
matrix_bot_matrix_reminder_bot_enabled: true
|
||||
|
||||
# Adjust this to whatever password you chose when registering the bot user
|
||||
matrix_bot_matrix_reminder_bot_matrix_user_password: PASSWORD_FOR_THE_BOT
|
||||
|
||||
# Adjust this to your timezone
|
||||
matrix_bot_matrix_reminder_bot_reminders_timezone: Europe/London
|
||||
```
|
||||
|
||||
|
||||
## Installing
|
||||
|
||||
After configuring the playbook, run the [installation](installing.md) command again:
|
||||
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
To use the bot, start a chat with `@bot.matrix-reminder-bot:DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain).
|
||||
|
||||
You can also add the bot to any existing Matrix room (`/invite @bot.matrix-reminder-bot:DOMAIN`).
|
||||
|
||||
Basic usage is like this: `!remindme in 2 minutes; This is a test`
|
||||
|
||||
Send `!help commands` to the room to see the bot's help menu for additional commands.
|
||||
|
||||
You can also refer to the upstream [Usage documentation](https://github.com/anoadragon453/matrix-reminder-bot#usage).
|
@ -0,0 +1,36 @@
|
||||
# Setting up MX Puppet Discord (optional)
|
||||
|
||||
**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridge supported by the playbook.
|
||||
|
||||
The playbook can install and configure
|
||||
[mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) for you.
|
||||
|
||||
See the project page to learn what it does and why it might be useful to you.
|
||||
|
||||
To enable the [Discord](https://discordapp.com/) bridge just use the following
|
||||
playbook configuration:
|
||||
|
||||
|
||||
```yaml
|
||||
matrix_mx_puppet_discord_enabled: true
|
||||
matrix_mx_puppet_discord_client_id: ""
|
||||
matrix_mx_puppet_discord_client_secret: ""
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
Once the bot is enabled you need to start a chat with `Discord Puppet Bridge` with
|
||||
the handle `@_discordpuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base
|
||||
domain, not the `matrix.` domain).
|
||||
|
||||
Three authentication methods are available, Legacy Token, OAuth and xoxc token.
|
||||
See mx-puppet-discord [documentation](https://github.com/matrix-discord/mx-puppet-discord)
|
||||
for more information about how to configure the bridge.
|
||||
|
||||
Once logged in, send `list` to the bot user to list the available rooms.
|
||||
|
||||
Clicking rooms in the list will result in you receiving an invitation to the
|
||||
bridged room.
|
||||
|
||||
Also send `help` to the bot to see the commands available.
|
@ -0,0 +1,36 @@
|
||||
# Setting up mx-puppet-instagram (optional)
|
||||
|
||||
The playbook can install and configure
|
||||
[mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) for you.
|
||||
|
||||
This allows you to bridge Instagram DirectMessages into Matrix.
|
||||
|
||||
To enable the [Instagram](https://www.instagram.com/) bridge just use the following
|
||||
playbook configuration:
|
||||
|
||||
|
||||
```yaml
|
||||
matrix_mx_puppet_instagram_enabled: true
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
Once the bot is enabled, you need to start a chat with `Instagram Puppet Bridge` with
|
||||
the handle `@_instagrampuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base
|
||||
domain, not the `matrix.` domain).
|
||||
|
||||
Send `link <username> <password>` to the bridge bot to link your instagram account.
|
||||
|
||||
The `list` commands shows which accounts are linked and which `puppetId` is associated.
|
||||
|
||||
For double-puppeting, you probably want to issue these commands:
|
||||
|
||||
- `settype $puppetId puppet` to enable puppeting for the link (instead of relaying)
|
||||
- `setautoinvite $puppetId 1` to automatically invite you to chats
|
||||
- `setmatrixtoken $accessToken` to set the access token to enable puppeting from the other side (the "double" in double puppeting)
|
||||
|
||||
If you are linking only one Instagram account, your `$puppetId` is probably 1, but use the `list` command find out.
|
||||
|
||||
The `help` command shows which commands are available, though at the time of writing, not every command is fully implemented.
|
||||
|
@ -0,0 +1,34 @@
|
||||
# Setting up MX Puppet Steam (optional)
|
||||
|
||||
The playbook can install and configure
|
||||
[mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) for you.
|
||||
|
||||
See the project page to learn what it does and why it might be useful to you.
|
||||
|
||||
To enable the [Steam](https://steampowered.com/) bridge just use the following
|
||||
playbook configuration:
|
||||
|
||||
|
||||
```yaml
|
||||
matrix_mx_puppet_steam_enabled: true
|
||||
matrix_mx_puppet_steam_client_id: ""
|
||||
matrix_mx_puppet_steam_client_secret: ""
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
Once the bot is enabled you need to start a chat with `Steam Puppet Bridge` with
|
||||
the handle `@_steampuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base
|
||||
domain, not the `matrix.` domain).
|
||||
|
||||
Three authentication methods are available, Legacy Token, OAuth and xoxc token.
|
||||
See mx-puppet-steam [documentation](https://github.com/icewind1991/mx-puppet-steam)
|
||||
for more information about how to configure the bridge.
|
||||
|
||||
Once logged in, send `list` to the bot user to list the available rooms.
|
||||
|
||||
Clicking rooms in the list will result in you receiving an invitation to the
|
||||
bridged room.
|
||||
|
||||
Also send `help` to the bot to see the commands available.
|
@ -0,0 +1,34 @@
|
||||
# Setting up MX Puppet Twitter (optional)
|
||||
|
||||
The playbook can install and configure
|
||||
[mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) for you.
|
||||
|
||||
See the project page to learn what it does and why it might be useful to you.
|
||||
|
||||
To enable the [Twitter](https://twitter.com) bridge, make an app on [developer.twitter.com](https://developer.twitter.com/en/apps)
|
||||
and fill out the following playbook configuration.
|
||||
|
||||
```yaml
|
||||
matrix_mx_puppet_twitter_enabled: true
|
||||
matrix_mx_puppet_twitter_consumer_key: ''
|
||||
matrix_mx_puppet_twitter_consumer_secret: ''
|
||||
matrix_mx_puppet_twitter_access_token: ''
|
||||
matrix_mx_puppet_twitter_access_token_secret: ''
|
||||
matrix_mx_puppet_twitter_environment: ''
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
Once the bot is enabled you need to start a chat with `Twitter Puppet Bridge` with
|
||||
the handle `@_twitterpuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base
|
||||
domain, not the `matrix.` domain).
|
||||
|
||||
To log in, use `link` and click the link.
|
||||
|
||||
Once logged in, send `list` to the bot user to list the available rooms.
|
||||
|
||||
Clicking rooms in the list will result in you receiving an invitation to the
|
||||
bridged room.
|
||||
|
||||
Also send `help` to the bot to see the commands available.
|
@ -0,0 +1,41 @@
|
||||
# Configuring Element (optional)
|
||||
|
||||
By default, this playbook installs the [Element](https://github.com/vector-im/riot-web) Matrix client web application.
|
||||
If that's okay, you can skip this document.
|
||||
|
||||
|
||||
## Disabling Element
|
||||
|
||||
If you'd like for the playbook to not install (or to uninstall the previously installed Element), you can disable it in your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`):
|
||||
|
||||
```yaml
|
||||
matrix_client_element_enabled: false
|
||||
```
|
||||
|
||||
|
||||
## Configuring Element settings
|
||||
|
||||
The playbook provides some customization variables you could use to change Element's settings.
|
||||
|
||||
Their defaults are defined in [`roles/matrix-client-element/defaults/main.yml`](../roles/matrix-client-element/defaults/main.yml) and they ultimately end up in the generated `/matrix/element/config.json` file (on the server). This file is generated from the [`roles/matrix-client-element/templates/config.json.j2`](../roles/matrix-client-element/templates/config.json.j2) template.
|
||||
|
||||
**If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`) and [re-run the playbook](installing.md) to apply the changes.
|
||||
|
||||
Alternatively, **if there is no pre-defined variable** for an Element setting you wish to change:
|
||||
|
||||
- you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of Element's various settings that rarely get used.
|
||||
|
||||
- or, you can **extend and override the default configuration** ([`config.json.j2`](../roles/matrix-client-element/templates/config.json.j2)) by making use of the `matrix_client_element_configuration_extension_json_` variable. You can find information about this in [`roles/matrix-client-element/defaults/main.yml`](../roles/matrix-client-element/defaults/main.yml).
|
||||
|
||||
- or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_client_element_configuration_default` (or `matrix_client_element_configuration`). You can find information about this in [`roles/matrix-client-element/defaults/main.yml`](../roles/matrix-client-element/defaults/main.yml).
|
||||
|
||||
|
||||
## Themes
|
||||
|
||||
To change the look of Element, you can define your own themes manually by using the `matrix_client_element__settingDefaults_custom_themes` setting.
|
||||
|
||||
Or better yet, you can automatically pull it all themes provided by the [aaronraimist/element-themes](https://github.com/aaronraimist/element-themes) project by simply flipping a flag (`matrix_client_element_themes_enabled: true`).
|
||||
|
||||
If you make your own theme, we encourage you to submit it to the **aaronraimist/element-themes** project, so that the whole community could easily enjoy it.
|
||||
|
||||
Note that for a custom theme to work well, all Element instances that you use must have the same theme installed.
|
@ -1,40 +1,39 @@
|
||||
# Configuring Riot-web (optional)
|
||||
|
||||
By default, this playbook installs the [Riot-web](https://github.com/vector-im/riot-web) Matrix client web application.
|
||||
If that's okay, you can skip this document.
|
||||
By default, this playbook **used to install** the [Riot-web](https://github.com/vector-im/riot-web) Matrix client web application.
|
||||
|
||||
Riot has since been [renamed to Element](https://element.io/blog/welcome-to-element/).
|
||||
|
||||
## Disabling riot-web
|
||||
- to learn more about Element and its configuration, see our dedicated [Configuring Element](configuring-playbook-client-element.md) documentation page
|
||||
- to learn how to migrate from Riot to Element, see [Migrating to Element](#migrating-to-element) below
|
||||
|
||||
If you'd like for the playbook to not install (or to uninstall the previously installed riot-web), you can disable it in your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`):
|
||||
|
||||
```yaml
|
||||
matrix_riot_web_enabled: false
|
||||
```
|
||||
## Migrating to Element
|
||||
|
||||
## Configuring riot-web settings
|
||||
### Migrating your custom settings
|
||||
|
||||
The playbook provides some customization variables you could use to change riot-web's settings.
|
||||
If you have custom `matrix_riot_web_` variables in your `inventory/host_vars/matrix.DOMAIN/vars.yml` file, you'll need to rename them (`matrix_riot_web_` -> `matrix_client_element_`).
|
||||
|
||||
Their defaults are defined in [`roles/matrix-riot-web/defaults/main.yml`](../roles/matrix-riot-web/defaults/main.yml) and they ultimately end up in the generated `/matrix/riot-web/config.json` file (on the server). This file is generated from the [`roles/matrix-riot-web/templates/config.json.j2`](../roles/matrix-riot-web/templates/config.json.j2) template.
|
||||
Some other playbook variables (but not all) with `riot` in their name are also renamed. The playbook checks and warns if you are using the old name for some commonly used ones.
|
||||
|
||||
**If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`) and [re-run the playbook](installing.md) to apply the changes.
|
||||
|
||||
Alternatively, **if there is no pre-defined variable** for a riot-web setting you wish to change:
|
||||
### Domain migration
|
||||
|
||||
- you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of riot-web's various settings that rarely get used.
|
||||
We used to set up Riot at the `riot.DOMAIN` domain. The playbook now sets up Element at `element.DOMAIN` by default.
|
||||
|
||||
- or, you can **extend and override the default configuration** ([`config.json.j2`](../roles/matrix-riot-web/templates/config.json.j2)) by making use of the `matrix_riot_web_configuration_extension_json_` variable. You can find information about this in [`roles/matrix-riot-web/defaults/main.yml`](../roles/matrix-riot-web/defaults/main.yml).
|
||||
There are a few options for handling this:
|
||||
|
||||
- or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_riot_web_configuration_default` (or `matrix_riot_web_configuration`). You can find information about this in [`roles/matrix-riot-web/defaults/main.yml`](../roles/matrix-riot-web/defaults/main.yml).
|
||||
- (**avoiding changes** - using the old `riot.DOMAIN` domain and avoiding DNS changes) -- to keep using `riot.DOMAIN` instead of `element.DOMAIN`, override the domain at which the playbook serves Element: `matrix_server_fqn_element: "riot.{{ matrix_domain }}"`
|
||||
|
||||
- (**embracing changes** - using only `element.DOMAIN`) - set up the `element.DOMAIN` DNS record (see [Configuring DNS](configuring-dns.md)). You can drop the `riot.DOMAIN` in this case. If so, you may also wish to remove old SSL certificates (`rm -rf /matrix/ssl/config/live/riot.DOMAIN`) and renewal configuration (`rm -f /matrix/ssl/config/renewal/riot.DOMAIN.conf`), so that `certbot` would stop trying to renew them.
|
||||
|
||||
## Themes
|
||||
- (**embracing changes and transitioning smoothly** - using both `element.DOMAIN` and `riot.DOMAIN`) - to serve Element at the new domain (`element.DOMAIN`) and to also have `riot.DOMAIN` redirect there - set up the `element.DOMAIN` DNS record (see [Configuring DNS](configuring-dns.md)) and enable Riot to Element redirection (`matrix_nginx_proxy_proxy_riot_compat_redirect_enabled: true`).
|
||||
|
||||
To change the look of riot-web, you can define your own themes manually by using the `matrix_riot_web_settingDefaults_custom_themes` setting.
|
||||
|
||||
Or better yet, you can automatically pull it all themes provided by the [aaronraimist/riot-web-themes](https://github.com/aaronraimist/riot-web-themes) project by simply flipping a flag (`matrix_riot_web_themes_enabled: true`).
|
||||
### Re-running the playbook
|
||||
|
||||
If you make your own theme, we encourage you to submit it to the **aaronraimist/riot-web-themes** project, so that the whole community could easily enjoy it.
|
||||
As always, after making the necessary DNS and configuration adjustments, re-run the playbook to apply the changes:
|
||||
|
||||
Note that for a custom theme to work well, all riot-web/riot-desktop instances that you use must have the same theme installed.
