From dec6326bb68d53803b04d1106f6b3f1dce6b3f65 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Tue, 19 May 2026 07:40:00 +0000 Subject: [PATCH] Remove matrix-registration (#4919) * Remove roles/custom/matrix-registration Signed-off-by: Suguru Hirahara * Update README.md Signed-off-by: Suguru Hirahara * Update configuring-playbook-matrix-registration.md Reuse https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/409c7393a04126341dc4beb7b14590313fcf5e9e/docs/configuring-playbook-dimension.md Signed-off-by: Suguru Hirahara * Move entries for matrix-registrations down to the sections for removed components Signed-off-by: Suguru Hirahara * Remove a section from registering-users.md Signed-off-by: Suguru Hirahara * Remove an entry for matrix-registration from self-building.md Signed-off-by: Suguru Hirahara * Remove matrix-registration from matrix_servers Signed-off-by: Suguru Hirahara * Remove reference to matrix-registration from matrix-user-verification-service/defaults/main.yml Signed-off-by: Suguru Hirahara * Remove an entry for matrix-registration from setup.yml Signed-off-by: Suguru Hirahara * Update CHANGELOG.md Signed-off-by: Suguru Hirahara --------- Signed-off-by: Suguru Hirahara Co-authored-by: Suguru Hirahara --- CHANGELOG.md | 8 + README.md | 1 - ...onfiguring-playbook-matrix-registration.md | 127 +++---------- docs/configuring-playbook.md | 4 +- docs/container-images.md | 2 +- docs/registering-users.md | 4 - docs/self-building.md | 1 - group_vars/matrix_servers | 83 --------- .../matrix-registration/defaults/main.yml | 176 ------------------ .../tasks/generate_token.yml | 57 ------ .../matrix-registration/tasks/list_tokens.yml | 37 ---- .../custom/matrix-registration/tasks/main.yml | 38 ---- .../tasks/setup_install.yml | 149 --------------- .../tasks/setup_uninstall.yml | 26 --- .../tasks/validate_config.yml | 37 ---- .../templates/config.yaml.j2 | 37 ---- .../matrix-registration/templates/labels.j2 | 69 ------- .../systemd/matrix-registration.service.j2 | 51 ----- .../matrix-registration.service.j2.license | 3 - .../defaults/main.yml | 2 +- .../tasks/validate_config.yml | 12 ++ setup.yml | 1 - 22 files changed, 48 insertions(+), 877 deletions(-) delete mode 100644 roles/custom/matrix-registration/defaults/main.yml delete mode 100644 roles/custom/matrix-registration/tasks/generate_token.yml delete mode 100644 roles/custom/matrix-registration/tasks/list_tokens.yml delete mode 100644 roles/custom/matrix-registration/tasks/main.yml delete mode 100644 roles/custom/matrix-registration/tasks/setup_install.yml delete mode 100644 roles/custom/matrix-registration/tasks/setup_uninstall.yml delete mode 100644 roles/custom/matrix-registration/tasks/validate_config.yml delete mode 100644 roles/custom/matrix-registration/templates/config.yaml.j2 delete mode 100644 roles/custom/matrix-registration/templates/labels.j2 delete mode 100644 roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 delete mode 100644 roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2.license diff --git a/CHANGELOG.md b/CHANGELOG.md index be17a58f5..1e70ec1dc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,11 @@ +# 2026-05-19 + +## matrix-registration has been removed from the playbook + +The [matrix-registration](./docs/configuring-playbook-matrix-registration.md) service has been removed from the playbook, as it has been unmaintained (archived) since November, 2025. + +The playbook will let you know if you're using any `matrix_registration_*` variables. You'll need to remove them from `vars.yml` and potentially [uninstall the component manually](./docs/configuring-playbook-matrix-registration.md#uninstalling-the-component-manually). + # 2026-05-18 ## LiveKit Server has been upgraded to v1.12.0 diff --git a/README.md b/README.md index 11e169b00..6c521cdbe 100644 --- a/README.md +++ b/README.md @@ -93,7 +93,6 @@ Extend and modify how users are authenticated on your homeserver. |[matrix-synapse-shared-secret-auth](https://github.com/devture/matrix-synapse-shared-secret-auth) (advanced) | ❌ | Password provider module | [Link](docs/configuring-playbook-shared-secret-auth.md) | | [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3) (advanced) | ❌ | LDAP Auth password provider module | [Link](docs/configuring-playbook-ldap-auth.md) | | [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) (advanced) | ❌ | Proxy that handles Matrix registration requests and forwards them to LDAP | [Link](docs/configuring-playbook-matrix-ldap-registration-proxy.md) | -| [matrix-registration](https://github.com/ZerataX/matrix-registration) | ❌ | Simple python application to have a token based Matrix registration | [Link](docs/configuring-playbook-matrix-registration.md) | | [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) | ❌ | Service to verify details of a user based on an Open ID token | [Link](docs/configuring-playbook-user-verification-service.md) | | [synapse-simple-antispam](https://github.com/t2bot/synapse-simple-antispam) (advanced) | ❌ | Spam checker module | [Link](docs/configuring-playbook-synapse-simple-antispam.md) | diff --git a/docs/configuring-playbook-matrix-registration.md b/docs/configuring-playbook-matrix-registration.md index 441c85973..bb22ec35e 100644 --- a/docs/configuring-playbook-matrix-registration.md +++ b/docs/configuring-playbook-matrix-registration.md @@ -1,115 +1,36 @@ -# Setting up matrix-registration (optional) +# Setting up matrix-registration (optional, removed) -> [!WARNING] -> - This is a poorly maintained and buggy project. It's better to avoid using it. -> - This is not related to [matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md) +> [!NOTE] +> This is not related to [matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md). -The playbook can install and configure [matrix-registration](https://github.com/ZerataX/matrix-registration) for you. It is a simple python application to have a token based Matrix registration. +🪦 The playbook used to be able to install and configure [matrix-registration](https://github.com/ZerataX/matrix-registration), but no longer includes this component, as it has been unmaintained since November, 2025. -Use matrix-registration to **create unique registration links**, which people can use to register on your Matrix server. It allows certain people (these having a special link) to register a user account, **keeping your server's registration closed (private)**. +## Uninstalling the component manually -**matrix-registration** provides 2 things: - -- **an API for creating registration tokens** (unique registration links). This API can be used via `curl` or via the playbook (see [Usage](#usage) below) - -- **a user registration page**, where people can use these registration tokens. By default, exposed at `https://matrix.example.com/matrix-registration` - -## Adjusting DNS records (optional) - -By default, this playbook installs the matrix-registration on the `matrix.` subdomain, at the `/matrix-registration` path (https://matrix.example.com/matrix-registration). