From 5caf1fef1d1d21530089569ef4255ed41096b820 Mon Sep 17 00:00:00 2001 From: Pierre 'McFly' Marty Date: Tue, 9 Jan 2024 09:07:46 +0100 Subject: [PATCH 1/4] chore(deps): update signal bridge version + config (#3084) * chore(deps): update signal bridge version + config * style(deps): rename default note to self config variable * Add to_json for additional safety --------- Co-authored-by: Slavi Pantaleev --- .../matrix-bridge-mautrix-signal/defaults/main.yml | 4 +++- .../templates/config.yaml.j2 | 10 ++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml index 3be2587a2..b42fcf70c 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/ matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/signal -matrix_mautrix_signal_version: a91fc7028c54482ec6c581784d553199dfff93ff +matrix_mautrix_signal_version: 959eb7eaf9eb648f97b8e85d7650ea87f2639cd1 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_name_prefix }}mautrix/signal:{{ matrix_mautrix_signal_docker_image_tag }}" @@ -166,3 +166,5 @@ matrix_mautrix_signal_bridge_personal_filtering_spaces: true # On conduit versions before 0.5.0 this option prevented users from joining spaces created by the bridge. # Setting this to false fixed the issue. matrix_mautrix_signal_bridge_restricted_rooms: true + +matrix_mautrix_signal_bridge_note_to_self_avatar: "mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL" diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index 0df49c3ab..46427c8cd 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -84,6 +84,10 @@ metrics: # IP and port where the metrics listener should be. The path is always /metrics listen: 127.0.0.1:8000 +signal: + # Default device name that shows up in the Signal app. + device_name: mautrix-signal + # Bridge config bridge: # Localpart template of MXIDs for Signal users. @@ -105,6 +109,10 @@ bridge: private_chat_portal_meta: default # Should avatars from the user's contact list be used? This is not safe on multi-user instances. use_contact_avatars: false + # Should the Signal user's phone number be included in the room topic in private chat portal rooms? + number_in_topic: true + # Avatar image for the Note to Self room. + note_to_self_avatar: {{ matrix_mautrix_signal_bridge_note_to_self_avatar | to_json }} portal_message_buffer: 128 @@ -114,6 +122,8 @@ bridge: personal_filtering_spaces: {{ matrix_mautrix_signal_bridge_personal_filtering_spaces | to_json }} # Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal? delivery_receipts: false + # Should Matrix m.notice-type messages be bridged? + bridge_notices: true # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. message_status_events: false # Whether the bridge should send error notices via m.notice events when a message fails to bridge. From 2642cc1b18e7b8172daed320c5cbc12964abd2f2 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 9 Jan 2024 10:16:51 +0200 Subject: [PATCH 2/4] Adjust matrix-registration-bot docs to tell people to perform a full installation Running just `setup-all,start` is not enough, because it doesn't run `ensure-matrix-users-created` and the bot account won't get created. --- ...iguring-playbook-bot-matrix-registration-bot.md | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index 66b3e5768..30a9a1a78 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -17,9 +17,8 @@ To enable the bot, add the following configuration to your `inventory/host_vars/ ```yaml matrix_bot_matrix_registration_bot_enabled: true -#By default, the playbook will set use the bot with a username like -## this: `@bot.matrix-registration-bot:DOMAIN`. -# To use a different username, uncomment & adjust the variable. +# By default, the playbook will set use the bot with a username like this: `@bot.matrix-registration-bot:DOMAIN`. +# To use a different username, uncomment & adjust the variable below: # matrix_bot_matrix_registration_bot_matrix_user_id_localpart: bot.matrix-registration-bot # Generate a strong password here. Consider generating it with `pwgen -s 64 1` @@ -32,16 +31,11 @@ matrix_synapse_enable_registration: true matrix_synapse_registration_requires_token: true ``` -The bot account will be automatically created. +The bot account will be created automatically. ## Installing -After configuring the playbook, run the [installation](installing.md) command again: - -``` -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start -``` - +After configuring the playbook, re-run the [installation](installing.md) command again: `just install-all` or `just setup-all` ## Usage From bf95ad2235962c155f127f4d75f5a3cced18d60a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 9 Jan 2024 10:19:41 +0200 Subject: [PATCH 3/4] Auto-generate matrix_bot_matrix_registration_bot_bot_password via group vars --- docs/configuring-playbook-bot-matrix-registration-bot.md | 5 +---- group_vars/matrix_servers | 1 + .../matrix-bot-matrix-registration-bot/defaults/main.yml | 1 - .../tasks/validate_config.yml | 4 ++-- 4 files changed, 4 insertions(+), 7 deletions(-) diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index 30a9a1a78..938dd36db 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -21,9 +21,6 @@ matrix_bot_matrix_registration_bot_enabled: true # To use a different username, uncomment & adjust the variable below: # matrix_bot_matrix_registration_bot_matrix_user_id_localpart: bot.matrix-registration-bot -# Generate a strong password here. Consider generating it with `pwgen -s 64 1` -matrix_bot_matrix_registration_bot_bot_password: PASSWORD_FOR_THE_BOT - # Enables