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
|
||||
```
|
||||
|
@ -0,0 +1,62 @@
|
||||
# Setting up Synapse Admin (optional)
|
||||
|
||||
The playbook can install and configure [synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) for you.
|
||||
|
||||
It's a web UI tool you can use to **administrate users and rooms on your Matrix server**.
|
||||
|
||||
See the project's [documentation](https://github.com/Awesome-Technologies/synapse-admin) to learn what it does and why it might be useful to you.
|
||||
|
||||
|
||||
## Adjusting the playbook configuration
|
||||
|
||||
Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:
|
||||
|
||||
```yaml
|
||||
matrix_synapse_admin_enabled: true
|
||||
```
|
||||
|
||||
|
||||
## Installing
|
||||
|
||||
After configuring the playbook, run the [installation](installing.md) command again:
|
||||
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
After installation, Synapse Admin will be accessible at: `https://matrix.DOMAIN/synapse-admin/`
|
||||
|
||||
To use Synapse Admin, you need to have [registered at least one administrator account](registering-users.md) on your server.
|
||||
|
||||
The Homeserver URL to use on Synapse Admin's login page is: `https://matrix.DOMAIN`
|
||||
|
||||
### Sample configuration for running behind Traefik 2.0
|
||||
|
||||
Below is a sample configuration for using this playbook with a [Traefik](https://traefik.io/) 2.0 reverse proxy.
|
||||
|
||||
This an extension to Traefik config sample in [own-webserver-documentation](./configuring-playbook-own-webserver.md).
|
||||
|
||||
```yaml
|
||||
# Don't bind any HTTP or federation port to the host
|
||||
# (Traefik will proxy directly into the containers)
|
||||
matrix_synapse_admin_container_http_host_bind_port: ""
|
||||
|
||||
matrix_synapse_admin_container_extra_arguments:
|
||||
# May be unnecessary depending on Traefik config, but can't hurt
|
||||
- '--label "traefik.enable=true"'
|
||||
|
||||
# The Synapse Admin container will only receive traffic from this subdomain and path
|
||||
- '--label "traefik.http.routers.matrix-synapse-admin.rule=(Host(`{{ matrix_server_fqn_matrix }}`) && Path(`{{matrix_synapse_admin_public_endpoint}}`))"'
|
||||
|
||||
# (Define your entrypoint)
|
||||
- '--label "traefik.http.routers.matrix-synapse-admin.entrypoints=web-secure"'
|
||||
|
||||
# (The 'default' certificate resolver must be defined in Traefik config)
|
||||
- '--label "traefik.http.routers.matrix-synapse-admin.tls.certResolver=default"'
|
||||
|
||||
# The Synapse Admin container uses port 80 by default
|
||||
- '--label "traefik.http.services.matrix-synapse-admin.loadbalancer.server.port=80"'
|
||||
```
|
@ -0,0 +1,8 @@
|
||||
https://element.DOMAIN {
|
||||
# These might differ if you are supplying your own certificates
|
||||
tls /matrix/ssl/config/live/element.DOMAIN/fullchain.pem /matrix/ssl/config/live/element.DOMAIN/privkey.pem
|
||||
|
||||
proxy / http://127.0.0.1:8765 {
|
||||
transparent
|
||||
}
|
||||
}
|
@ -1,8 +0,0 @@
|
||||
https://riot.DOMAIN {
|
||||
# These might differ if you are supplying your own certificates
|
||||
tls /matrix/ssl/config/live/riot.DOMAIN/fullchain.pem /matrix/ssl/config/live/riot.DOMAIN/privkey.pem
|
||||
|
||||
proxy / http://127.0.0.1:8765 {
|
||||
transparent
|
||||
}
|
||||
}
|
@ -1,19 +1,21 @@
|
||||
MATRIX_SSL_LETS_ENCRYPT_SUPPORT_EMAIL: "{{ VAULT_MATRIX_SSL_LETS_ENCRYPT_SUPPORT_EMAIL }}"
|
||||
MATRIX_DOMAIN: "{{ VAULT_MATRIX_DOMAIN }}"
|
||||
matrix_ssl_lets_encrypt_support_email: "{{ VAULT_MATRIX_SSL_LETS_ENCRYPT_SUPPORT_EMAIL }}"
|
||||
matrix_domain: "{{ VAULT_MATRIX_DOMAIN }}"
|
||||
ansible_become_pass: "{{ vault_ansible_become_pass }}"
|
||||
|
||||
MATRIX_COTURN_TURN_STATIC_AUTH_SECRET: "{{ VAULT_MATRIX_COTURN_TURN_STATIC_AUTH_SECRET }}"
|
||||
|
||||
matrix_coturn_turn_static_auth_secret: "{{ VAULT_MATRIX_COTURN_TURN_STATIC_AUTH_SECRET }}"
|
||||
|
||||
# A secret used to protect access keys issued by the server.
|
||||
# You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`).
|
||||
MATRIX_SYNAPSE_MACAROON_SECRET_KEY: "{{ VAULT_MATRIX_SYNAPSE_MACAROON_SECRET_KEY }}"
|
||||
matrix_synapse_macaroon_secret_key: "{{ VAULT_MATRIX_SYNAPSE_MACAROON_SECRET_KEY }}"
|
||||
|
||||
# added by jlj -- 11/25/19
|
||||
# configures the slack bridge.
|
||||
MATRIX_APPSERVICE_SLACK_CONTROL_ROOM_ID: "{{ VAULT_MATRIX_APPSERVICE_SLACK_CONTROL_ROOM_ID }}"
|
||||
matrix_appservice_slack_control_room_id: "{{ VAULT_MATRIX_APPSERVICE_SLACK_CONTROL_ROOM_ID }}"
|
||||
|
||||
# added by jlj -- jitsi bullshit.
|
||||
MATRIX_JITSI_JICOFO_COMPONENT_SECRET: "{{ VAULT_MATRIX_JITSI_JICOFO_COMPONENT_SECRET }}"
|
||||
MATRIX_JITSI_JICOFO_AUTH_PASSWORD: "{{ VAULT_MATRIX_JITSI_JICOFO_AUTH_PASSWORD }}"
|
||||
MATRIX_JITSI_JVB_AUTH_PASSWORD: "{{ VAULT_MATRIX_JITSI_JVB_AUTH_PASSWORD }}"
|
||||
MATRIX_JITSI_JIBRI_RECORDER_PASSWORD: "{{ VAULT_MATRIX_JITSI_JIBRI_RECORDER_PASSWORD }}"
|
||||
MATRIX_JITSI_JIBRI_XMPP_PASSWORD: "{{ VAULT_MATRIX_JITSI_JIBRI_XMPP_PASSWORD }}"
|
||||
matrix_jitsi_jicofo_component_secret: "{{ VAULT_MATRIX_JITSI_JICOFO_COMPONENT_SECRET }}"
|
||||
matrix_jitsi_jicofo_auth_password: "{{ VAULT_MATRIX_JITSI_JICOFO_AUTH_PASSWORD }}"
|
||||
matrix_jitsi_jvb_auth_password: "{{ VAULT_MATRIX_JITSI_JVB_AUTH_PASSWORD }}"
|
||||
matrix_jitsi_jibri_recorder_password: "{{ VAULT_MATRIX_JITSI_JIBRI_RECORDER_PASSWORD }}"
|
||||
matrix_jitsi_jibri_xmpp_password: "{{ VAULT_MATRIX_JITSI_JIBRI_XMPP_PASSWORD }}"
|
||||
|
@ -1,90 +1,90 @@
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
36383535376263326335393237336431623932316364663334396537633238663930663931313032
|
||||
6463663732303730333234633030613166336462363037350a623262376234626632666231373462
|
||||
61636534343838386636646632356464323235656165343364356566636437383737396539383334
|
||||
3637376633343362390a393330643466386137613931336161646431663639623762363764646163
|
||||
30653561303338613262363961633133393536663330393339393365366433633533636533616661
|
||||
61396135303334343664343933373433373561663130333633323737323339653130306461363062
|
||||
36376264636430613862356263626430613036616162353462613063396133663162363633323938
|
||||
37613563343934636563626235373239383761323133353333663761633161396231616436366433
|
||||
32373137383937353238333566336231633562646235333531363236613663326139353664666262
|
||||
32303364626132386230656562396633396166316132666664313066306339383133313265613539
|
||||
36623634616134336463346638326364396531376361656465643330316562633036373330666261
|
||||
34666162623133313961653231643662326365306363343635343335346662633862303830623964
|
||||
30303238633563653837336335313935623738316436376431346434333136636263303934623931
|
||||
33373333386232663566393331316330613336626334636233383064613031643061643061343931
|
||||
37346539373539376563663533653366326566633739316434616366353063656536363566613965
|
||||
33326630383031373238336632316164646332393131373761323937393934343434323131613433
|
||||
65633035396464313763663136646637313539356631383135316264366135376338373033666531
|
||||
39396633363635363331306232383761303763323336346537656165336238353965393361633463
|
||||
31303130396362613564366562623366316563663738333566663366356530393834353137666264
|
||||
30666334363336636331373963353162336535343563386664333636303537663061386365353639
|
||||
33653261623362346266633236653633383133626663346666643234333561323235396637346432
|
||||
65363837383164346461313838663562343833643935306334623035623461323263656537373837
|
||||
66386466643564656438323736303239393638323030633431366163626166323534313763656262
|
||||
35323038366337353064323264356136373635633565643461306338346664323365663265373262
|
||||
32373730623837366661656337306631343738346330383536396636653264623963383038313862
|
||||
35386666303031363863376331313235366638643730613932326235613030613539303035323561
|
||||
65653061613037306363393033393061396166333161346262653264383438636463386230633638
|
||||
33643930393265323531373931373339303335663730386339313534383837633864643632343633
|
||||
37333863643831383734313835653133333531663435653764376637326135623937663536613463
|
||||
64383966336664376432643430636561663862336364633064373363636435646661396361653066
|
||||
39643435326366646463333561666439386462636437346261613166666537383039666632613734
|
||||
61306666633830356634623765303363346165333937643932373236633664336339333339326531
|
||||
32643639313539616639313266373837663136363937636464353862326161373532633764616338
|
||||
30363863313964323532316264633334653335663734363430643938363662396536643733366462
|
||||
31623933663637343537373364346666326365653737393037353662366137336631613136613732
|
||||
37646666396233336466646331353566616139656130626634393035306230323738373333396234
|
||||
66316330323131636461336262643161336263623965303438373433383462316238316430376330
|
||||
32343636363036373663376535343664373333396637393936376337656663333433666330386635
|
||||
65396339323762333234636562656438326135333531636465336635386539393138613664646339
|
||||
65316637393436303938373333313964633635626533316665376439323539663966396135353933
|
||||
31643539343031373738643535326362653431613038346538353965356636323737633830346166
|
||||
32353664393730376533343837386530613965346363653035653666663930313930623432363461
|
||||
64666132353037653838303138313739613530366238386539633662386633323134366539386634
|
||||
34383366393066323633633466666238613563653939333932613231663037303637616461633764
|
||||
66666133306266646330643034376132373362656262346462336236613066333535633234366333
|
||||
36613261356137633634306231633161383262613364373335396631353233636634333937313066
|
||||
34366535653438356530323662643935343562336139316439303136366163393432633935366262
|
||||
35636233623062646637376636393933303564643231336530376438393539633863643836643166
|
||||
33313933383833663333643763623833323133616635633762623631303936653161376637343339
|
||||
63323532613063646130613463366531646165333166386166643038303064383265613961366131
|
||||
37386330313135376264633233386164393436643062343064623237656335323131626661393865
|
||||
63396463336130333735303663386337613565323432643561383033393461326236313236303765
|
||||
36316138383236633765333130306638316633613333366130636637386138363939393665376262
|
||||
62333530643263393961376639366166376566313265663731303861653563306265383330633965
|
||||
32326434353966356536393963336437666330613639346138343465626162363466313261323362
|
||||
34306438303764333636643438313136633937633332636234376161303666633465303337393131
|
||||
31326661613030633365333034343339303036386431383231313266383362303439633031323839
|
||||
38326263376238663766383964666339356363343239333930663137666234356264333638626236
|
||||
36353839663637366237643330646537653566323931376264623533396333616239303837326266
|
||||
64336533303964343038396337383865313232373563303464636466346464346236383464363766
|
||||
36306237366532633338643361633231633933656266383838666434353632383930613030393734
|
||||
64393330623662643365656335313265656364303230383334366663643465323131356466333162
|
||||
63643635373530333939613363396434343465643466306166643766373932656361663636633762
|
||||
36623866396564326431323038373465656231313333343632623466303264666437623235333961
|
||||
32386139663435663331396165386234656332313239373536316163393965336662646538373662
|
||||
34373961333335373138373237643965383436313362303136396431616530616531376365636232
|
||||
34396433396231313261393362303038336362366530376633343133643834323461366234386434
|
||||
34326231363630346561313838633566616434663366373133613736653335363233663863366539
|
||||
66623565346662393035333332306330613638306134653037363232363532653233343861313065
|
||||
31363438366562303663336238363463653034363639323362346663613831623739663331666533
|
||||
38663639383835333531626436326161626538356435613265316131373839656365653530383264
|
||||
34663064336266623536636562383264316361616630653035616438373134386234663261363730
|
||||
66616265363837666431653131376161386433393335396330613563303439643865336135643762
|
||||
31316235303065356165343864353266383066393536376435346435653637336535373838613064
|
||||
66336132663362386162666636636330633466366634333437393430663063326163333930643033
|
||||
30323732366639313733373861663761656235636430386237303761333134333637626462626261
|
||||
32396435636335666466393166353731386662363965653062616436303236336334343732313830
|
||||
36303461353330663334353631323735633337336237373838353731653036643336323464333738
|
||||
64383533303466623336363130333234613335663138353839316235643666386636346338663831
|
||||
38613932383261383061393539373663643064373664363537666363323037313934323133383564
|
||||