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section. - -If you wish to adjust it, see the section [below](#adjusting-the-matrix-registration-url-optional) for details about DNS configuration. - -## Adjusting the playbook configuration - -To enable matrix-registration, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: - -```yaml -matrix_registration_enabled: true - -# Generate a strong secret here. You can create one with a command like `pwgen -s 64 1`. -matrix_registration_admin_secret: "ENTER_SOME_SECRET_HERE" -``` - -### Adjusting the matrix-registration URL (optional) - -By tweaking the `matrix_registration_hostname` and `matrix_registration_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. - -Example additional configuration for your `vars.yml` file: - -```yaml -# Change the default hostname and path prefix -matrix_registration_hostname: registration.example.com -matrix_registration_path_prefix: / -``` - -If you've changed the default hostname, you may need to create a CNAME record for the matrix-registration domain (`registration.example.com`), which targets `matrix.example.com`. - -When setting, replace `example.com` with your own. - -### Extending the configuration - -There are some additional things you may wish to configure about the component. - -Take a look at: - -- `roles/custom/matrix-registration/defaults/main.yml` for some variables that you can customize via your `vars.yml` file -- `roles/custom/matrix-registration/templates/config.yaml.j2` for the component's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_registration_configuration_extension_yaml` variable - -## Installing - -After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the playbook with [playbook tags](playbook-tags.md) as below: - - -```sh -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start -``` - -The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all` - -`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too. - -## Usage - -**matrix-registration** gets exposed at `https://matrix.example.com/matrix-registration` - -It provides various [APIs](https://github.com/ZerataX/matrix-registration/wiki/api) — for creating registration tokens, listing tokens, disabling tokens, etc. To make use of all of its capabilities, consider using `curl`. - -We make the most common APIs easy to use via the playbook (see below). - -### Creating registration tokens - -To **create a new user registration token (link)**, use this command: +If you still have matrix-registration installed on your Matrix server, the playbook can no longer help you uninstall it and you will need to do it manually. To uninstall manually, run these commands on the server: ```sh -ansible-playbook -i inventory/hosts setup.yml \ ---tags=generate-matrix-registration-token \ ---extra-vars="one_time=yes ex_date=2021-12-31" +systemctl disable --now matrix-registration.service + +rm -rf /matrix/matrix-registration + +/matrix/postgres/bin/cli-non-interactive -c 'DROP DATABASE matrix_registration;' ``` - -The above command creates and returns a **one-time use** token, which **expires** on the 31st of December 2021. Adjust the `one_time` and `ex_date` variables as you see fit. - -Share the unique registration link (generated by the command above) with users to let them register on your Matrix server. - -### Listing registration tokens - -To **list the existing user registration tokens**, use this command: - -```sh -ansible-playbook -i inventory/hosts setup.yml \ ---tags=list-matrix-registration-tokens -``` - -The shortcut command with `just` program is also available: `just run-tags list-matrix-registration-tokens` - -## Troubleshooting - -As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-registration`. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 7beb3309a..f3180dc1b 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -106,8 +106,6 @@ Extend and modify how users are authenticated on your homeserver. - [Setting up Ketesa](configuring-playbook-ketesa.md) -- [Setting up matrix-registration](configuring-playbook-matrix-registration.md) - - [Setting up the REST authentication password provider module](configuring-playbook-rest-auth.md) (advanced) - [Setting up the Shared Secret Auth password provider module](configuring-playbook-shared-secret-auth.md) (advanced) @@ -281,6 +279,8 @@ Various services that don't fit any other categories. - [Setting up matrix-bot-chatgpt](configuring-playbook-bot-chatgpt.md) (unmaintained; the bridge's author suggests taking a look at [baibot](https://github.com/etkecc/baibot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bot-baibot.md)) +- [Setting up matrix-registration](configuring-playbook-matrix-registration.md) (removed; this component has been unmaintained) + - [Setting up Mautrix Facebook bridging](configuring-playbook-bridge-mautrix-facebook.md) (deprecated in favor of the Messenger/Instagram bridge with [mautrix-meta-messenger](configuring-playbook-bridge-mautrix-meta-messenger.md)) - [Setting up Mautrix Instagram bridging](configuring-playbook-bridge-mautrix-instagram.md) (deprecated in favor of the Messenger/Instagram bridge with [mautrix-meta-instagram](configuring-playbook-bridge-mautrix-meta-instagram.md)) diff --git a/docs/container-images.md b/docs/container-images.md index c9b17c223..c5da3fbcb 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -68,7 +68,6 @@ Extend and modify how users are authenticated on your homeserver. | [matrix-synapse-shared-secret-auth](configuring-playbook-shared-secret-auth.md) | (N/A) | ❌ | Password provider module | | [matrix-synapse-ldap3](configuring-playbook-ldap-auth.md) (advanced) | (N/A) | ❌ | LDAP Auth password provider module | | [matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) | [activism.international/matrix_ldap_registration_proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/container_registry) | ❌ | Proxy that handles Matrix registration requests and forwards them to LDAP | -| [matrix-registration](configuring-playbook-matrix-registration.md) | [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) | ❌ | Simple python application to have a token based Matrix registration | | [Matrix User Verification Service](configuring-playbook-user-verification-service.md) | [matrixdotorg/matrix-user-verification-service](https://hub.docker.com/r/atrixdotorg/matrix-user-verification-service) | ❌ | Service to verify details of a user based on an Open ID token | | [synapse-simple-antispam](configuring-playbook-synapse-simple-antispam.md) (advanced) | (N/A) | ❌ | Spam checker module | @@ -179,6 +178,7 @@ The list of the deprecated or unmaintained services is available [here](configur | [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) | [matrixdotorg/matrix-appservice-slack](https://hub.docker.com/r/matrixdotorg/matrix-appservice-slack) | ❌ | Bridge to [Slack](https://slack.com/) | | [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md) | [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) | ❌ | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) | | [matrix-chatgpt-bot](configuring-playbook-bot-chatgpt.md) | [matrixgpt/matrix-chatgpt-bot](https://ghcr.io/matrixgpt/matrix-chatgpt-bot) | ❌ | Accessing ChatGPT via your favourite Matrix client | +| [matrix-registration](configuring-playbook-matrix-registration.md) | [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) | ❌ | Simple python application to have a token based Matrix registration | | [mautrix-facebook](configuring-playbook-bridge-mautrix-facebook.md) | [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) | ❌ | Bridge to [Facebook](https://facebook.com/) | | [mautrix-instagram](configuring-playbook-bridge-mautrix-instagram.md) | [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) | ❌ | Bridge to [Instagram](https://instagram.com/) | | [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) | [mx-puppet/discord/mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord/container_registry) | ❌ | Bridge to [Discord](https://discordapp.com/) | diff --git a/docs/registering-users.md b/docs/registering-users.md index f3b50a6ef..e6479ae26 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -97,10 +97,6 @@ This `register-user` script actually invokes the `mas-cli manage register-user` To manage users and your homeserver more easily (via a web interface), you can install [Ketesa](configuring-playbook-ketesa.md) — a fully-featured admin UI covering users, rooms, media, sessions, and MAS management. -## Letting certain users register on your private server - -If you'd rather **keep your server private** (public registration closed, as is the default), and **let certain people create accounts by themselves** (instead of creating user accounts manually like this), consider installing and making use of [matrix-registration](configuring-playbook-matrix-registration.md). - ## Enabling public user registration To **open up user registration publicly** (usually **not recommended**), add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file: diff --git a/docs/self-building.md b/docs/self-building.md index dceaf678d..5096d8c33 100644 --- a/docs/self-building.md +++ b/docs/self-building.md @@ -31,7 +31,6 @@ Possibly outdated list of roles where self-building the Docker image is currentl - `hydrogen` - `cinny` - `sable` -- `matrix-registration` - `coturn` - `matrix-corporal` - `exim-relay` diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 6e8a35ec8..3f6e79a92 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -834,13 +834,6 @@ devture_systemd_service_manager_services_list_auto: | 'groups': ['matrix', 'livekit-server'], }] if livekit_server_enabled else []) + - ([{ - 'name': 'matrix-registration.service', - 'priority': 4000, - 'restart_necessary': (matrix_registration_restart_necessary | bool), - 'groups': ['matrix', 'registration', 'matrix-registration'], - }] if matrix_registration_enabled else []) - + ([{ 'name': 'matrix-sygnal.service', 'priority': 800, @@ -4120,12 +4113,6 @@ postgres_managed_databases_auto: | 'password': matrix_bot_buscarron_database_password, }] if (matrix_bot_buscarron_enabled and matrix_bot_buscarron_database_engine == 'postgres' and matrix_bot_buscarron_database_hostname == postgres_connection_hostname) else []) + - ([{ - 'name': matrix_registration_database_name, - 'username': matrix_registration_database_username, - 'password': matrix_registration_database_password, - }] if (matrix_registration_enabled and matrix_registration_database_engine == 'postgres' and matrix_registration_database_hostname == postgres_connection_hostname) else []) - + ([{ 'name': matrix_appservice_discord_database_name, 'username': matrix_appservice_discord_database_username, @@ -5552,76 +5539,6 @@ grafana_default_home_dashboard_path: |- # ###################################################################### - -###################################################################### -# -# matrix-registration -# -###################################################################### - -matrix_registration_enabled: false - -matrix_registration_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}" -matrix_registration_hostname: "{{ matrix_server_fqn_matrix }}" -matrix_registration_path_prefix: /matrix-registration - -matrix_registration_systemd_required_services_list_auto: | - {{ - ([postgres_identifier ~ '.service'] if (postgres_enabled and matrix_registration_database_hostname == postgres_connection_hostname) else []) - }} - -matrix_registration_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_registration_container_image_registry_prefix_upstream_default }}" - -matrix_registration_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" - -matrix_registration_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '8767') if matrix_playbook_service_host_bind_interface_prefix else '' }}" - -matrix_registration_container_network: "{{ matrix_addons_container_network }}" - -matrix_registration_container_additional_networks_auto: |- - {{ - ( - ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) - + - ([postgres_container_network] if (postgres_enabled and matrix_registration_database_hostname == postgres_connection_hostname and matrix_registration_container_network != postgres_container_network) else []) - + - ([matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_playbook_reverse_proxyable_services_additional_network and matrix_registration_container_labels_traefik_enabled) else []) - ) | unique - }} - -matrix_registration_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}" -matrix_registration_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}" -matrix_registration_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}" -matrix_registration_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" - -matrix_registration_riot_instance: "{{ (('https://' if matrix_playbook_ssl_enabled else 'http://') + matrix_server_fqn_element) if matrix_client_element_enabled else 'https://element.io/app/' }}" - -matrix_registration_shared_secret: |- - {{ - { - 'synapse': matrix_synapse_registration_shared_secret | default (''), - 'dendrite': matrix_dendrite_client_api_registration_shared_secret | default (''), - 'conduit': '', - 'continuwuity': '', - 'tuwunel': '', - }[matrix_homeserver_implementation] - }} - -matrix_registration_server_location: "{{ matrix_addons_homeserver_client_api_url }}" - -matrix_registration_api_validate_certs: "{{ matrix_playbook_ssl_enabled }}" - -# Postgres is the default, except if not using internal Postgres server -matrix_registration_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}" -matrix_registration_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}" -matrix_registration_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mx.registr.db') | hash('sha512') | to_uuid }}" - -###################################################################### -# -# /matrix-registration -# -###################################################################### - ###################################################################### # # matrix-dendrite diff --git a/roles/custom/matrix-registration/defaults/main.yml