registration matrix_synapse_enable_registration: true @@ -31,7 +28,7 @@ matrix_synapse_enable_registration: true matrix_synapse_registration_requires_token: true ``` -The bot account will be created automatically. +The bot's user account will be created automatically. ## Installing diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 42ca31f00..8210882d5 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1714,6 +1714,7 @@ matrix_bot_matrix_registration_bot_systemd_required_services_list: | (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) }} +matrix_bot_matrix_registration_bot_bot_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'registration.bot', rounds=655555) | to_uuid }}" ###################################################################### # diff --git a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml index 512306e95..32b23a03b 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml @@ -22,7 +22,6 @@ matrix_bot_matrix_registration_bot_data_path: "{{ matrix_bot_matrix_registration matrix_bot_matrix_registration_bot_bot_server: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_matrix_registration_bot_api_base_url: "https://{{ matrix_server_fqn_matrix }}" - # The bot's password (can also be used to login via a client like element) matrix_bot_matrix_registration_bot_bot_password: '' diff --git a/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml index b7a475639..f961fb40e 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml @@ -1,6 +1,6 @@ --- -- name: Fail if required settings not defined +- name: Fail if required matrix-registration-bot settings not defined ansible.builtin.fail: msg: >- You need to define a required configuration setting (`{{ item }}`). @@ -8,7 +8,7 @@ with_items: - "matrix_bot_matrix_registration_bot_bot_password" -- name: (Deprecation) Catch and report old settings +- name: (Deprecation) Catch and report old matrix-registration-bot settings ansible.builtin.fail: msg: >- Your configuration contains a variable, which is deprecated - Please check the documentation on how to configure the matrix-registration-bot. From 998e9ce65571eb5dff2aeffe3e1f1930882425e9 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 9 Jan 2024 10:22:20 +0200 Subject: [PATCH 4/4] Revert "Auto-generate matrix_bot_matrix_registration_bot_bot_password via group vars" This reverts commit bf95ad2235962c155f127f4d75f5a3cced18d60a. This was a bad idea. It's better to have people manually define the password. Otherwise, `matrix_homeserver_generic_secret_key` changing some day in the future would break the bot and one would have to figure out how to reset its password manually. Using an explicit password is more stable. --- docs/configuring-playbook-bot-matrix-registration-bot.md | 5 ++++- group_vars/matrix_servers | 1 - .../matrix-bot-matrix-registration-bot/defaults/main.yml | 1 + .../tasks/validate_config.yml | 4 ++-- 4 files changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index 938dd36db..30a9a1a78 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -21,6 +21,9 @@ matrix_bot_matrix_registration_bot_enabled: true # To use a different username, uncomment & adjust the variable below: # matrix_bot_matrix_registration_bot_matrix_user_id_localpart: bot.matrix-registration-bot +# Generate a strong password here. Consider generating it with `pwgen -s 64 1` +matrix_bot_matrix_registration_bot_bot_password: PASSWORD_FOR_THE_BOT + # Enables registration matrix_synapse_enable_registration: true @@ -28,7 +31,7 @@ matrix_synapse_enable_registration: true matrix_synapse_registration_requires_token: true ``` -The bot's user account will be created automatically. +The bot account will be created automatically. ## Installing diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 8210882d5..42ca31f00 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1714,7 +1714,6 @@ matrix_bot_matrix_registration_bot_systemd_required_services_list: | (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) }} -matrix_bot_matrix_registration_bot_bot_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'registration.bot', rounds=655555) | to_uuid }}" ###################################################################### # diff --git a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml index 32b23a03b..512306e95 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml @@ -22,6 +22,7 @@ matrix_bot_matrix_registration_bot_data_path: "{{ matrix_bot_matrix_registration matrix_bot_matrix_registration_bot_bot_server: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_matrix_registration_bot_api_base_url: "https://{{ matrix_server_fqn_matrix }}" + # The bot's password (can also be used to login via a client like element) matrix_bot_matrix_registration_bot_bot_password: '' diff --git a/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml index f961fb40e..b7a475639 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml @@ -1,6 +1,6 @@ --- -- name: Fail if required matrix-registration-bot settings not defined +- name: Fail if required settings not defined ansible.builtin.fail: msg: >- You need to define a required configuration setting (`{{ item }}`). @@ -8,7 +8,7 @@ with_items: - "matrix_bot_matrix_registration_bot_bot_password" -- name: (Deprecation) Catch and report old matrix-registration-bot settings +- name: (Deprecation) Catch and report old settings ansible.builtin.fail: msg: >- Your configuration contains a variable, which is deprecated - Please check the documentation on how to configure the matrix-registration-bot.