30383939323931346261646334343765353362323665386365643339346538393461323830613466
|
||||
65626463353134653662323038343432333039653439613930323562646238386232656635613462
|
||||
30376136633264623837386338386438636231373061666638323765666631326638653066646338
|
||||
65633461383635646664346364396137653338386434363439356638633365386638633131666163
|
||||
30326330623939323434373834663362623363663139623030323466316564343966343837643863
|
||||
31306535656535653334303635393134313365356263336663363762636431326336383462333465
|
||||
34653737326537663065656534633633656138623234366430666436626465343363383832626438
|
||||
37636539383839396237303461666635316136306464636436313163316135343266623037376534
|
||||
61643834306238316638393662343135646636633330363231306562366238336232
|
||||
36316432363035626131363938623166613466366464653166333035343562356337643064343434
|
||||
6165656131633264353130356530636166663231303737330a623231653338353730316232666361
|
||||
35613534633338626239396664356562623632646235383666663366396265643937386163383663
|
||||
6637316239303030630a343533616539386436393539333164623034333532336531376665623964
|
||||
34346266393636373438343735383561363432323364623339393766373162643231323333386535
|
||||
30333433323631316361396339303936396466346639623034666331373832616163666263353336
|
||||
63633131663066383362336330323039356566663237646132333937323238363239633565346230
|
||||
39326339363831636536633635373164643536346237656538636265616332303338643666626362
|
||||
31326631373337316639633561396430626366386439616331346662643730363135646561313936
|
||||
65333835633039313665323763316662353633353431333434653232363330363532303235613634
|
||||
62636163633535363630366238663162346438363163623635323230333365313431623831306637
|
||||
63663235383466663938656361636161353465616362343632346636346230383335373931613065
|
||||
36666230343138363962663566663030636239663536376562346138313966376331363336663364
|
||||
61626238326336306637653865353532636233653464366438626563316231313438353634376235
|
||||
35656631333438656335666137666634343935343639336631313232306362356366623036333033
|
||||
38373666393265626463613534343331613066386561383130356634636431623962656164366661
|
||||
66316530633737323963316664353363336537643466333734326466386465663636613438373036
|
||||
39613633343336356364333135316661646639613536386465616563373834623130366561653038
|
||||
30653330313435326366363361626163646564333137363965646366326431363337343766666338
|
||||
62313661363137306561633266356165383537633565353563386630623239373834303937613764
|
||||
37653138663236366166643433663639643639336431366434643233343235633361626265383338
|
||||
65613338383533353034623964366462646164353763653234653864643136323065333031373132
|
||||
32613462313832313131613230383435306539666666613036636139323632353230336634346566
|
||||
64383639663962346563333835383361633066363937613531653830373835353730633330316566
|
||||
65646339653964353738356263393062653632343134313438343932306537643561653562333266
|
||||
62363535363033626538343163373064613431386665383036306239386235616362396565386239
|
||||
34643631393335656461306163326465383532386661383634316236303139653331373161346565
|
||||
61613233653838366366323162353030323934316664363164333863666563313031393136383466
|
||||
35313966393631616230313965376561653439613636646438626536646565343836613038663337
|
||||
31313761326232346431633233373862323336613862613032373235303761653563363330356430
|
||||
33306133386634343862333439666236303539363666643434353362303037343236333862366532
|
||||
39323632663230613338636335396262326431366635323837626639356564333434396432623764
|
||||
63373936323431623464386135633039646338396365633461343264643932353339656138623563
|
||||
32616266383335353433373166663436383537316562623434653734313137343536333033356535
|
||||
34366135336335363063643731623331646635653539656631396266666534633535626361623236
|
||||
37656436366430333766336464303438366634626663336261313064353861643130663366306536
|
||||
33626262356339623935333731623038386363653937663961363361333039326664383930346436
|
||||
65313435393966633139356461353365636437376130316633613839303166633762626564633765
|
||||
36323036626161306562366533373634666631313731656138313239333937303662613263306461
|
||||
61306630643261316333363636353162336435333137386234313264633364613232353537633030
|
||||
30333537636664623664386364626434323235623130363531663765343463366537656635363034
|
||||
66313136343436663363613338376562623834653535626239643837386439383230656539373338
|
||||
63386234363637393166363336363565666364636462646262666165346533313064376465323162
|
||||
66356133346665653731643964343262396330303539383462353965333261653135313039613064
|
||||
38393136636266383531623534336636646365313833643464313337363836656239656132373431
|
||||
39393435643365353833383233383062623265656464373435663634396531313539616638396463
|
||||
39623133343237663237643561303965636234383765643166303234396430333866653661393761
|
||||
33663564346366653139623234666464313261643332616439356565656539346163643964663465
|
||||
33333734376533663639303930613161353738346134326561336662663563373266316338633632
|
||||
62303336343062366361383331653736306231616265626132646463343065333533636165383139
|
||||
38643564373065343933333836643537386531633732373461373036363539653162303636623439
|
||||
34343263306430616462363061323464663433313433383436346434313333636362323437306432
|
||||
33363035336439303666373639383037363339613561313731393533663836343464346630303639
|
||||
37386134343663393938633766393430313864616536653639663038303566313966343262636466
|
||||
34613432616662393337383565393263313630626361396563313233623665343934336138363131
|
||||
64663235386536386266333065303233366136643762393830366339373232383265663430356666
|
||||
66616461383662643039306435353538633166333766336162313734373661363737636465333237
|
||||
34663930343535373434386664333164306236393734393062666561326536323233353032306562
|
||||
66333638643938656334653761613239376533306564393930616566353936653034316634623538
|
||||
31636564386433396339343433333232376232356334326135353137353835396464373631366534
|
||||
39366462343665626236313263313635396361613236626634386232613366303236373431666537
|
||||
35366530343964373433346664383131623163663332343034326365633662306430303564353835
|
||||
32386136666434663832343662656466383563336537376636383063373836353762326335393233
|
||||
65623465333734303039333063323133386633366336613836356337396333323937636231653936
|
||||
65316338363737366533366461643438353134303035323365313736386237343136336336383136
|
||||
36396261376138643932623638636261633066663231616563373137346432303066353433313036
|
||||
63666535393261343963363761396437613835393130663064396338633138393838346366613262
|
||||
38653263396531643734303730306330326533303265343932653535376331633334363534353036
|
||||
39636430636136383134636463376261343034623461386534373138646262366436333833643736
|
||||
65666136633335363034356431343062613030616239383962393133663465353832333763396432
|
||||
32643464666639653130333239663430336134373766306534363534376634633933633965343732
|
||||
62316561643261633833623338313732636530383861383831386135396137623439663733323830
|
||||
35313839663832326362326566336637336462616533643532366333326462343734636232616463
|
||||
39646138386632333163613964393935313331323434333838643438653666303335396237613339
|
||||
66623832383133373565323730623230393665666231313230376332363536653530373936383330
|
||||
33356132363538306331383335633265373865646432303036636461373037353135653739346537
|
||||
35396139313565633737383333316134333061333536613830393431623431616232343862633865
|
||||
36613864303039656464363532383936303334653134633962303738363264663034373532303330
|
||||
62376664653231663934643065636233333732363935613866306362656130393435386130656632
|
||||
36393038646232303461343833636261373633383331383336383433323465666630646532373164
|
||||
63636637393666616433316636303635623635386262343266313931343863373335333163633365
|
||||
38656134643735623239373866653961396265343965396630373262623362623936613532633963
|
||||
36623139663062376365633761616163613739353564363065623538383532633464323835656566
|
||||
61376665353363306364636239356131326631333864316366333035383032663266623439636336
|
||||
62653538326431353462303861626439356539383464306163326632373136353832393432643865
|
||||
64626432623533303633313530646435356638633731643838323563363363353135623537623332
|
||||
63356662643834386631346661656137303562376534346234663761363539363865626133326365
|
||||
38623161376661373661373234396230333630653733626365303539646563306532313836316639
|
||||
66613839326432623662383939633234383532396564616262323566316166613161
|
||||
|
@ -0,0 +1,12 @@
|
||||
* my personal notes for deploying
|
||||
** setup
|
||||
- create a file in ~inventory~ called ~hosts~
|
||||
#+BEGIN_SRC text
|
||||
[matrix_servers]
|
||||
matrix.awful.club
|
||||
#+END_SRC
|
||||
- make sure you have the proper gpg key on your file system ( since we are using the "open the vault" method of protecting our passwords here)
|
||||
|
||||
** common scripts:
|
||||
~ansible-playbook -i inventory/hosts matrix-docker-ansible-deploy/setup.yml --tags=setup-all,start~
|
||||
- this will upgrade your configured matrix things.
|
@ -1,11 +0,0 @@
|
||||
---
|
||||
|
||||
- name: (Deprecation) Warn about unused user/group variables
|
||||
fail:
|
||||
msg: >
|
||||
The `{{ item }}` variable defined in your configuration is not used by this playbook anymore.
|
||||
User/group creation is now dynamic. You can remove these variables from your configuration, as they have no effect on anything.
|
||||
when: "item in vars"
|
||||
with_items:
|
||||
- 'matrix_user_uid'
|
||||
- 'matrix_user_gid'
|
@ -0,0 +1,64 @@
|
||||
# matrix-reminder-bot is a bot for one-off and recurring reminders
|
||||
# See: https://github.com/anoadragon453/matrix-reminder-bot
|
||||
|
||||
matrix_bot_matrix_reminder_bot_enabled: true
|
||||
|
||||
matrix_bot_matrix_reminder_bot_docker_image: "anoa/matrix-reminder-bot:release-0.1.0"
|
||||
matrix_bot_matrix_reminder_bot_docker_image_force_pull: "{{ matrix_bot_matrix_reminder_bot_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_bot_matrix_reminder_bot_base_path: "{{ matrix_base_data_path }}/matrix-reminder-bot"
|
||||
matrix_bot_matrix_reminder_bot_config_path: "{{ matrix_bot_matrix_reminder_bot_base_path }}/config"
|
||||
matrix_bot_matrix_reminder_bot_data_path: "{{ matrix_bot_matrix_reminder_bot_base_path }}/data"
|
||||
matrix_bot_matrix_reminder_bot_data_store_path: "{{ matrix_bot_matrix_reminder_bot_data_path }}/store"
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_bot_matrix_reminder_bot_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-bot-matrix-reminder-bot.service depends on
|
||||
matrix_bot_matrix_reminder_bot_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-bot-matrix-reminder-bot.service wants
|
||||
matrix_bot_matrix_reminder_bot_systemd_wanted_services_list: []
|
||||
|
||||
|
||||
# The bot's username. This user needs to be created manually beforehand.
|
||||
# Also see `matrix_bot_matrix_reminder_bot_user_password`.
|
||||
matrix_bot_matrix_reminder_bot_matrix_user_id_localpart: "bot.matrix-reminder-bot"
|
||||
|
||||
matrix_bot_matrix_reminder_bot_matrix_user_id: '@{{ matrix_bot_matrix_reminder_bot_matrix_user_id_localpart }}:{{ matrix_domain }}'
|
||||
|
||||
# The password that the bot uses to authenticate.
|
||||
matrix_bot_matrix_reminder_bot_matrix_user_password: ''
|
||||
|
||||
matrix_bot_matrix_reminder_bot_matrix_homeserver_url: 'http://matrix-synapse:8008'
|
||||
|
||||
# The timezone to use when creating reminders.
|
||||
# Examples: 'Europe/London', 'Etc/UTC'
|
||||
matrix_bot_matrix_reminder_bot_reminders_timezone: ''
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_bot_matrix_reminder_bot_configuration_extension_yaml`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_bot_matrix_reminder_bot_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||
|
||||
matrix_bot_matrix_reminder_bot_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_bot_matrix_reminder_bot_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_bot_matrix_reminder_bot_configuration_yaml`.
|
||||
#
|
||||
# Example configuration extension follows:
|
||||
#
|
||||
# matrix:
|
||||
# device_name: My-Reminder-Bot
|
||||
|
||||
matrix_bot_matrix_reminder_bot_configuration_extension: "{{ matrix_bot_matrix_reminder_bot_configuration_extension_yaml|from_yaml if matrix_bot_matrix_reminder_bot_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||
|
||||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_bot_matrix_reminder_bot_configuration_yaml`.