b/roles/custom/matrix-registration/defaults/main.yml deleted file mode 100644 index aac5903ee..000000000 --- a/roles/custom/matrix-registration/defaults/main.yml +++ /dev/null @@ -1,176 +0,0 @@ -# SPDX-FileCopyrightText: 2020 - 2025 Slavi Pantaleev -# SPDX-FileCopyrightText: 2021 Aaron Raimist -# SPDX-FileCopyrightText: 2021 Ahmad Haghighi -# SPDX-FileCopyrightText: 2022 Marko Weltzer -# SPDX-FileCopyrightText: 2022 Nikita Chernyi -# SPDX-FileCopyrightText: 2023 Samuel Meenzen -# SPDX-FileCopyrightText: 2024 Suguru Hirahara -# -# SPDX-License-Identifier: AGPL-3.0-or-later - ---- -# matrix-registration is a simple python application to have a token based Matrix registration -# See: https://zeratax.github.io/matrix-registration/ -# Project source code URL: https://github.com/ZerataX/matrix-registration - -matrix_registration_enabled: true - -matrix_registration_scheme: https -matrix_registration_hostname: '' -matrix_registration_path_prefix: / - -matrix_registration_container_image_self_build: false -matrix_registration_container_image_self_build_repo: "https://github.com/ZerataX/matrix-registration" -matrix_registration_container_image_self_build_branch: "{{ 'master' if matrix_registration_version == 'latest' else matrix_registration_version }}" -# Controls whether we'll be patching the dependencies in `setup.py` when self-building. -# Without patching, building will likely fail, because of the poor unbounded way dependencies are defined (e.g. `flask-limiter>=1.1.0`). -# This is an attempt to get matrix-registration in its current (outdated) version to build. -matrix_registration_container_image_self_build_python_dependencies_patch_enabled: true - -matrix_registration_base_path: "{{ matrix_base_data_path }}/matrix-registration" -matrix_registration_config_path: "{{ matrix_registration_base_path }}/config" -matrix_registration_data_path: "{{ matrix_registration_base_path }}/data" -matrix_registration_container_src_files_path: "{{ matrix_registration_base_path }}/docker-src" - -# renovate: datasource=docker depName=zeratax/matrix-registration -matrix_registration_version: "v0.7.2" - -matrix_registration_container_image: "{{ matrix_registration_container_image_registry_prefix }}zeratax/matrix-registration:{{ matrix_registration_version }}" -matrix_registration_container_image_registry_prefix: "{{ 'localhost/' if matrix_registration_container_image_self_build else matrix_registration_container_image_registry_prefix_upstream }}" -matrix_registration_container_image_registry_prefix_upstream: "{{ matrix_registration_container_image_registry_prefix_upstream_default }}" -matrix_registration_container_image_registry_prefix_upstream_default: "docker.io/" - -matrix_registration_container_network: "" - -matrix_registration_container_additional_networks: "{{ matrix_registration_container_additional_networks_auto + matrix_registration_container_additional_networks_custom }}" -matrix_registration_container_additional_networks_auto: [] -matrix_registration_container_additional_networks_custom: [] - -# matrix_registration_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container. -# See `../templates/labels.j2` for details. -# -# To inject your own other container labels, see `matrix_registration_container_labels_additional_labels`. -matrix_registration_container_labels_traefik_enabled: true -matrix_registration_container_labels_traefik_docker_network: "{{ matrix_registration_container_network }}" -matrix_registration_container_labels_traefik_entrypoints: web-secure -matrix_registration_container_labels_traefik_tls_certResolver: default # noqa var-naming - -# Controls whether labels will be added that expose matrix-registration's public endpoints -matrix_registration_container_labels_public_endpoint_enabled: true -matrix_registration_container_labels_public_endpoint_traefik_rule: "Host(`{{ matrix_registration_hostname }}`){% if matrix_registration_path_prefix != '/' %} && PathPrefix(`{{ matrix_registration_path_prefix }}`){% endif %}" -matrix_registration_container_labels_public_endpoint_traefik_priority: 0 -matrix_registration_container_labels_public_endpoint_traefik_entrypoints: "{{ matrix_registration_container_labels_traefik_entrypoints }}" -matrix_registration_container_labels_public_endpoint_traefik_tls: "{{ matrix_registration_container_labels_public_endpoint_traefik_entrypoints != 'web' }}" -matrix_registration_container_labels_public_endpoint_traefik_tls_certResolver: "{{ matrix_registration_container_labels_traefik_tls_certResolver }}" # noqa var-naming - -# matrix_registration_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file. -# See `../templates/labels.j2` for details. -# -# Example: -# matrix_registration_container_labels_additional_labels: | -# my.label=1 -# another.label="here" -matrix_registration_container_labels_additional_labels: '' - -# A list of extra arguments to pass to the container -matrix_registration_container_extra_arguments: [] - -# List of systemd services that matrix-registration.service depends on -matrix_registration_systemd_required_services_list: "{{ matrix_registration_systemd_required_services_list_default + matrix_registration_systemd_required_services_list_auto + matrix_registration_systemd_required_services_list_custom }}" -matrix_registration_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" -matrix_registration_systemd_required_services_list_auto: [] -matrix_registration_systemd_required_services_list_custom: [] - -# List of systemd services that matrix-registration.service wants -matrix_registration_systemd_wanted_services_list: [] - -# Controls whether the matrix-registration container exposes its HTTP port (tcp/5000 in the container). -# -# Takes an ":" or "" value (e.g. "127.0.0.1:8767"), or empty string to not expose. -matrix_registration_container_http_host_bind_port: '' - -# Database-related configuration fields. -# -# To use SQLite, stick to these defaults. -# -# To use Postgres: -# - change the engine (`matrix_registration_database_engine: 'postgres'`) -# - adjust your database credentials via the `matrix_registration_database_*` variables -matrix_registration_database_engine: 'sqlite' - -matrix_registration_sqlite_database_path_local: "{{ matrix_registration_data_path }}/db.sqlite3" -matrix_registration_sqlite_database_path_in_container: "/data/db.sqlite3" - -matrix_registration_database_username: 'matrix_registration' -matrix_registration_database_password: 'some-password' -matrix_registration_database_hostname: '' -matrix_registration_database_port: 5432 -matrix_registration_database_name: 'matrix_registration' - -matrix_registration_database_connection_string: 'postgresql://{{ matrix_registration_database_username }}:{{ matrix_registration_database_password }}@{{ matrix_registration_database_hostname }}:{{ matrix_registration_database_port }}/{{ matrix_registration_database_name }}' - -# For some reason, matrix-registraiton expects the `db` field to be like this: `sqlite:////data/db.sqlite3`. -# (seems like one too many slashes, but..) -matrix_registration_db: "{{ { - 