|
||||
matrix_bot_matrix_reminder_bot_configuration: "{{ matrix_bot_matrix_reminder_bot_configuration_yaml|from_yaml|combine(matrix_bot_matrix_reminder_bot_configuration_extension, recursive=True) }}"
|
@ -0,0 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot'] }}"
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
@ -0,0 +1,14 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_bot_matrix_reminder_bot_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-bot-matrix-reminder-bot
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup.yml"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-bot-matrix-reminder-bot
|
@ -0,0 +1,88 @@
|
||||
---
|
||||
|
||||
#
|
||||
# Tasks related to setting up matrix-reminder-bot
|
||||
#
|
||||
|
||||
- name: Ensure matrix-reminder-bot paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true }
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool and item.when
|
||||
|
||||
- name: Ensure matrix-reminder-bot image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_bot_matrix_reminder_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_docker_image_force_pull }}"
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
||||
|
||||
- name: Ensure matrix-reminder-bot config installed
|
||||
copy:
|
||||
content: "{{ matrix_bot_matrix_reminder_bot_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_bot_matrix_reminder_bot_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
||||
|
||||
- name: Ensure matrix-matrix-reminder-bot.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2"
|
||||
dest: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service"
|
||||
mode: 0644
|
||||
register: matrix_bot_matrix_reminder_bot_systemd_service_result
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-matrix-reminder-bot.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_systemd_service_result.changed"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of matrix-reminder-bot (if it was previously enabled)
|
||||
#
|
||||
|
||||
- name: Check existence of matrix-matrix-reminder-bot service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-matrix-reminder-bot.service"
|
||||
register: matrix_bot_matrix_reminder_bot_service_stat
|
||||
|
||||
- name: Ensure matrix-matrix-reminder-bot is stopped
|
||||
service:
|
||||
name: matrix-matrix-reminder-bot
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-matrix-reminder-bot.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-matrix-reminder-bot.service"
|
||||
state: absent
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-matrix-reminder-bot.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Matrix matrix-reminder-bot paths don't exist
|
||||
file:
|
||||
path: "{{ matrix_bot_matrix_reminder_bot_base_path }}"
|
||||
state: absent
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-reminder-bot Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool"
|
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_bot_matrix_reminder_bot_matrix_user_password"
|
||||
- "matrix_bot_matrix_reminder_bot_reminders_timezone"
|
@ -0,0 +1,50 @@
|
||||
# The string to prefix bot commands with
|
||||
command_prefix: "!"
|
||||
|
||||
# Options for connecting to the bot's Matrix account
|
||||
matrix:
|
||||
# The Matrix User ID of the bot account
|
||||
user_id: {{ matrix_bot_matrix_reminder_bot_matrix_user_id|to_json }}
|
||||
# Matrix account password
|
||||
user_password: {{ matrix_bot_matrix_reminder_bot_matrix_user_password|to_json }}
|
||||
# The public URL at which the homeserver's Client-Server API can be accessed
|
||||
homeserver_url: {{ matrix_bot_matrix_reminder_bot_matrix_homeserver_url }}
|
||||
# The device ID that is a **non pre-existing** device
|
||||
# If this device ID already exists, messages will be dropped silently in
|
||||
# encrypted rooms
|
||||
device_id: REMINDER
|
||||
# What to name the logged in device
|
||||
device_name: Reminder Bot
|
||||
|
||||
storage:
|
||||
# The database connection string
|
||||
# For SQLite3, this would look like:
|
||||
# database: "sqlite://bot.db"
|
||||
# For Postgres, this would look like:
|
||||
# database: "postgres://username:password@localhost/dbname?sslmode=disable"
|
||||
#database: "postgres://matrix-reminder-bot:remindme@localhost/matrix-reminder-bot?sslmode=disable"
|
||||
database: "sqlite:///data/bot.db"
|
||||
# The path to a directory for internal bot storage
|
||||
# containing encryption keys, sync tokens, etc.
|
||||
store_path: "/data/store"
|
||||
|
||||
reminders:
|
||||
# Uncomment to set a default timezone that will be used when creating reminders.
|
||||
# If not set, UTC will be used
|
||||
timezone: {{ matrix_bot_matrix_reminder_bot_reminders_timezone }}
|
||||
|
||||
# Logging setup
|
||||
logging:
|
||||
# Logging level
|
||||
# Allowed levels are 'INFO', 'WARNING', 'ERROR', 'DEBUG' where DEBUG is most verbose
|
||||
level: INFO
|
||||
# Configure logging to a file
|
||||
file_logging:
|
||||
# Whether logging to a file is enabled
|
||||
enabled: false
|
||||
# The path to the file to log to. May be relative or absolute
|
||||
filepath: /data/bot.log
|
||||
# Configure logging to the console (stdout/stderr)
|
||||
console_logging:
|
||||
# Whether console logging is enabled
|
||||
enabled: true
|
@ -0,0 +1,40 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=matrix-reminder-bot
|
||||
{% for service in matrix_bot_matrix_reminder_bot_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_bot_matrix_reminder_bot_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-reminder-bot \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--read-only \
|
||||
--network={{ matrix_docker_network }} \
|
||||
-e 'TZ={{ matrix_bot_matrix_reminder_bot_reminders_timezone }}' \
|
||||
-v {{ matrix_bot_matrix_reminder_bot_config_path }}:/config:ro \
|
||||
-v {{ matrix_bot_matrix_reminder_bot_data_path }}:/data:rw \
|
||||
--entrypoint=/bin/sh \
|
||||
{% for arg in matrix_bot_matrix_reminder_bot_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_bot_matrix_reminder_bot_docker_image }} \
|
||||
-c "matrix-reminder-bot /config/config.yaml"
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-bot-matrix-reminder-bot
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,95 @@
|
||||
# Mx Puppet Discord is a Matrix <-> Discord bridge
|
||||
# See: https://github.com/matrix-discord/mx-puppet-discord
|
||||
|
||||
matrix_mx_puppet_discord_enabled: true
|
||||
|
||||
matrix_mx_puppet_discord_container_image_self_build: false
|
||||
|
||||
# Controls whether the mx-puppet-discord container exposes its HTTP port (tcp/8432 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8432"), or empty string to not expose.
|
||||
matrix_mx_puppet_discord_container_http_host_bind_port: ''
|
||||
|
||||
matrix_mx_puppet_discord_docker_image: "sorunome/mx-puppet-discord:latest"
|
||||
matrix_mx_puppet_discord_docker_image_force_pull: "{{ matrix_mx_puppet_discord_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_mx_puppet_discord_base_path: "{{ matrix_base_data_path }}/mx-puppet-discord"
|
||||
matrix_mx_puppet_discord_config_path: "{{ matrix_mx_puppet_discord_base_path }}/config"
|
||||
matrix_mx_puppet_discord_data_path: "{{ matrix_mx_puppet_discord_base_path }}/data"
|
||||
matrix_mx_puppet_discord_docker_src_files_path: "{{ matrix_mx_puppet_discord_base_path }}/docker-src"
|
||||
|
||||
matrix_mx_puppet_discord_appservice_port: "8432"
|
||||
|
||||
matrix_mx_puppet_discord_homeserver_address: 'http://matrix-synapse:8008'
|
||||
matrix_mx_puppet_discord_homeserver_domain: '{{ matrix_domain }}'
|
||||
matrix_mx_puppet_discord_appservice_address: 'http://matrix-mx-puppet-discord:{{ matrix_mx_puppet_discord_appservice_port }}'
|
||||
|
||||
matrix_mx_puppet_discord_client_id: ''
|
||||
matrix_mx_puppet_discord_client_secret: ''
|
||||
|
||||
# "@user:server.com" to allow specific user
|
||||
# "@.*:yourserver.com" to allow users on a specific homeserver
|
||||
# "@.*" to allow anyone
|
||||
matrix_mx_puppet_discord_provisioning_whitelist:
|
||||
- "@.*:{{ matrix_domain|regex_escape }}"
|
||||
|
||||
# Leave empty to disable blacklist
|
||||
# "@user:server.com" disallow a specific user
|
||||
# "@.*:yourserver.com" disallow users on a specific homeserver
|
||||
matrix_mx_puppet_discord_provisioning_blacklist: []
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mx_puppet_discord_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-puppet-discord.service depends on.
|
||||
matrix_mx_puppet_discord_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-puppet-discord.service wants
|
||||
matrix_mx_puppet_discord_systemd_wanted_services_list: []
|
||||
|
||||
matrix_mx_puppet_discord_appservice_token: ''
|
||||
matrix_mx_puppet_discord_homeserver_token: ''
|
||||
|
||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
||||
matrix_mx_puppet_discord_login_shared_secret: ''
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_mx_puppet_discord_configuration_extension_yaml`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_mx_puppet_discord_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||
|
||||
matrix_mx_puppet_discord_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_mx_puppet_discord_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_mx_puppet_discord_configuration_yaml`.
|
||||
|
||||
matrix_mx_puppet_discord_configuration_extension: "{{ matrix_mx_puppet_discord_configuration_extension_yaml|from_yaml if matrix_mx_puppet_discord_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||
|
||||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_mx_puppet_discord_configuration_yaml`.
|
||||
matrix_mx_puppet_discord_configuration: "{{ matrix_mx_puppet_discord_configuration_yaml|from_yaml|combine(matrix_mx_puppet_discord_configuration_extension, recursive=True) }}"
|
||||
|
||||
matrix_mx_puppet_discord_registration_yaml: |
|
||||
as_token: "{{ matrix_mx_puppet_discord_appservice_token }}"
|
||||
hs_token: "{{ matrix_mx_puppet_discord_homeserver_token }}"
|
||||
id: discord-puppet
|
||||
namespaces:
|
||||
users:
|
||||
- exclusive: true
|
||||
regex: '@_discordpuppet_.*:{{ matrix_mx_puppet_discord_homeserver_domain|regex_escape }}'
|
||||
rooms: []
|
||||
aliases:
|
||||
- exclusive: true
|
||||
regex: '#_discordpuppet_.*:{{ matrix_mx_puppet_discord_homeserver_domain|regex_escape }}'
|
||||
protocols: []
|
||||
rate_limited: false
|
||||
sender_localpart: _discordpuppet_bot
|
||||
url: {{ matrix_mx_puppet_discord_appservice_address }}
|
||||
|
||||
matrix_mx_puppet_discord_registration: "{{ matrix_mx_puppet_discord_registration_yaml|from_yaml }}"
|
@ -0,0 +1,23 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mx-puppet-discord'] }}"
|
||||
when: matrix_mx_puppet_discord_enabled|bool
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
["--mount type=bind,src={{ matrix_mx_puppet_discord_config_path }}/registration.yaml,dst=/matrix-mx-puppet-discord-registration.yaml,ro"]
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["/matrix-mx-puppet-discord-registration.yaml"] }}
|
||||
when: matrix_mx_puppet_discord_enabled|bool
|
||||
|
||||
# ansible lower than 2.8, does not support docker_image build parameters
|
||||
# for self buildig it is explicitly needed, so we rather fail here
|
||||
- name: Fail if running on Ansible lower than 2.8 and trying self building
|
||||
fail:
|
||||
msg: "To self build Puppet Slack image, you should usa ansible 2.8 or higher. E.g. pip contains such packages."
|
||||
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_discord_container_image_self_build"
|
@ -0,0 +1,21 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_discord_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-discord
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_discord_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-discord
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup|bool and not matrix_mx_puppet_discord_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-discord
|
@ -0,0 +1,93 @@
|
||||
---
|
||||
|
||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||
# We don't want to fail in such cases.
|
||||
- name: Fail if matrix-synapse role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
The matrix-bridge-mx-puppet-discord role needs to execute before the matrix-synapse role.
|
||||
when: "matrix_synapse_role_executed|default(False)"
|
||||
|
||||
- name: Ensure MX Puppet Discord image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_discord_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_mx_puppet_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_discord_docker_image_force_pull }}"
|
||||
when: matrix_mx_puppet_discord_enabled|bool and not matrix_mx_puppet_discord_container_image_self_build
|
||||
|
||||
- name: Ensure MX Puppet Discord paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mx_puppet_discord_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_discord_config_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_discord_data_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_discord_docker_src_files_path }}", when: "{{ matrix_mx_puppet_discord_container_image_self_build }}" }
|
||||
when: matrix_mx_puppet_discord_enabled|bool and item.when|bool
|
||||
|
||||
- name: Ensure MX Puppet Discord repository is present on self build
|
||||
git:
|
||||
repo: https://github.com/matrix-discord/mx-puppet-discord.git
|
||||
dest: "{{ matrix_mx_puppet_discord_docker_src_files_path }}"
|
||||
force: "yes"
|
||||
when: "matrix_mx_puppet_discord_enabled|bool and matrix_mx_puppet_discord_container_image_self_build"
|
||||
|
||||
- name: Ensure MX Puppet Discord Docker image is built
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_discord_docker_image }}"
|
||||
source: build
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_mx_puppet_discord_docker_src_files_path }}"
|
||||
pull: yes
|
||||
when: "matrix_mx_puppet_discord_enabled|bool and matrix_mx_puppet_discord_container_image_self_build"
|
||||
|
||||
- name: Check if an old database file already exists
|
||||
stat:
|
||||
path: "{{ matrix_mx_puppet_discord_base_path }}/database.db"
|
||||
register: matrix_mx_puppet_discord_stat_database
|
||||
|
||||
- name: (Data relocation) Ensure matrix-mx-puppet-discord.service is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-discord
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
failed_when: false
|
||||
when: "matrix_mx_puppet_discord_stat_database.stat.exists"
|
||||
|
||||
- name: (Data relocation) Move mx-puppet-discord database file to ./data directory
|
||||
command: "mv {{ matrix_mx_puppet_discord_base_path }}/database.db {{ matrix_mx_puppet_discord_data_path }}/database.db"
|
||||
when: "matrix_mx_puppet_discord_stat_database.stat.exists"
|
||||
|
||||
- name: Ensure mx-puppet-discord config.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_discord_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_discord_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mx-puppet-discord discord-registration.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_discord_registration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_discord_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-discord.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-mx-puppet-discord.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-mx-puppet-discord.service"
|
||||
mode: 0644
|
||||
register: matrix_mx_puppet_discord_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-discord.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_discord_systemd_service_result.changed"
|
@ -0,0 +1,24 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-mx-puppet-discord service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-discord.service"
|
||||
register: matrix_mx_puppet_discord_service_stat
|
||||
|
||||
- name: Ensure matrix-mx-puppet-discord is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-discord
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_discord_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-discord.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-discord.service"
|
||||
state: absent
|
||||
when: "matrix_mx_puppet_discord_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-discord.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_discord_service_stat.stat.exists"
|
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mx_puppet_discord_appservice_token"
|
||||
- "matrix_mx_puppet_discord_homeserver_token"
|
@ -0,0 +1,138 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
bridge:
|
||||
# Port to host the bridge on
|
||||
# Used for communication between the homeserver and the bridge
|
||||
port: {{ matrix_mx_puppet_discord_appservice_port }}
|
||||
# The host connections to the bridge's webserver are allowed from
|
||||
bindAddress: 0.0.0.0
|
||||
# Public domain of the homeserver
|
||||
domain: {{ matrix_mx_puppet_discord_homeserver_domain }}
|
||||
# Reachable URL of the Matrix homeserver
|
||||
homeserverUrl: {{ matrix_mx_puppet_discord_homeserver_address }}
|
||||
{% if matrix_mx_puppet_discord_login_shared_secret != '' %}
|
||||
loginSharedSecretMap:
|
||||
{{ matrix_domain }}: {{ matrix_mx_puppet_discord_login_shared_secret }}
|
||||
{% endif %}
|
||||
# Display name of the bridge bot
|
||||
displayname: Discord Puppet Bridge
|
||||
# Optionally specify a different media URL used for the media store
|
||||
#
|
||||
# This is where Discord will download user profile pictures and media
|
||||
# from
|
||||
#mediaUrl: https://external-url.org
|
||||
|
||||
presence:
|
||||
# Bridge Discord online/offline status
|
||||
enabled: true
|
||||
# How often to send status to the homeserver in milliseconds
|
||||
interval: 500
|
||||
|
||||
provisioning:
|
||||
# Regex of Matrix IDs allowed to use the puppet bridge
|
||||
whitelist: {{ matrix_mx_puppet_discord_provisioning_whitelist|to_json }}
|
||||
# Allow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Allow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
# Allow anyone
|
||||
#- ".*"
|
||||
# Regex of Matrix IDs forbidden from using the puppet bridge
|
||||
#blacklist:
|
||||
# Disallow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Disallow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
blacklist: {{ matrix_mx_puppet_discord_provisioning_blacklist|to_json }}
|
||||
|
||||
relay:
|
||||
# Regex of Matrix IDs who are allowed to use the bridge in relay mode.
|
||||
# Relay mode is when a single Discord bot account relays messages of
|
||||
# multiple Matrix users
|
||||
#
|
||||
# Same format as in provisioning
|
||||
whitelist: {{ matrix_mx_puppet_discord_provisioning_whitelist|to_json }}
|
||||
blacklist: {{ matrix_mx_puppet_discord_provisioning_blacklist|to_json }}
|
||||
|
||||
selfService:
|
||||
# Regex of Matrix IDs who are allowed to use bridge self-servicing (plumbed rooms)
|
||||
#
|
||||
# Same format as in provisioning
|
||||
whitelist: {{ matrix_mx_puppet_discord_provisioning_whitelist|to_json }}
|
||||
blacklist: {{ matrix_mx_puppet_discord_provisioning_blacklist|to_json }}
|
||||
|
||||
# Override the default name patterns for users, rooms and groups
|
||||
#
|
||||
# Variable names must be prefixed with a ':'
|
||||
namePatterns:
|
||||
# The default displayname for a bridged user
|
||||
#
|
||||
# Available variables:
|
||||
#
|
||||
# name: username of the user
|
||||
# discriminator: hashtag of the user (ex. #1234)
|
||||
user: :name
|
||||
|
||||
# A user's guild-specific displayname - if they've set a custom nick in
|
||||
# a guild
|
||||
#
|
||||
# Available variables:
|
||||
#
|
||||
# name: username of the user
|
||||
# discriminator: hashtag of the user (ex. #1234)
|
||||
# displayname: the user's custom group-specific nick
|
||||
# channel: the name of the channel
|
||||
# guild: the name of the guild
|
||||
userOverride: :name
|
||||
|
||||
# Room names for bridged Discord channels
|
||||
#
|
||||
# Available variables:
|
||||
#
|
||||
# name: name of the channel
|
||||
# guild: name of the guild
|
||||
room: :name
|
||||
|
||||
# Group names for bridged Discord servers
|
||||
#
|
||||
# Available variables:
|
||||
#
|
||||
# name: name of the guide
|
||||
group: :name
|
||||
|
||||
database:
|
||||
# Use Postgres as a database backend
|
||||
# If set, will be used instead of SQLite3
|
||||
# Connection string to connect to the Postgres instance
|
||||
# with username "user", password "pass", host "localhost" and database name "dbname".
|
||||
# Modify each value as necessary
|
||||
#connString: "postgres://user:pass@localhost/dbname?sslmode=disable"
|
||||
# Use SQLite3 as a database backend
|
||||
# The name of the database file
|
||||
filename: /data/database.db
|
||||
|
||||
logging:
|
||||
# Log level of console output
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
console: info
|
||||
# Date and time formatting
|
||||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
@ -0,0 +1,41 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix Mx Puppet Discord server
|
||||
{% for service in matrix_mx_puppet_discord_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_mx_puppet_discord_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-discord \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
-e CONFIG_PATH=/config/config.yaml \
|
||||
-e REGISTRATION_PATH=/config/registration.yaml \
|
||||
-v {{ matrix_mx_puppet_discord_config_path }}:/config:z \
|
||||
-v {{ matrix_mx_puppet_discord_data_path }}:/data:z \
|
||||
{% for arg in matrix_mx_puppet_discord_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mx_puppet_discord_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-discord
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,86 @@
|
||||
# mx-puppet-instagram bridges instagram DMs
|
||||
# See: https://github.com/Sorunome/mx-puppet-instagram
|
||||
|
||||
matrix_mx_puppet_instagram_enabled: true
|
||||
|
||||
matrix_mx_puppet_instagram_container_image_self_build: false
|
||||
|
||||
matrix_mx_puppet_instagram_docker_image: "docker.io/sorunome/mx-puppet-instagram:latest"
|
||||
matrix_mx_puppet_instagram_docker_image_force_pull: "{{ matrix_mx_puppet_instagram_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_mx_puppet_instagram_base_path: "{{ matrix_base_data_path }}/mx-puppet-instagram"
|
||||
matrix_mx_puppet_instagram_config_path: "{{ matrix_mx_puppet_instagram_base_path }}/config"
|
||||
matrix_mx_puppet_instagram_data_path: "{{ matrix_mx_puppet_instagram_base_path }}/data"
|
||||
matrix_mx_puppet_instagram_docker_src_files_path: "{{ matrix_mx_puppet_instagram_base_path }}/docker-src"
|
||||
|
||||
matrix_mx_puppet_instagram_appservice_port: "8440"
|
||||
matrix_mx_puppet_instagram_homeserver_address: 'http://matrix-synapse:8008'
|
||||
matrix_mx_puppet_instagram_homeserver_domain: '{{ matrix_domain }}'
|
||||
matrix_mx_puppet_instagram_appservice_address: 'http://matrix-mx-puppet-instagram:{{ matrix_mx_puppet_instagram_appservice_port }}'
|
||||
|
||||
# "@user:server.com" to allow specific user
|
||||
# "@.*:yourserver.com" to allow users on a specific homeserver
|
||||
# "@.*" to allow anyone
|
||||
matrix_mx_puppet_instagram_provisioning_whitelist:
|
||||
- "@.*:{{ matrix_domain|regex_escape }}"
|
||||
|
||||
# Leave empty to disable blacklist
|
||||
# "@user:server.com" disallow a specific user
|
||||
# "@.*:yourserver.com" disallow users on a specific homeserver
|
||||
matrix_mx_puppet_instagram_provisioning_blacklist: []
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mx_puppet_instagram_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-puppet-instagram.service depends on.
|
||||
matrix_mx_puppet_instagram_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-puppet-instagram.service wants
|
||||
matrix_mx_puppet_instagram_systemd_wanted_services_list: []
|
||||
|
||||
matrix_mx_puppet_instagram_appservice_token: ''
|
||||
matrix_mx_puppet_instagram_homeserver_token: ''
|
||||
|
||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
||||
matrix_mx_puppet_instagram_login_shared_secret: ''
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_mx_puppet_instagram_configuration_extension_yaml`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_mx_puppet_instagram_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||
|
||||
matrix_mx_puppet_instagram_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_mx_puppet_instagram_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_mx_puppet_instagram_configuration_yaml`.
|
||||
|
||||
matrix_mx_puppet_instagram_configuration_extension: "{{ matrix_mx_puppet_instagram_configuration_extension_yaml|from_yaml if matrix_mx_puppet_instagram_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||
|
||||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_mx_puppet_instagram_configuration_yaml`.
|
||||
matrix_mx_puppet_instagram_configuration: "{{ matrix_mx_puppet_instagram_configuration_yaml|from_yaml|combine(matrix_mx_puppet_instagram_configuration_extension, recursive=True) }}"
|
||||
|
||||
matrix_mx_puppet_instagram_registration_yaml: |
|
||||
as_token: "{{ matrix_mx_puppet_instagram_appservice_token }}"
|
||||
hs_token: "{{ matrix_mx_puppet_instagram_homeserver_token }}"
|
||||
id: instagram-puppet
|
||||
namespaces:
|
||||
users:
|
||||
- exclusive: true
|
||||
regex: '@_instagrampuppet_.*:{{ matrix_mx_puppet_instagram_homeserver_domain|regex_escape }}'
|
||||
rooms: []
|
||||
aliases:
|
||||
- exclusive: true
|
||||
regex: '#_instagrampuppet_.*:{{ matrix_mx_puppet_instagram_homeserver_domain|regex_escape }}'
|
||||
protocols: []
|
||||
rate_limited: false
|
||||
sender_localpart: _instagrampuppet_bot
|
||||
url: {{ matrix_mx_puppet_instagram_appservice_address }}
|
||||
|
||||
matrix_mx_puppet_instagram_registration: "{{ matrix_mx_puppet_instagram_registration_yaml|from_yaml }}"
|
@ -0,0 +1,17 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mx-puppet-instagram'] }}"
|
||||
when: matrix_mx_puppet_instagram_enabled|bool
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
["--mount type=bind,src={{ matrix_mx_puppet_instagram_config_path }}/registration.yaml,dst=/matrix-mx-puppet-instagram-registration.yaml,ro"]
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["/matrix-mx-puppet-instagram-registration.yaml"] }}
|
||||
when: matrix_mx_puppet_instagram_enabled|bool
|
||||
|
@ -0,0 +1,21 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_instagram_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-instagram
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_instagram_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-instagram
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup|bool and not matrix_mx_puppet_instagram_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-instagram
|
@ -0,0 +1,78 @@
|
||||
---
|
||||
|
||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||
# We don't want to fail in such cases.
|
||||
- name: Fail if matrix-synapse role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
The matrix-bridge-mx-puppet-instagram role needs to execute before the matrix-synapse role.