'sqlite': ('sqlite:///' + matrix_registration_sqlite_database_path_in_container), - 'postgres': matrix_registration_database_connection_string, -}[matrix_registration_database_engine] }}" - -matrix_registration_base_url: "{{ matrix_registration_path_prefix }}" - -matrix_registration_api_register_endpoint: "{{ matrix_registration_scheme }}://{{ matrix_registration_hostname }}{{ matrix_registration_base_url }}{{ '' if matrix_registration_base_url == '/' else '/' }}register" -matrix_registration_api_token_endpoint: "{{ matrix_registration_scheme }}://{{ matrix_registration_hostname }}{{ matrix_registration_base_url }}{{ '' if matrix_registration_base_url == '/' else '/' }}token" - -matrix_registration_api_validate_certs: true - -# The URL to your homeserver (e.g.: `https://matrix.example.com`). -# A local (in-container address) is preferable. -matrix_registration_server_location: "" - -matrix_registration_server_name: "{{ matrix_domain }}" - -# matrix_registration_shared_secret needs to match the homeserver's registration secret. -# For Synapse, that's the `registration_shared_secret` setting. -matrix_registration_shared_secret: "" - -# matrix_registration_admin_secret is your own admin secret for using matrix-registration (creating new tokens, etc.) -matrix_registration_admin_secret: "" - -matrix_registration_riot_instance: "https://element.io/app/" - -# Default matrix-registration configuration template which covers the generic use case. -# You can customize it by controlling the various variables inside it. -# -# For a more advanced customization, you can extend the default (see `matrix_registration_configuration_extension_yaml`) -# or completely replace this variable with your own template. -matrix_registration_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" - -matrix_registration_configuration_extension_yaml: | - # Your custom YAML configuration for registration goes here. - # This configuration extends the default starting configuration (`matrix_registration_configuration_yaml`). - # - # You can override individual variables from the default configuration, or introduce new ones. - # - # If you need something more special, you can take full control by - # completely redefining `matrix_registration_configuration_yaml`. - # - # Example configuration extension follows: - # - # password: - # min_length: 12 - -matrix_registration_configuration_extension: "{{ matrix_registration_configuration_extension_yaml | from_yaml if matrix_registration_configuration_extension_yaml | from_yaml is mapping else {} }}" - -# Holds the final matrix-registration configuration (a combination of the default and its extension). -# You most likely don't need to touch this variable. Instead, see `matrix_registration_configuration_yaml`. -matrix_registration_configuration: "{{ matrix_registration_configuration_yaml | from_yaml | combine(matrix_registration_configuration_extension, recursive=True) }}" - -# matrix_registration_restart_necessary controls whether the service -# will be restarted (when true) or merely started (when false) by the -# systemd service manager role (when conditional restart is enabled). -# -# This value is automatically computed during installation based on whether -# any configuration files, the systemd service file, or the container image changed. -# The default of `false` means "no restart needed" — appropriate when the role's -# installation tasks haven't run (e.g., due to --tags skipping them). -matrix_registration_restart_necessary: false diff --git a/roles/custom/matrix-registration/tasks/generate_token.yml b/roles/custom/matrix-registration/tasks/generate_token.yml deleted file mode 100644 index 0a3e47258..000000000 --- a/roles/custom/matrix-registration/tasks/generate_token.yml +++ /dev/null @@ -1,57 +0,0 @@ -# SPDX-FileCopyrightText: 2020 - 2022 Slavi Pantaleev -# SPDX-FileCopyrightText: 2022 Marko Weltzer -# -# SPDX-License-Identifier: AGPL-3.0-or-later - ---- - -- name: Fail if playbook called incorrectly - ansible.builtin.fail: - msg: "The `one_time` variable needs to be provided to this playbook, via --extra-vars" - when: "one_time is not defined or one_time not in ['yes', 'no']" - -- name: Fail if playbook called incorrectly - ansible.builtin.fail: - msg: "The `ex_date` variable (expiration date) needs to be provided to this playbook, via --extra-vars" - when: "ex_date is not defined or ex_date == ''" - -- name: Call matrix-registration token creation API - ansible.builtin.uri: - url: "{{ matrix_registration_api_token_endpoint }}" - follow_redirects: none - validate_certs: "{{ matrix_registration_api_validate_certs }}" - headers: - Content-Type: application/json - Authorization: "SharedSecret {{ matrix_registration_admin_secret }}" - method: POST - body_format: json - body: | - { - "one_time": {{ 'true' if one_time == 'yes' else 'false' }}, - "ex_date": {{ ex_date | to_json }} - } - check_mode: false - register: matrix_registration_api_result - -- ansible.builtin.set_fact: - matrix_registration_api_result_message: >- - matrix-registration result: - - Direct registration link (with the token prefilled): - - {{ matrix_registration_api_register_endpoint }}?token={{ matrix_registration_api_result.json.name }} - - Full token details are: - - {{ matrix_registration_api_result.json }} - check_mode: false - -- name: Inject result message into devture_playbook_runtime_messages_list - ansible.builtin.set_fact: - devture_playbook_runtime_messages_list: | - {{ - devture_playbook_runtime_messages_list | default([]) - + - [matrix_registration_api_result_message] - }} - check_mode: false diff --git a/roles/custom/matrix-registration/tasks/list_tokens.yml b/roles/custom/matrix-registration/tasks/list_tokens.yml deleted file mode 100644 index f5c85a04d..000000000 --- a/roles/custom/matrix-registration/tasks/list_tokens.yml +++ /dev/null @@ -1,37 +0,0 @@ -# SPDX-FileCopyrightText: 2021 MDAD project contributors -# SPDX-FileCopyrightText: 2022 Marko Weltzer -# SPDX-FileCopyrightText: 2022 Slavi Pantaleev -# -# SPDX-License-Identifier: AGPL-3.0-or-later - ---- - -- name: Call matrix-registration list all tokens API - ansible.builtin.uri: - url: "{{ matrix_registration_api_token_endpoint }}" - follow_redirects: none - validate_certs: "{{ matrix_registration_api_validate_certs }}" - headers: - Content-Type: application/json - Authorization: "SharedSecret {{ matrix_registration_admin_secret }}" - method: GET - body_format: json - check_mode: false - register: matrix_registration_api_result - -- ansible.builtin.set_fact: - matrix_registration_api_result_message: >- - matrix-registration result: - - {{ matrix_registration_api_result.json | to_nice_json }} - check_mode: false - -- name: Inject result message into devture_playbook_runtime_messages_list - ansible.builtin.set_fact: - devture_playbook_runtime_messages_list: | - {{ - devture_playbook_runtime_messages_list | default([]) - + - [matrix_registration_api_result_message] - }} - check_mode: false diff --git a/roles/custom/matrix-registration/tasks/main.yml b/roles/custom/matrix-registration/tasks/main.yml