|
||||
when: "matrix_synapse_role_executed|default(False)"
|
||||
|
||||
- name: Ensure mx-puppet-instagram image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_instagram_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_mx_puppet_instagram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_instagram_docker_image_force_pull }}"
|
||||
when: matrix_mx_puppet_instagram_enabled|bool and not matrix_mx_puppet_instagram_container_image_self_build
|
||||
|
||||
- name: Ensure mx-puppet-instagram paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mx_puppet_instagram_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_instagram_config_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_instagram_data_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_instagram_docker_src_files_path }}", when: "{{ matrix_mx_puppet_instagram_container_image_self_build }}" }
|
||||
when: matrix_mx_puppet_instagram_enabled|bool and item.when|bool
|
||||
|
||||
- name: Ensure mx-puppet-instagram repository is present on self build
|
||||
git:
|
||||
repo: https://github.com/Sorunome/mx-puppet-instagram.git
|
||||
dest: "{{ matrix_mx_puppet_instagram_docker_src_files_path }}"
|
||||
force: "yes"
|
||||
when: "matrix_mx_puppet_instagram_enabled|bool and matrix_mx_puppet_instagram_container_image_self_build"
|
||||
|
||||
- name: Ensure mx-puppet-instagram Docker image is built
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_instagram_docker_image }}"
|
||||
source: build
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_mx_puppet_instagram_docker_src_files_path }}"
|
||||
pull: yes
|
||||
when: "matrix_mx_puppet_instagram_enabled|bool and matrix_mx_puppet_instagram_container_image_self_build"
|
||||
|
||||
- name: Ensure mx-puppet-instagram config.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_instagram_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_instagram_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mx-puppet-instagram-registration.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_instagram_registration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_instagram_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-instagram.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-mx-puppet-instagram.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-mx-puppet-instagram.service"
|
||||
mode: 0644
|
||||
register: matrix_mx_puppet_instagram_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-instagram.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_instagram_systemd_service_result.changed"
|
||||
|
||||
|
@ -0,0 +1,24 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-mx-puppet-instagram service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-instagram.service"
|
||||
register: matrix_mx_puppet_instagram_service_stat
|
||||
|
||||
- name: Ensure matrix-mx-puppet-instagram is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-instagram
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_instagram_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-instagram.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-instagram.service"
|
||||
state: absent
|
||||
when: "matrix_mx_puppet_instagram_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-instagram.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_instagram_service_stat.stat.exists"
|
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mx_puppet_instagram_appservice_token"
|
||||
- "matrix_mx_puppet_instagram_homeserver_token"
|
@ -0,0 +1,82 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
bridge:
|
||||
# Port to host the bridge on
|
||||
# Used for communication between the homeserver and the bridge
|
||||
port: {{ matrix_mx_puppet_instagram_appservice_port }}
|
||||
# The host connections to the bridge's webserver are allowed from
|
||||
bindAddress: 0.0.0.0
|
||||
# Public domain of the homeserver
|
||||
domain: {{ matrix_mx_puppet_instagram_homeserver_domain }}
|
||||
# Reachable URL of the Matrix homeserver
|
||||
homeserverUrl: {{ matrix_mx_puppet_instagram_homeserver_address }}
|
||||
{% if matrix_mx_puppet_instagram_login_shared_secret != '' %}
|
||||
loginSharedSecretMap:
|
||||
{{ matrix_domain }}: {{ matrix_mx_puppet_instagram_login_shared_secret }}
|
||||
{% endif %}
|
||||
|
||||
presence:
|
||||
# Bridge Instagram online/offline status
|
||||
enabled: true
|
||||
# How often to send status to the homeserver in milliseconds
|
||||
interval: 500
|
||||
|
||||
provisioning:
|
||||
# Regex of Matrix IDs allowed to use the puppet bridge
|
||||
whitelist: {{ matrix_mx_puppet_instagram_provisioning_whitelist|to_json }}
|
||||
# Allow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Allow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
# Allow anyone
|
||||
#- ".*"
|
||||
# Regex of Matrix IDs forbidden from using the puppet bridge
|
||||
#blacklist:
|
||||
# Disallow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Disallow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
blacklist: {{ matrix_mx_puppet_instagram_provisioning_blacklist|to_json }}
|
||||
|
||||
# Shared secret for the provisioning API for use by integration managers.
|
||||
# If this is not set, the provisioning API will not be enabled.
|
||||
#sharedSecret: random string
|
||||
# Path prefix for the provisioning API. /v1 will be appended to the prefix automatically.
|
||||
apiPrefix: /_matrix/provision
|
||||
|
||||
database:
|
||||
# Use Postgres as a database backend
|
||||
# If set, will be used instead of SQLite3
|
||||
# Connection string to connect to the Postgres instance
|
||||
# with username "user", password "pass", host "localhost" and database name "dbname".
|
||||
# Modify each value as necessary
|
||||
#connString: "postgres://user:pass@localhost/dbname?sslmode=disable"
|
||||
# Use SQLite3 as a database backend
|
||||
# The name of the database file
|
||||
filename: /data/database.db
|
||||
|
||||
logging:
|
||||
# Log level of console output
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
console: info
|
||||
# Date and time formatting
|
||||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
@ -0,0 +1,41 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix mx-puppet-instagram bridge
|
||||
{% for service in matrix_mx_puppet_instagram_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_mx_puppet_instagram_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-instagram \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
-e CONFIG_PATH=/config/config.yaml \
|
||||
-e REGISTRATION_PATH=/config/registration.yaml \
|
||||
-v {{ matrix_mx_puppet_instagram_config_path }}:/config:z \
|
||||
-v {{ matrix_mx_puppet_instagram_data_path }}:/data:z \
|
||||
{% for arg in matrix_mx_puppet_instagram_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mx_puppet_instagram_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-instagram
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,95 @@
|
||||
# Mx Puppet Steam is a Matrix <-> Steam bridge
|
||||
# See: https://github.com/matrix-steam/mx-puppet-steam
|
||||
|
||||
matrix_mx_puppet_steam_enabled: true
|
||||
|
||||
matrix_mx_puppet_steam_container_image_self_build: false
|
||||
|
||||
# Controls whether the mx-puppet-steam container exposes its HTTP port (tcp/8432 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8432"), or empty string to not expose.
|
||||
matrix_mx_puppet_steam_container_http_host_bind_port: ''
|
||||
|
||||
matrix_mx_puppet_steam_docker_image: "icewind1991/mx-puppet-steam:latest"
|
||||
matrix_mx_puppet_steam_docker_image_force_pull: "{{ matrix_mx_puppet_steam_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_mx_puppet_steam_base_path: "{{ matrix_base_data_path }}/mx-puppet-steam"
|
||||
matrix_mx_puppet_steam_config_path: "{{ matrix_mx_puppet_steam_base_path }}/config"
|
||||
matrix_mx_puppet_steam_data_path: "{{ matrix_mx_puppet_steam_base_path }}/data"
|
||||
matrix_mx_puppet_steam_docker_src_files_path: "{{ matrix_mx_puppet_steam_base_path }}/docker-src"
|
||||
|
||||
matrix_mx_puppet_steam_appservice_port: "8432"
|
||||
|
||||
matrix_mx_puppet_steam_homeserver_address: 'http://matrix-synapse:8008'
|
||||
matrix_mx_puppet_steam_homeserver_domain: '{{ matrix_domain }}'
|
||||
matrix_mx_puppet_steam_appservice_address: 'http://matrix-mx-puppet-steam:{{ matrix_mx_puppet_steam_appservice_port }}'
|
||||
|
||||
matrix_mx_puppet_steam_client_id: ''
|
||||
matrix_mx_puppet_steam_client_secret: ''
|
||||
|
||||
# "@user:server.com" to allow specific user
|
||||
# "@.*:yourserver.com" to allow users on a specific homeserver
|
||||
# "@.*" to allow anyone
|
||||
matrix_mx_puppet_steam_provisioning_whitelist:
|
||||
- "@.*:{{ matrix_domain|regex_escape }}"
|
||||
|
||||
# Leave empty to disable blacklist
|
||||
# "@user:server.com" disallow a specific user
|
||||
# "@.*:yourserver.com" disallow users on a specific homeserver
|
||||
matrix_mx_puppet_steam_provisioning_blacklist: []
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mx_puppet_steam_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-puppet-steam.service depends on.
|
||||
matrix_mx_puppet_steam_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-puppet-steam.service wants
|
||||
matrix_mx_puppet_steam_systemd_wanted_services_list: []
|
||||
|
||||
matrix_mx_puppet_steam_appservice_token: ''
|
||||
matrix_mx_puppet_steam_homeserver_token: ''
|
||||
|
||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
||||
matrix_mx_puppet_steam_login_shared_secret: ''
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_mx_puppet_steam_configuration_extension_yaml`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_mx_puppet_steam_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||
|
||||
matrix_mx_puppet_steam_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_mx_puppet_steam_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_mx_puppet_steam_configuration_yaml`.
|
||||
|
||||
matrix_mx_puppet_steam_configuration_extension: "{{ matrix_mx_puppet_steam_configuration_extension_yaml|from_yaml if matrix_mx_puppet_steam_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||
|
||||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_mx_puppet_steam_configuration_yaml`.
|
||||
matrix_mx_puppet_steam_configuration: "{{ matrix_mx_puppet_steam_configuration_yaml|from_yaml|combine(matrix_mx_puppet_steam_configuration_extension, recursive=True) }}"
|
||||
|
||||
matrix_mx_puppet_steam_registration_yaml: |
|
||||
as_token: "{{ matrix_mx_puppet_steam_appservice_token }}"
|
||||
hs_token: "{{ matrix_mx_puppet_steam_homeserver_token }}"
|
||||
id: steam-puppet
|
||||
namespaces:
|
||||
users:
|
||||
- exclusive: true
|
||||
regex: '@_steampuppet_.*:{{ matrix_mx_puppet_steam_homeserver_domain|regex_escape }}'
|
||||
rooms: []
|
||||
aliases:
|
||||
- exclusive: true
|
||||
regex: '#_steampuppet_.*:{{ matrix_mx_puppet_steam_homeserver_domain|regex_escape }}'
|
||||
protocols: []
|
||||
rate_limited: false
|
||||
sender_localpart: _steampuppet_bot
|
||||
url: {{ matrix_mx_puppet_steam_appservice_address }}
|
||||
|
||||
matrix_mx_puppet_steam_registration: "{{ matrix_mx_puppet_steam_registration_yaml|from_yaml }}"
|
@ -0,0 +1,23 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mx-puppet-steam'] }}"
|
||||
when: matrix_mx_puppet_steam_enabled|bool
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
["--mount type=bind,src={{ matrix_mx_puppet_steam_config_path }}/registration.yaml,dst=/matrix-mx-puppet-steam-registration.yaml,ro"]
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["/matrix-mx-puppet-steam-registration.yaml"] }}
|
||||
when: matrix_mx_puppet_steam_enabled|bool
|
||||
|
||||
# ansible lower than 2.8, does not support docker_image build parameters
|
||||
# for self buildig it is explicitly needed, so we rather fail here
|
||||
- name: Fail if running on Ansible lower than 2.8 and trying self building
|
||||
fail:
|
||||
msg: "To self build Puppet Slack image, you should usa ansible 2.8 or higher. E.g. pip contains such packages."
|
||||
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_steam_container_image_self_build"
|
@ -0,0 +1,21 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_steam_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-steam
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_steam_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-steam
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup|bool and not matrix_mx_puppet_steam_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-steam
|
@ -0,0 +1,93 @@
|
||||
---
|
||||
|
||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||
# We don't want to fail in such cases.
|
||||
- name: Fail if matrix-synapse role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
The matrix-bridge-mx-puppet-steam role needs to execute before the matrix-synapse role.
|
||||
when: "matrix_synapse_role_executed|default(False)"
|
||||
|
||||
- name: Ensure MX Puppet Steam image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_steam_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_mx_puppet_steam_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_steam_docker_image_force_pull }}"
|
||||
when: matrix_mx_puppet_steam_enabled|bool and not matrix_mx_puppet_steam_container_image_self_build
|
||||
|
||||
- name: Ensure MX Puppet Steam paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mx_puppet_steam_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_steam_config_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_steam_data_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_steam_docker_src_files_path }}", when: "{{ matrix_mx_puppet_steam_container_image_self_build }}" }
|
||||
when: matrix_mx_puppet_steam_enabled|bool and item.when|bool
|
||||
|
||||
- name: Ensure MX Puppet Steam repository is present on self build
|
||||
git:
|
||||
repo: https://github.com/icewind1991/mx-puppet-steam.git
|
||||
dest: "{{ matrix_mx_puppet_steam_docker_src_files_path }}"
|
||||
force: "yes"
|
||||
when: "matrix_mx_puppet_steam_enabled|bool and matrix_mx_puppet_steam_container_image_self_build"
|
||||
|
||||
- name: Ensure MX Puppet Steam Docker image is built
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_steam_docker_image }}"
|
||||
source: build
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_mx_puppet_steam_docker_src_files_path }}"
|
||||
pull: yes
|
||||
when: "matrix_mx_puppet_steam_enabled|bool and matrix_mx_puppet_steam_container_image_self_build"
|
||||
|
||||
- name: Check if an old database file already exists
|
||||
stat:
|
||||
path: "{{ matrix_mx_puppet_steam_base_path }}/database.db"
|
||||
register: matrix_mx_puppet_steam_stat_database
|
||||
|
||||
- name: (Data relocation) Ensure matrix-mx-puppet-steam.service is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-steam
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
failed_when: false
|
||||
when: "matrix_mx_puppet_steam_stat_database.stat.exists"
|
||||
|
||||
- name: (Data relocation) Move mx-puppet-steam database file to ./data directory
|
||||
command: "mv {{ matrix_mx_puppet_steam_base_path }}/database.db {{ matrix_mx_puppet_steam_data_path }}/database.db"
|
||||
when: "matrix_mx_puppet_steam_stat_database.stat.exists"
|
||||
|
||||
- name: Ensure mx-puppet-steam config.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_steam_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_steam_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mx-puppet-steam steam-registration.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_steam_registration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_steam_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-steam.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-mx-puppet-steam.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-mx-puppet-steam.service"
|
||||
mode: 0644
|
||||
register: matrix_mx_puppet_steam_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-steam.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_steam_systemd_service_result.changed"
|
@ -0,0 +1,24 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-mx-puppet-steam service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-steam.service"
|
||||
register: matrix_mx_puppet_steam_service_stat
|
||||
|
||||
- name: Ensure matrix-mx-puppet-steam is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-steam
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_steam_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-steam.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-steam.service"
|
||||
state: absent
|
||||
when: "matrix_mx_puppet_steam_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-steam.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_steam_service_stat.stat.exists"
|
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mx_puppet_steam_appservice_token"
|
||||
- "matrix_mx_puppet_steam_homeserver_token"
|
@ -0,0 +1,99 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
bridge:
|
||||
# Port to host the bridge on
|
||||
# Used for communication between the homeserver and the bridge
|
||||
port: {{ matrix_mx_puppet_steam_appservice_port }}
|
||||
# The host connections to the bridge's webserver are allowed from
|
||||
bindAddress: 0.0.0.0
|
||||
# Public domain of the homeserver
|
||||
domain: {{ matrix_mx_puppet_steam_homeserver_domain }}
|
||||
# Reachable URL of the Matrix homeserver
|
||||
homeserverUrl: {{ matrix_mx_puppet_steam_homeserver_address }}
|
||||
{% if matrix_mx_puppet_steam_login_shared_secret != '' %}
|
||||
loginSharedSecretMap:
|
||||
{{ matrix_domain }}: {{ matrix_mx_puppet_steam_login_shared_secret }}
|
||||
{% endif %}
|
||||
# Display name of the bridge bot
|
||||
displayname: Steam Puppet Bridge
|
||||
# Optionally specify a different media URL used for the media store
|
||||
#
|
||||
# This is where Steam will download user profile pictures and media
|
||||
# from
|
||||
#mediaUrl: https://external-url.org
|
||||
|
||||
presence:
|
||||
# Bridge Steam online/offline status
|
||||
enabled: true
|
||||
# How often to send status to the homeserver in milliseconds
|
||||
interval: 5000
|
||||
|
||||
provisioning:
|
||||
# Regex of Matrix IDs allowed to use the puppet bridge
|
||||
whitelist: {{ matrix_mx_puppet_steam_provisioning_whitelist|to_json }}
|
||||
# Allow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Allow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
# Allow anyone
|
||||
#- ".*"
|
||||
# Regex of Matrix IDs forbidden from using the puppet bridge
|
||||
#blacklist:
|
||||
# Disallow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Disallow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
blacklist: {{ matrix_mx_puppet_steam_provisioning_blacklist|to_json }}
|
||||
|
||||
relay:
|
||||
# Regex of Matrix IDs who are allowed to use the bridge in relay mode.
|
||||
# Relay mode is when a single Steam bot account relays messages of
|
||||
# multiple Matrix users
|
||||
#
|
||||
# Same format as in provisioning
|
||||
whitelist: {{ matrix_mx_puppet_steam_provisioning_whitelist|to_json }}
|
||||
blacklist: {{ matrix_mx_puppet_steam_provisioning_blacklist|to_json }}
|
||||
|
||||
selfService:
|
||||
# Regex of Matrix IDs who are allowed to use bridge self-servicing (plumbed rooms)
|
||||
#
|
||||
# Same format as in provisioning
|
||||
whitelist: {{ matrix_mx_puppet_steam_provisioning_whitelist|to_json }}
|
||||
blacklist: {{ matrix_mx_puppet_steam_provisioning_blacklist|to_json }}
|
||||
|
||||
database:
|
||||
# Use Postgres as a database backend
|
||||
# If set, will be used instead of SQLite3
|
||||
# Connection string to connect to the Postgres instance
|
||||
# with username "user", password "pass", host "localhost" and database name "dbname".
|
||||
# Modify each value as necessary
|
||||
#connString: "postgres://user:pass@localhost/dbname?sslmode=disable"
|
||||
# Use SQLite3 as a database backend
|
||||
# The name of the database file
|
||||
filename: /data/database.db
|
||||
|
||||
logging:
|
||||
# Log level of console output
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
console: info
|
||||
# Date and time formatting
|
||||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
@ -0,0 +1,41 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix Mx Puppet Steam server
|
||||
{% for service in matrix_mx_puppet_steam_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_mx_puppet_steam_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-steam \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
-e CONFIG_PATH=/config/config.yaml \
|
||||
-e REGISTRATION_PATH=/config/registration.yaml \
|
||||
-v {{ matrix_mx_puppet_steam_config_path }}:/config:z \
|
||||
-v {{ matrix_mx_puppet_steam_data_path }}:/data:z \
|
||||
{% for arg in matrix_mx_puppet_steam_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mx_puppet_steam_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-steam
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,104 @@
|
||||
# Mx Puppet Twitter is a Matrix <-> Twitter bridge
|
||||
# See: https://github.com/Sorunome/mx-puppet-twitter
|
||||
|
||||
matrix_mx_puppet_twitter_enabled: true
|
||||
|
||||
matrix_mx_puppet_twitter_container_image_self_build: false
|
||||
|
||||
# Controls whether the mx-puppet-twitter container exposes its HTTP port (tcp/8432 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8432"), or empty string to not expose.
|
||||
matrix_mx_puppet_twitter_container_http_host_bind_port: ''
|
||||
|
||||
matrix_mx_puppet_twitter_docker_image: "sorunome/mx-puppet-twitter:latest"
|
||||
matrix_mx_puppet_twitter_docker_image_force_pull: "{{ matrix_mx_puppet_twitter_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_mx_puppet_twitter_base_path: "{{ matrix_base_data_path }}/mx-puppet-twitter"
|
||||
matrix_mx_puppet_twitter_config_path: "{{ matrix_mx_puppet_twitter_base_path }}/config"
|
||||
matrix_mx_puppet_twitter_data_path: "{{ matrix_mx_puppet_twitter_base_path }}/data"
|
||||
matrix_mx_puppet_twitter_docker_src_files_path: "{{ matrix_mx_puppet_twitter_base_path }}/docker-src"
|
||||
|
||||
matrix_mx_puppet_twitter_appservice_port: "8432"
|
||||
|
||||
matrix_mx_puppet_twitter_homeserver_address: 'http://matrix-synapse:8008'
|
||||
matrix_mx_puppet_twitter_homeserver_domain: '{{ matrix_domain }}'
|
||||
matrix_mx_puppet_twitter_appservice_address: 'http://matrix-mx-puppet-twitter:{{ matrix_mx_puppet_twitter_appservice_port }}'
|
||||
|
||||
matrix_mx_puppet_twitter_consumer_key: ''
|
||||
matrix_mx_puppet_twitter_consumer_secret: ''
|
||||
matrix_mx_puppet_twitter_access_token: ''
|
||||
matrix_mx_puppet_twitter_access_token_secret: ''
|
||||
matrix_mx_puppet_twitter_environment: ''
|
||||
matrix_mx_puppet_twitter_webhook_path: '/twitter/webhook'
|
||||
matrix_mx_puppet_twitter_webhook_url: 'https://{{ matrix_server_fqn_matrix }}{{ matrix_mx_puppet_twitter_webhook_path }}'
|
||||
|
||||
# "@user:server.com" to allow specific user
|
||||
# "@.*:yourserver.com" to allow users on a specific homeserver
|
||||
# "@.*" to allow anyone
|
||||
matrix_mx_puppet_twitter_provisioning_whitelist:
|
||||
- "@.*:{{ matrix_domain|regex_escape }}"
|
||||
|
||||
# Leave empty to disable blacklist
|
||||
# "@user:server.com" disallow a specific user
|
||||
# "@.*:yourserver.com" disallow users on a specific homeserver
|
||||
matrix_mx_puppet_twitter_provisioning_blacklist: []
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mx_puppet_twitter_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that mx-puppet-twitter.service depends on.
|
||||
matrix_mx_puppet_twitter_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that mx-puppet-twitter.service wants
|
||||
matrix_mx_puppet_twitter_systemd_wanted_services_list: []
|
||||
|
||||
matrix_mx_puppet_twitter_appservice_token: ''
|
||||
matrix_mx_puppet_twitter_homeserver_token: ''
|
||||
|
||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
||||
matrix_mx_puppet_twitter_login_shared_secret: ''
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_mx_puppet_twitter_configuration_extension_yaml`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_mx_puppet_twitter_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||
|
||||
matrix_mx_puppet_twitter_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_mx_puppet_twitter_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_mx_puppet_twitter_configuration_yaml`.
|
||||
|
||||
matrix_mx_puppet_twitter_configuration_extension: "{{ matrix_mx_puppet_twitter_configuration_extension_yaml|from_yaml if matrix_mx_puppet_twitter_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||
|
||||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_mx_puppet_twitter_configuration_yaml`.
|
||||
matrix_mx_puppet_twitter_configuration: "{{ matrix_mx_puppet_twitter_configuration_yaml|from_yaml|combine(matrix_mx_puppet_twitter_configuration_extension, recursive=True) }}"
|
||||
|
||||
# The prefix for user IDs and aliases
|
||||
matrix_mx_puppet_twitter_namespace_prefix: _twitterpuppet_
|
||||
matrix_mx_puppet_twitter_bot_localpart: _twitterpuppet_bot
|
||||
|
||||
matrix_mx_puppet_twitter_registration_yaml: |
|
||||
as_token: "{{ matrix_mx_puppet_twitter_appservice_token }}"
|
||||
hs_token: "{{ matrix_mx_puppet_twitter_homeserver_token }}"
|
||||
id: twitter-puppet
|
||||
namespaces:
|
||||
users:
|
||||
- exclusive: true
|
||||
regex: '@{{ matrix_mx_puppet_twitter_namespace_prefix|regex_escape }}.*:{{ matrix_mx_puppet_twitter_homeserver_domain|regex_escape }}'
|
||||
rooms: []
|
||||
aliases:
|
||||
- exclusive: true
|
||||
regex: '#{{ matrix_mx_puppet_twitter_namespace_prefix|regex_escape }}.*:{{ matrix_mx_puppet_twitter_homeserver_domain|regex_escape }}'
|
||||
protocols: []
|
||||
rate_limited: false
|
||||
sender_localpart: "{{ matrix_mx_puppet_twitter_bot_localpart }}"
|
||||
url: {{ matrix_mx_puppet_twitter_appservice_address }}
|
||||
|
||||
matrix_mx_puppet_twitter_registration: "{{ matrix_mx_puppet_twitter_registration_yaml|from_yaml }}"
|
@ -0,0 +1,70 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mx-puppet-twitter'] }}"
|
||||
when: matrix_mx_puppet_twitter_enabled|bool
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
["--mount type=bind,src={{ matrix_mx_puppet_twitter_config_path }}/registration.yaml,dst=/matrix-mx-puppet-twitter-registration.yaml,ro"]
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["/matrix-mx-puppet-twitter-registration.yaml"] }}
|
||||
when: matrix_mx_puppet_twitter_enabled|bool
|
||||
|
||||
- block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
Trying to append Twitter Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your plabook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-mx-puppet-twitter role.
|
||||
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
||||
|
||||
- name: Generate Matrix MX Puppet Twitter proxying configuration for matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mx_puppet_twitter_webhook_path }} {
|
||||
{% if matrix_nginx_proxy_enabled|default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_mx_puppet_twitter_appservice_address }}";
|
||||
proxy_pass $backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_mx_puppet_twitter_appservice_port }};
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Twitter Appservice proxying configuration with matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
||||
+
|
||||
[matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
when: matrix_mx_puppet_twitter_enabled|bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Matrix Twitter bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mx_puppet_twitter_redirect_path }}`
|
||||
URL endpoint to the matrix-mx-puppet-twitter container.
|
||||
You can expose the container's port using the `matrix_mx_puppet_twitter_container_http_host_bind_port` variable.
|
||||
when: "matrix_mx_puppet_twitter_enabled|bool and matrix_nginx_proxy_enabled is not defined"
|
||||
|
||||
# ansible lower than 2.8, does not support docker_image build parameters
|
||||
# for self buildig it is explicitly needed, so we rather fail here
|
||||
- name: Fail if running on Ansible lower than 2.8 and trying self building
|
||||
fail:
|
||||
msg: "To self build Puppet Twitter image, you should usa ansible 2.8 or higher. E.g. pip contains such packages."
|
||||
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_twitter_container_image_self_build"
|
@ -0,0 +1,21 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_twitter_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-twitter
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup|bool and matrix_mx_puppet_twitter_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-twitter
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup|bool and not matrix_mx_puppet_twitter_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mx-puppet-twitter
|
@ -0,0 +1,93 @@
|
||||
---
|
||||
|
||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||
# We don't want to fail in such cases.
|
||||
- name: Fail if matrix-synapse role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
The matrix-bridge-mx-puppet-twitter role needs to execute before the matrix-synapse role.