deleted file mode 100644 index dcae5528e..000000000 --- a/roles/custom/matrix-registration/tasks/main.yml +++ /dev/null @@ -1,38 +0,0 @@ -# SPDX-FileCopyrightText: 2020 - 2024 Slavi Pantaleev -# SPDX-FileCopyrightText: 2021 MDAD project contributors -# SPDX-FileCopyrightText: 2022 Marko Weltzer -# -# SPDX-License-Identifier: AGPL-3.0-or-later - ---- - -- tags: - - setup-all - - setup-matrix-registration - - install-all - - install-matrix-registration - block: - - when: matrix_registration_enabled | bool - ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml" - - - when: matrix_registration_enabled | bool - ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml" - -- tags: - - setup-all - - setup-matrix-registration - block: - - when: not matrix_registration_enabled | bool - ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - -- tags: - - generate-matrix-registration-token - block: - - when: matrix_registration_enabled | bool - ansible.builtin.include_tasks: "{{ role_path }}/tasks/generate_token.yml" - -- tags: - - list-matrix-registration-tokens - block: - - when: matrix_registration_enabled | bool - ansible.builtin.include_tasks: "{{ role_path }}/tasks/list_tokens.yml" diff --git a/roles/custom/matrix-registration/tasks/setup_install.yml b/roles/custom/matrix-registration/tasks/setup_install.yml deleted file mode 100644 index d0421dbbb..000000000 --- a/roles/custom/matrix-registration/tasks/setup_install.yml +++ /dev/null @@ -1,149 +0,0 @@ -# SPDX-FileCopyrightText: 2020 - 2024 Slavi Pantaleev -# SPDX-FileCopyrightText: 2020 Stuart Mumford -# SPDX-FileCopyrightText: 2022 Jim Myhrberg -# SPDX-FileCopyrightText: 2022 Marko Weltzer -# SPDX-FileCopyrightText: 2022 Nikita Chernyi -# SPDX-FileCopyrightText: 2022 Sebastian Gumprich -# SPDX-FileCopyrightText: 2024 David Mehren -# -# SPDX-License-Identifier: AGPL-3.0-or-later - ---- - -- ansible.builtin.set_fact: - matrix_registration_migration_requires_restart: false - -- when: "matrix_registration_database_engine == 'postgres'" - block: - - name: Check if an SQLite database already exists - ansible.builtin.stat: - path: "{{ matrix_registration_sqlite_database_path_local }}" - register: matrix_registration_sqlite_database_path_local_stat_result - - - when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool" - block: - - ansible.builtin.include_role: - name: galaxy/postgres - tasks_from: migrate_db_to_postgres - vars: - postgres_db_migration_request: - src: "{{ matrix_registration_sqlite_database_path_local }}" - dst: "{{ matrix_registration_database_connection_string }}" - caller: "{{ role_path | basename }}" - engine_variable_name: 'matrix_registration_database_engine' - engine_old: 'sqlite' - systemd_services_to_stop: ['matrix-registration.service'] - # pgloader makes `ex_date` of type `TIMESTAMP WITH TIMEZONE`, - # which makes matrix-registration choke on it later on when comparing dates. - additional_psql_statements_list: - - ALTER TABLE tokens ALTER COLUMN ex_date TYPE TIMESTAMP WITHOUT TIME ZONE; - additional_psql_statements_db_name: "{{ matrix_registration_database_name }}" - - - ansible.builtin.set_fact: - matrix_registration_migration_requires_restart: true - -- name: Ensure matrix-registration paths exist - ansible.builtin.file: - path: "{{ item.path }}" - state: directory - mode: '0750' - owner: "{{ matrix_user_name }}" - group: "{{ matrix_group_name }}" - with_items: - - {path: "{{ matrix_registration_base_path }}", when: true} - - {path: "{{ matrix_registration_config_path }}", when: true} - - {path: "{{ matrix_registration_data_path }}", when: true} - - {path: "{{ matrix_registration_container_src_files_path }}", when: "{{ matrix_registration_container_image_self_build }}"} - when: "item.when | bool" - -- name: Ensure matrix-registration image is pulled - community.docker.docker_image_pull: - name: "{{ matrix_registration_container_image }}" - pull: always - when: "not matrix_registration_container_image_self_build | bool" - register: matrix_registration_container_image_pull_result - retries: "{{ devture_playbook_help_container_retries_count }}" - delay: "{{ devture_playbook_help_container_retries_delay }}" - until: matrix_registration_container_image_pull_result is not failed - -- name: Ensure matrix-registration repository is present when self-building - ansible.builtin.git: - repo: "{{ matrix_registration_container_image_self_build_repo }}" - dest: "{{ matrix_registration_container_src_files_path }}" - version: "{{ matrix_registration_container_image_self_build_branch }}" - force: "yes" - become: true - become_user: "{{ matrix_user_name }}" - register: matrix_registration_git_pull_results - when: "matrix_registration_container_image_self_build | bool" - -# See: https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1864 -- name: Patch setup.py to allow self-built version to work - ansible.builtin.lineinfile: - path: "{{ matrix_registration_container_src_files_path }}/setup.py" - regexp: 'flask-limiter' - line: '"flask-limiter~=1.1.0", "Markupsafe<2.1",' - when: "matrix_registration_container_image_self_build | bool and matrix_registration_container_image_self_build_python_dependencies_patch_enabled | bool" - -- name: Ensure matrix-registration Docker image is built - community.docker.docker_image_build: - name: "{{ matrix_registration_container_image }}" - dockerfile: Dockerfile - path: "{{ matrix_registration_container_src_files_path }}" - pull: true - rebuild: "{{ 'always' if matrix_registration_git_pull_results.changed | bool else 'never' }}" - when: "matrix_registration_container_image_self_build | bool" - register: matrix_registration_container_image_build_result - -- name: Ensure matrix-registration config installed - ansible.builtin.copy: - content: "{{ matrix_registration_configuration | to_nice_yaml(indent=2, width=999999) }}" - dest: "{{ matrix_registration_config_path }}/config.yaml" - mode: '0644' - owner: "{{ matrix_user_name }}" - group: "{{ matrix_group_name }}" - register: matrix_registration_config_result - -- name: Ensure matrix-registration support files installed - ansible.builtin.template: - src: "{{ role_path }}/templates/{{ item }}.j2" - dest: "{{ matrix_registration_base_path }}/{{ item }}" - mode: '0640' - owner: "{{ matrix_user_name }}" - group: "{{ matrix_group_name }}" - with_items: - - labels - register: matrix_registration_support_files_result - -- name: Ensure matrix-registration container network is created - community.general.docker_network: - enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}" - name: "{{ matrix_registration_container_network }}" - driver: bridge - driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}" - -- name: Ensure matrix-registration.service installed - ansible.builtin.template: - src: "{{ role_path }}/templates/systemd/matrix-registration.service.j2" - dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-registration.service" - mode: '0644' - register: matrix_registration_systemd_service_result - -- name: Determine whether matrix-registration needs a restart - ansible.builtin.set_fact: - matrix_registration_restart_necessary: >- - {{ - matrix_registration_migration_requires_restart | default(false) - or matrix_registration_config_result.changed | default(false) - or matrix_registration_support_files_result.changed | default(false) - or matrix_registration_systemd_service_result.changed | default(false) - or matrix_registration_container_image_pull_result.changed | default(false) - or matrix_registration_container_image_build_result.changed | default(false) - }} - -- name: Ensure matrix-registration.service restarted, if necessary - ansible.builtin.service: - name: "matrix-registration.service" - state: restarted - daemon_reload: true - when: "matrix_registration_migration_requires_restart | bool" diff --git a/roles/custom/matrix-registration/tasks/setup_uninstall.yml b/roles/custom/matrix-registration/tasks/setup_uninstall.yml deleted file mode 100644 index b8037d59d..000000000 --- a/roles/custom/matrix-registration/tasks/setup_uninstall.yml +++ /dev/null @@ -1,26 +0,0 @@ -# SPDX-FileCopyrightText: 2020 - 2022 Slavi Pantaleev -# SPDX-FileCopyrightText: 2022 Marko Weltzer -# SPDX-FileCopyrightText: 2022 Sebastian Gumprich -# -# SPDX-License-Identifier: AGPL-3.0-or-later - ---- - -- name: Check existence of matrix-registration service - ansible.builtin.stat: - path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-registration.service" - register: matrix_registration_service_stat - -- when: matrix_registration_service_stat.stat.exists | bool - block: - - name: Ensure matrix-registration is stopped - ansible.builtin.service: - name: matrix-registration - state: stopped - enabled: false - daemon_reload: true - - - name: Ensure matrix-registration.service doesn't exist - ansible.builtin.file: - path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-registration.service" - state: absent diff --git a/roles/custom/matrix-registration/tasks/validate_config.yml b/roles/custom/matrix-registration/tasks/validate_config.yml deleted file mode 100644 index 2af1e3828..000000000 --- a/roles/custom/matrix-registration/tasks/validate_config.yml +++ /dev/null @@ -1,37 +0,0 @@ -# SPDX-FileCopyrightText: 2020 - 2024 Slavi Pantaleev -# SPDX-FileCopyrightText: 2025 Suguru Hirahara -# -# SPDX-License-Identifier: AGPL-3.0-or-later - ---- - -- name: (Deprecation) Catch and report renamed settings - ansible.builtin.fail: - msg: >- - Your configuration contains a variable, which now has a different name. - Please rename the variable (`{{ item.old }}` -> `{{ item.new }}`) on your configuration file (vars.yml). - when: "lookup('ansible.builtin.varnames', ('^' + item.old + '$'), wantlist=True) | length > 0" - with_items: - - {'old': 'matrix_registration_docker_repo', 'new': 'matrix_registration_container_image_self_build_repo'} - - {'old': 'matrix_registration_public_endpoint', 'new': 'matrix_registration_path_prefix'} - - {'old': 'matrix_registration_docker_image', 'new': 'matrix_registration_container_image'} - - {'old': 'matrix_registration_docker_image_force_pull', 'new': 'matrix_registration_container_image_force_pull'} - - {'old': 'matrix_registration_docker_image_registry_prefix', 'new': 'matrix_registration_container_image_registry_prefix'} - - {'old': 'matrix_registration_docker_image_registry_prefix_upstream', 'new': 'matrix_registration_container_image_registry_prefix_upstream'} - - {'old': 'matrix_registration_docker_image_registry_prefix_upstream_default', 'new': 'matrix_registration_container_image_registry_prefix_upstream_default'} - - {'old': 'matrix_registration_docker_src_files_path', 'new': 'matrix_registration_container_src_files_path'} - - {'old': 'matrix_registration_container_image_force_pull', 'new': ' (the new community.docker.docker_image_pull module handles this natively)'} - -- name: Fail if required matrix-registration settings not defined - ansible.builtin.fail: - msg: > - You need to define a required configuration setting (`{{ item.name }}`). - when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0" - with_items: - - {'name': 'matrix_registration_hostname', when: true} - - {'name': 'matrix_registration_path_prefix', when: true} - - {'name': 'matrix_registration_container_network', when: true} - - {'name': 'matrix_registration_shared_secret', when: true} - - {'name': 'matrix_registration_admin_secret', when: true} - - {'name': 'matrix_registration_server_location', when: true} - - {'name': 'matrix_registration_database_hostname', when: "{{ matrix_registration_database_engine == 'postgres' }}"} diff --git a/roles/custom/matrix-registration/templates/config.yaml.j2 b/roles/custom/matrix-registration/templates/config.yaml.j2 deleted file mode 100644 index 2884d6800..000000000 --- a/roles/custom/matrix-registration/templates/config.yaml.j2 +++ /dev/null @@ -1,37 +0,0 @@ -{# -SPDX-FileCopyrightText: 2020 - 2022 Slavi Pantaleev - -SPDX-License-Identifier: AGPL-3.0-or-later -#} - -server_location: {{ matrix_registration_server_location|to_json }} -server_name: {{ matrix_registration_server_name|to_json }} -shared_secret: {{ matrix_registration_shared_secret|to_json }} -admin_secret: {{ matrix_registration_admin_secret|to_json }} -riot_instance: {{ matrix_registration_riot_instance|to_json }} -db: {{ matrix_registration_db|to_json }} -host: '0.0.0.0' -port: 5000 -rate_limit: ["100 per day", "10 per minute"] -allow_cors: false -logging: - disable_existing_loggers: False - version: 1 - root: - level: DEBUG - handlers: [console] - formatters: - brief: - format: '%(name)s - %(levelname)s - %(message)s' - precise: - format: '%(asctime)s - %(name)s - %(levelname)s - %(message)s' - handlers: - console: - class: logging.StreamHandler - level: INFO - formatter: brief - stream: ext://sys.stdout -# password requirements -password: - min_length: 8 -base_url: {{ matrix_registration_base_url|to_json }} diff --git a/roles/custom/matrix-registration/templates/labels.j2 b/roles/custom/matrix-registration/templates/labels.j2 deleted file mode 100644 index 7961e84aa..000000000 --- a/roles/custom/matrix-registration/templates/labels.j2 +++ /dev/null @@ -1,69 +0,0 @@ -{# -SPDX-FileCopyrightText: 2024 Slavi Pantaleev - -SPDX-License-Identifier: AGPL-3.0-or-later -#} - -{% if matrix_registration_container_labels_traefik_enabled %} -traefik.enable=true - -{% if matrix_registration_container_labels_traefik_docker_network %} -traefik.docker.network={{ matrix_registration_container_labels_traefik_docker_network }} -{% endif %} - -traefik.http.services.matrix-registration.loadbalancer.server.port=5000 - -{% if matrix_registration_container_labels_public_endpoint_enabled %} -############################################################ -# # -# Public (e.g. /matrix-registration) # -# # -############################################################ - -{% set middlewares = [] %} - -{% if matrix_registration_path_prefix != '/' %} -traefik.http.middlewares.matrix-registration-slashless-redirect-slashless.redirectregex.regex=({{ matrix_registration_path_prefix | quote }})$ -traefik.http.middlewares.matrix-registration-slashless-redirect-slashless.redirectregex.replacement=${1}/ -{% set middlewares = middlewares + ['matrix-registration-slashless-redirect-slashless'] %} -{% endif %} - -# matrix-registration serves nothing at the root URL, so we redirect to /register instead. -traefik.http.middlewares.matrix-registration-slashless-redirect-root.redirectregex.regex=({{ matrix_registration_path_prefix | quote }}{{ '' if matrix_registration_path_prefix == '/' else '/' }})$ -traefik.http.middlewares.matrix-registration-slashless-redirect-root.redirectregex.replacement=${1}register -{% set middlewares = middlewares + ['matrix-registration-slashless-redirect-root'] %} - -{% if matrix_registration_path_prefix != '/' %} -traefik.http.middlewares.matrix-registration-strip-prefix.stripprefix.prefixes={{ matrix_registration_path_prefix }} -{% set middlewares = middlewares + ['matrix-registration-strip-prefix'] %} -{% endif %} - -traefik.http.routers.matrix-registration-public.rule={{ matrix_registration_container_labels_public_endpoint_traefik_rule }} - -{% if middlewares | length > 0 %} -traefik.http.routers.matrix-registration-public.middlewares={{ middlewares | join(',') }} -{% endif %} - -{% if matrix_registration_container_labels_public_endpoint_traefik_priority | int > 0 %} -traefik.http.routers.matrix-registration-public.priority={{ matrix_registration_container_labels_public_endpoint_traefik_priority }} -{% endif %} - -traefik.http.routers.matrix-registration-public.service=matrix-registration -traefik.http.routers.matrix-registration-public.entrypoints={{ matrix_registration_container_labels_public_endpoint_traefik_entrypoints }} - -traefik.http.routers.matrix-registration-public.tls={{ matrix_registration_container_labels_public_endpoint_traefik_tls | to_json }} -{% if matrix_registration_container_labels_public_endpoint_traefik_tls %} -traefik.http.routers.matrix-registration-public.tls.certResolver={{ matrix_registration_container_labels_public_endpoint_traefik_tls_certResolver }} -{% endif %} - -############################################################ -# # -# /Public (e.g. /matrix-registration) # -# # -############################################################ -{% endif %} - - -{% endif %} - -{{ matrix_registration_container_labels_additional_labels }} diff --git a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 deleted file mode 100644 index 1a11abf10..000000000 --- a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 +++ /dev/null @@ -1,51 +0,0 @@ -#jinja2: lstrip_blocks: True -[Unit] -Description=matrix-registration -{% for service in matrix_registration_systemd_required_services_list %} -Requires={{ service }} -After={{ service }} -{% endfor %} -{% for service in matrix_registration_systemd_wanted_services_list %} -Wants={{ service }} -{% endfor %} -DefaultDependencies=no - -[Service] -Type=simple -Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-registration 2>/dev/null || true' -ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' - -ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \ - --rm \ - --name=matrix-registration \ - --log-driver=none \ - --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ - --cap-drop=ALL \ - --network={{ matrix_registration_container_network }} \ - {% if matrix_registration_container_http_host_bind_port %} - -p {{ matrix_registration_container_http_host_bind_port }}:5000 \ - {% endif %} - --mount type=bind,src={{ matrix_registration_config_path }},dst=/config,ro \ - --mount type=bind,src={{ matrix_registration_data_path }},dst=/data \ - --label-file={{ matrix_registration_base_path }}/labels \ - {% for arg in matrix_registration_container_extra_arguments %} - {{ arg }} \ - {% endfor %} - {{ matrix_registration_container_image }} \ - serve - -{% for network in matrix_registration_container_additional_networks %} -ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-registration -{% endfor %} - -ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-registration - -ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-registration 2>/dev/null || true' -ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' -Restart=always -RestartSec=30 -SyslogIdentifier=matrix-registration - -[Install] -WantedBy=multi-user.target diff --git a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2.license b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2.license deleted file mode 100644 index 9d697f20f..000000000 --- a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: 2020 Slavi Pantaleev - -SPDX-License-Identifier: AGPL-3.0-or-later diff --git a/roles/custom/matrix-user-verification-service/defaults/main.yml b/roles/custom/matrix-user-verification-service/defaults/main.yml index ba606c2c3..7e3bc963f 100644 --- a/roles/custom/matrix-user-verification-service/defaults/main.yml +++ b/roles/custom/matrix-user-verification-service/defaults/main.yml @@ -18,7 +18,7 @@ matrix_user_verification_service_enabled: true matrix_user_verification_service_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" matrix_user_verification_service_container_image_self_build_repo: "https://github.com/matrix-org/matrix-user-verification-service" -matrix_user_verification_service_container_image_self_build_branch: "{{ 'master' if matrix_registration_version == 'latest' else matrix_user_verification_service_version }}" +matrix_user_verification_service_container_image_self_build_branch: "{{ matrix_user_verification_service_version }}" # renovate: datasource=docker depName=matrixdotorg/matrix-user-verification-service matrix_user_verification_service_version: "v3.0.0" diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index 83d3477c0..c34035122 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -820,6 +820,18 @@ The following variables in your configuration need to be removed: {{ lookup('ansible.builtin.varnames', '^matrix_go_skype_bridge_.+', wantlist=True) | join(', ') }} when: "lookup('ansible.builtin.varnames', '^matrix_go_skype_bridge_.+', wantlist=True) | length > 0" +- name: (Deprecation) Catch and report matrix-registration variables + ansible.builtin.fail: + msg: |- + The matrix-registration service was completely removed from the playbook in May 2026. + + Please remove all `matrix_registration_*` variables from your configuration file (vars.yml). + + You may also wish to uninstall the component manually. See `docs/configuring-playbook-matrix-registration.md` for more information. + + The following variables in your configuration need to be removed: {{ lookup('ansible.builtin.varnames', '^matrix_registration_.+', wantlist=True) | join(', ') }} + when: "lookup('ansible.builtin.varnames', '^matrix_registration_.+', wantlist=True) | length > 0" + - name: (Deprecation) Catch and report the Sliding Sync proxy variables ansible.builtin.fail: msg: |- diff --git a/setup.yml b/setup.yml index a184aa663..5e5735135 100644 --- a/setup.yml +++ b/setup.yml @@ -106,7 +106,6 @@ - galaxy/prometheus - galaxy/grafana - custom/matrix-prometheus-services-connect - - custom/matrix-registration - custom/matrix-client-element - custom/matrix-client-commet - galaxy/hydrogen