|
||||
when: "matrix_synapse_role_executed|default(False)"
|
||||
|
||||
- name: Ensure MX Puppet Twitter image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_twitter_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_mx_puppet_twitter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_twitter_docker_image_force_pull }}"
|
||||
when: matrix_mx_puppet_twitter_enabled|bool and not matrix_mx_puppet_twitter_container_image_self_build
|
||||
|
||||
- name: Ensure MX Puppet Twitter paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mx_puppet_twitter_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_twitter_config_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_twitter_data_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_twitter_docker_src_files_path }}", when: "{{ matrix_mx_puppet_twitter_container_image_self_build }}" }
|
||||
when: matrix_mx_puppet_twitter_enabled|bool and item.when|bool
|
||||
|
||||
- name: Ensure MX Puppet Twitter repository is present on self build
|
||||
git:
|
||||
repo: https://github.com/Sorunome/mx-puppet-twitter.git
|
||||
dest: "{{ matrix_mx_puppet_twitter_docker_src_files_path }}"
|
||||
force: "yes"
|
||||
when: "matrix_mx_puppet_twitter_enabled|bool and matrix_mx_puppet_twitter_container_image_self_build"
|
||||
|
||||
- name: Ensure MX Puppet Twitter Docker image is built
|
||||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_twitter_docker_image }}"
|
||||
source: build
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_mx_puppet_twitter_docker_src_files_path }}"
|
||||
pull: yes
|
||||
when: "matrix_mx_puppet_twitter_enabled|bool and matrix_mx_puppet_twitter_container_image_self_build"
|
||||
|
||||
- name: Check if an old database file already exists
|
||||
stat:
|
||||
path: "{{ matrix_mx_puppet_twitter_base_path }}/database.db"
|
||||
register: matrix_mx_puppet_twitter_stat_database
|
||||
|
||||
- name: (Data relocation) Ensure matrix-mx-puppet-twitter.service is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-twitter
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
failed_when: false
|
||||
when: "matrix_mx_puppet_twitter_stat_database.stat.exists"
|
||||
|
||||
- name: (Data relocation) Move mx-puppet-twitter database file to ./data directory
|
||||
command: "mv {{ matrix_mx_puppet_twitter_base_path }}/database.db {{ matrix_mx_puppet_twitter_data_path }}/database.db"
|
||||
when: "matrix_mx_puppet_twitter_stat_database.stat.exists"
|
||||
|
||||
- name: Ensure mx-puppet-twitter config.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_twitter_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_twitter_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mx-puppet-twitter twitter-registration.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mx_puppet_twitter_registration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mx_puppet_twitter_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-twitter.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-mx-puppet-twitter.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-mx-puppet-twitter.service"
|
||||
mode: 0644
|
||||
register: matrix_mx_puppet_twitter_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-twitter.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_twitter_systemd_service_result.changed"
|
@ -0,0 +1,24 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-mx-puppet-twitter service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-twitter.service"
|
||||
register: matrix_mx_puppet_twitter_service_stat
|
||||
|
||||
- name: Ensure matrix-mx-puppet-twitter is stopped
|
||||
service:
|
||||
name: matrix-mx-puppet-twitter
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_twitter_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-twitter.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-mx-puppet-twitter.service"
|
||||
state: absent
|
||||
when: "matrix_mx_puppet_twitter_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mx-puppet-twitter.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mx_puppet_twitter_service_stat.stat.exists"
|
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mx_puppet_twitter_appservice_token"
|
||||
- "matrix_mx_puppet_twitter_homeserver_token"
|
@ -0,0 +1,92 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
bridge:
|
||||
# Port to host the bridge on
|
||||
# Used for communication between the homeserver and the bridge
|
||||
port: {{ matrix_mx_puppet_twitter_appservice_port }}
|
||||
# The host connections to the bridge's webserver are allowed from
|
||||
bindAddress: 0.0.0.0
|
||||
# Public domain of the homeserver
|
||||
domain: {{ matrix_mx_puppet_twitter_homeserver_domain }}
|
||||
# Reachable URL of the Matrix homeserver
|
||||
homeserverUrl: {{ matrix_mx_puppet_twitter_homeserver_address }}
|
||||
{% if matrix_mx_puppet_twitter_login_shared_secret != '' %}
|
||||
loginSharedSecretMap:
|
||||
{{ matrix_domain }}: {{ matrix_mx_puppet_twitter_login_shared_secret }}
|
||||
{% endif %}
|
||||
|
||||
twitter:
|
||||
consumerKey: "{{ matrix_mx_puppet_twitter_consumer_key }}"
|
||||
consumerSecret: "{{ matrix_mx_puppet_twitter_consumer_secret }}"
|
||||
accessToken: "{{ matrix_mx_puppet_twitter_access_token }}"
|
||||
accessTokenSecret: "{{ matrix_mx_puppet_twitter_access_token_secret }}"
|
||||
environment: "{{ matrix_mx_puppet_twitter_environment }}"
|
||||
server:
|
||||
url: "{{ matrix_mx_puppet_twitter_webhook_url }}"
|
||||
path: "{{ matrix_mx_puppet_twitter_webhook_path }}"
|
||||
|
||||
presence:
|
||||
# Bridge Twitter online/offline status
|
||||
enabled: true
|
||||
# How often to send status to the homeserver in milliseconds
|
||||
interval: 500
|
||||
|
||||
provisioning:
|
||||
# Regex of Matrix IDs allowed to use the puppet bridge
|
||||
whitelist: {{ matrix_mx_puppet_twitter_provisioning_whitelist|to_json }}
|
||||
# Allow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Allow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
# Allow anyone
|
||||
#- ".*"
|
||||
# Regex of Matrix IDs forbidden from using the puppet bridge
|
||||
#blacklist:
|
||||
# Disallow a specific user
|
||||
#- "@user:server\\.com"
|
||||
# Disallow users on a specific homeserver
|
||||
#- "@.*:yourserver\\.com"
|
||||
blacklist: {{ matrix_mx_puppet_twitter_provisioning_blacklist|to_json }}
|
||||
|
||||
# Shared secret for the provisioning API for use by integration managers.
|
||||
# If this is not set, the provisioning API will not be enabled.
|
||||
#sharedSecret: random string
|
||||
# Path prefix for the provisioning API. /v1 will be appended to the prefix automatically.
|
||||
apiPrefix: /_matrix/provision
|
||||
|
||||
database:
|
||||
# Use Postgres as a database backend
|
||||
# If set, will be used instead of SQLite3
|
||||
# Connection string to connect to the Postgres instance
|
||||
# with username "user", password "pass", host "localhost" and database name "dbname".
|
||||
# Modify each value as necessary
|
||||
#connString: "postgres://user:pass@localhost/dbname?sslmode=disable"
|
||||
# Use SQLite3 as a database backend
|
||||
# The name of the database file
|
||||
filename: /data/database.db
|
||||
|
||||
logging:
|
||||
# Log level of console output
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
console: info
|
||||
# Date and time formatting
|
||||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
@ -0,0 +1,44 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix Mx Puppet Twitter server
|
||||
{% for service in matrix_mx_puppet_twitter_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_mx_puppet_twitter_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-twitter \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
{% if matrix_mx_puppet_twitter_container_http_host_bind_port %}
|
||||
-p {{ matrix_mx_puppet_twitter_container_http_host_bind_port }}:{{ matrix_mx_puppet_twitter_appservice_port }} \
|
||||
{% endif %}
|
||||
-e CONFIG_PATH=/config/config.yaml \
|
||||
-e REGISTRATION_PATH=/config/registration.yaml \
|
||||
-v {{ matrix_mx_puppet_twitter_config_path }}:/config:z \
|
||||
-v {{ matrix_mx_puppet_twitter_data_path }}:/data:z \
|
||||
{% for arg in matrix_mx_puppet_twitter_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mx_puppet_twitter_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-twitter
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,122 @@
|
||||
matrix_client_element_enabled: true
|
||||
|
||||
matrix_client_element_container_image_self_build: false
|
||||
|
||||
matrix_client_element_docker_image: "vectorim/riot-web:v1.7.1"
|
||||
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_client_element_data_path: "{{ matrix_base_data_path }}/client-element"
|
||||
matrix_client_element_docker_src_files_path: "{{ matrix_client_element_data_path }}/docker-src"
|
||||
|
||||
# Controls whether the matrix-client-element container exposes its HTTP port (tcp/8080 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8765"), or empty string to not expose.
|
||||
matrix_client_element_container_http_host_bind_port: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_client_element_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-client-element.service depends on
|
||||
matrix_client_element_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# Element config.json customizations
|
||||
matrix_client_element_default_server_name: "{{ matrix_domain }}"
|
||||
matrix_client_element_default_hs_url: ""
|
||||
matrix_client_element_default_is_url: ~
|
||||
matrix_client_element_disable_custom_urls: true
|
||||
matrix_client_element_disable_guests: true
|
||||
matrix_client_element_integrations_ui_url: "https://scalar.vector.im/"
|
||||
matrix_client_element_integrations_rest_url: "https://scalar.vector.im/api"
|
||||
matrix_client_element_integrations_widgets_urls: ["https://scalar.vector.im/api"]
|
||||
matrix_client_element_integrations_jitsi_widget_url: "https://scalar.vector.im/api/widgets/jitsi.html"
|
||||
matrix_client_element_permalinkPrefix: "https://matrix.to"
|
||||
# Element public room directory server(s)
|
||||
matrix_client_element_roomdir_servers: ['matrix.org']
|
||||
matrix_client_element_welcome_user_id: "@riot-bot:matrix.org"
|
||||
# Branding of Element
|
||||
matrix_client_element_brand: "Element"
|
||||
|
||||
# URL to Logo on welcome page
|
||||
matrix_client_element_welcome_logo: "welcome/images/logo.svg"
|
||||
|
||||
# URL of link on welcome image
|
||||
matrix_client_element_welcome_logo_link: "https://element.io"
|
||||
|
||||
matrix_client_element_welcome_headline: "_t('Welcome to Element')"
|
||||
matrix_client_element_welcome_text: "_t('Decentralised, encrypted chat & collaboration powered by [matrix]')"
|
||||
|
||||
# Links, shown in footer of welcome page:
|
||||
# [{"text": "Link text", "url": "https://link.target"}, {"text": "Other link"}]
|
||||
matrix_client_element_branding_authFooterLinks: ~
|
||||
|
||||
# URL to image, shown during Login
|
||||
matrix_client_element_branding_authHeaderLogoUrl: "{{ matrix_client_element_welcome_logo }}"
|
||||
|
||||
# URL to Wallpaper, shown in background of welcome page
|
||||
matrix_client_element_branding_welcomeBackgroundUrl: ~
|
||||
|
||||
# By default, there's no Element homepage (when logged in). If you wish to have one,
|
||||
# point this to a `home.html` template file on your local filesystem.
|
||||
matrix_client_element_embedded_pages_home_path: ~
|
||||
|
||||
matrix_client_element_jitsi_preferredDomain: ''
|
||||
|
||||
# Controls whether the self-check feature should validate SSL certificates.
|
||||
matrix_client_element_self_check_validate_certificates: true
|
||||
|
||||
# don't show the registration button on welcome page
|
||||
matrix_client_element_registration_enabled: false
|
||||
|
||||
# Controls whether presence will be enabled
|
||||
matrix_client_element_enable_presence_by_hs_url: ~
|
||||
|
||||
# Controls whether custom Element themes will be installed.
|
||||
# When enabled, all themes found in the `matrix_client_element_themes_repository_url` repository
|
||||
# will be installed and enabled automatically.
|
||||
matrix_client_element_themes_enabled: false
|
||||
matrix_client_element_themes_repository_url: https://github.com/aaronraimist/element-themes
|
||||
|
||||
# Controls the default theme
|
||||
matrix_client_element_default_theme: 'light'
|
||||
|
||||
# Controls the `settingsDefault.custom_themes` setting of the Element configuration.
|
||||
# You can use this setting to define custom themes.
|
||||
#
|
||||
# Also, look at `matrix_client_element_themes_enabled` for a way to pull in a bunch of custom themes automatically.
|
||||
# If you define your own themes here and set `matrix_client_element_themes_enabled: true`, your themes will be preserved as well.
|
||||
#
|
||||
# Note that for a custom theme to work well, all Element instances that you use must have the same theme installed.
|
||||
matrix_client_element_settingDefaults_custom_themes: []
|
||||
|
||||
# Default Element configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_client_element_configuration_extension_json`)
|
||||
# or completely replace this variable with your own template.
|
||||
#
|
||||
# The side-effect of this lookup is that Ansible would even parse the JSON for us, returning a dict.
|
||||
# This is unlike what it does when looking up YAML template files (no automatic parsing there).
|
||||
matrix_client_element_configuration_default: "{{ lookup('template', 'templates/config.json.j2') }}"
|
||||
|
||||
# Your custom JSON configuration for Element should go to `matrix_client_element_configuration_extension_json`.
|
||||
# This configuration extends the default starting configuration (`matrix_client_element_configuration_default`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_client_element_configuration_default`.
|
||||
#
|
||||
# Example configuration extension follows:
|
||||
#
|
||||
# matrix_client_element_configuration_extension_json: |
|
||||
# {
|
||||
# "disable_3pid_login": true,
|
||||
# "disable_login_language_selector": true
|
||||
# }
|
||||
matrix_client_element_configuration_extension_json: '{}'
|
||||
|
||||
matrix_client_element_configuration_extension: "{{ matrix_client_element_configuration_extension_json|from_json if matrix_client_element_configuration_extension_json|from_json is mapping else {} }}"
|
||||
|
||||
# Holds the final Element configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_client_element_configuration_default`.
|
||||
matrix_client_element_configuration: "{{ matrix_client_element_configuration_default|combine(matrix_client_element_configuration_extension, recursive=True) }}"
|
@ -1,10 +1,10 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-riot-web'] }}"
|
||||
when: matrix_riot_web_enabled|bool
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-client-element'] }}"
|
||||
when: matrix_client_element_enabled|bool
|
||||
|
||||
# ansible lower than 2.8, does not support docker_image build parameters
|
||||
# for self buildig it is explicitly needed, so we rather fail here
|
||||
- name: Fail if running on Ansible lower than 2.8 and trying self building
|
||||
fail:
|
||||
msg: "To self build Riot Web image, you should usa ansible 2.8 or higher. E.g. pip contains such packages."
|
||||
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_riot_web_container_image_self_build"
|
||||
msg: "To self build the Element image, you should usa ansible 2.8 or higher. E.g. pip contains such packages."
|
||||
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_client_element_container_image_self_build"
|
@ -0,0 +1,34 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_client_element_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-client-element
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/prepare_themes.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-client-element
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/migrate_riot_web.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-client-element
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-client-element
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/self_check.yml"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: "run_self_check|bool and matrix_client_element_enabled|bool"
|
||||
tags:
|
||||
- self-check
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue