iartamonov/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2026-05-22 02:59:40 +03:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: iartamonov/matrix-docker-ansible-deploy:150f71e20dc364aadbc0aae963c381fc87e871fa
Branches Tags
iartamonov/matrix-docker-ansible-deploy:master iartamonov/matrix-docker-ansible-deploy:create-pull-request/i18n iartamonov/matrix-docker-ansible-deploy:renovate/matrixdotorg-sygnal-0.x iartamonov/matrix-docker-ansible-deploy:migration-validation-system iartamonov/matrix-docker-ansible-deploy:copilot/update-exim-relay-docs iartamonov/matrix-docker-ansible-deploy:synapse-user-register-wait-for iartamonov/matrix-docker-ansible-deploy:remove-zulip-bridge iartamonov/matrix-docker-ansible-deploy:stabilize-mas iartamonov/matrix-docker-ansible-deploy:element-call-stack iartamonov/matrix-docker-ansible-deploy:element-call-integration iartamonov/matrix-docker-ansible-deploy:synapse-cache-tuning iartamonov/matrix-docker-ansible-deploy:HarHarLinks/hookshot-encryption
...
compare: iartamonov/matrix-docker-ansible-deploy:create-pull-request/i18n
Branches Tags
iartamonov/matrix-docker-ansible-deploy:master iartamonov/matrix-docker-ansible-deploy:create-pull-request/i18n iartamonov/matrix-docker-ansible-deploy:renovate/matrixdotorg-sygnal-0.x iartamonov/matrix-docker-ansible-deploy:migration-validation-system iartamonov/matrix-docker-ansible-deploy:copilot/update-exim-relay-docs iartamonov/matrix-docker-ansible-deploy:synapse-user-register-wait-for iartamonov/matrix-docker-ansible-deploy:remove-zulip-bridge iartamonov/matrix-docker-ansible-deploy:stabilize-mas iartamonov/matrix-docker-ansible-deploy:element-call-stack iartamonov/matrix-docker-ansible-deploy:element-call-integration iartamonov/matrix-docker-ansible-deploy:synapse-cache-tuning iartamonov/matrix-docker-ansible-deploy:HarHarLinks/hookshot-encryption

58 Commits
150f71e20d ... create-pull-request/i18n

Author SHA1 Message Date
github-actions[bot] affb4b6ad7 Automatic translations update 2026-05-21 19:21:30 +00:00
Slavi Pantaleev 4a026285b5 matrix-tuwunel: update cache_capacity_modifier docs example for v1.7.0 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/5262

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-21 22:20:15 +03:00
renovate[bot] 76e594ec7a Update ghcr.io/matrix-construct/tuwunel Docker tag to v1.7.0 (#5262) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2026-05-21 22:19:48 +03:00
renovate[bot] 9bd9d1af07 Update ghcr.io/element-hq/element-call Docker tag to v0.19.4 2026-05-21 13:52:28 +03:00
renovate[bot] d1e64c3ef2 Update ghcr.io/etkecc/baibot Docker tag to v1.19.2 2026-05-21 13:42:04 +03:00
Slavi Pantaleev 8751e34ede matrix-bot-maubot: avoid double slash in base paths when path_prefix is / 
The derived `*_base_path` defaults concatenated `matrix_bot_maubot_path_prefix`
directly, producing `//v1` and `//plugin/` when users set the documented
`matrix_bot_maubot_path_prefix: /` (for serving on a dedicated subdomain),
which Traefik rejects. Apply the standard `'/' == path_prefix` guard already
used by other roles (honoroit, mautrix-discord, MAS, heisenbridge, etc.).

Reported by The Dark Wizard.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-21 12:22:15 +03:00
renovate[bot] 5212c6dbfc Update dependency jitsi to v10978 2026-05-21 09:28:20 +03:00
renovate[bot] 3f931179e7 Update dependency certifi to v2026.5.20 2026-05-20 21:23:03 +03:00
renovate[bot] a3e40e989e Update dependency valkey to v9.1.0-0 2026-05-20 14:02:59 +03:00
renovate[bot] 40780fadc5 Update docker.io/metio/matrix-alertmanager-receiver Docker tag to v2026.5.20 2026-05-20 14:02:49 +03:00
renovate[bot] 5c9ff37962 Update dependency prek to v0.4.1 2026-05-20 09:18:29 +03:00
github-actions[bot] d4dffcc58c Automatic translations update 2026-05-20 09:14:22 +03:00
Suguru Hirahara 51bcb41a0e Update configuring-playbook-ldap-auth.md: the link to README 
Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
 2026-05-19 22:42:13 -04:00
renovate[bot] 9c447242f2 Update ghcr.io/element-hq/synapse Docker tag to v1.153.0 2026-05-19 21:52:59 +03:00
renovate[bot] e6bf69a723 Update ghcr.io/element-hq/matrix-authentication-service Docker tag to v1.17.0 2026-05-19 21:52:27 +03:00
github-actions[bot] 3f46ce4bac Automatic translations update 2026-05-19 10:42:22 +03:00
Suguru Hirahara dec6326bb6 Remove matrix-registration (#4919) 
* Remove roles/custom/matrix-registration

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Update README.md

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Update configuring-playbook-matrix-registration.md

Reuse https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/409c7393a04126341dc4beb7b14590313fcf5e9e/docs/configuring-playbook-dimension.md

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Move entries for matrix-registrations down to the sections for removed components

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Remove a section from registering-users.md

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Remove an entry for matrix-registration from self-building.md

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Remove matrix-registration from matrix_servers

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Remove reference to matrix-registration from matrix-user-verification-service/defaults/main.yml

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Remove an entry for matrix-registration from setup.yml

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Update CHANGELOG.md

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

---------

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
Co-authored-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
 2026-05-19 10:40:00 +03:00
Slavi Pantaleev f71080a72a Remove useless group_vars/matrix_servers overrides 
These variables were being assigned in group_vars/matrix_servers to
values byte-identical (or functionally identical) to what the
respective role's defaults/main.yml already provides.

Beyond just being noise, such redundant overrides cause drift over
time. When a role's default is later updated to something saner or
better (for example, switched from a hardcoded value to a derivation
from another variable), the matching line in group_vars/matrix_servers
stays frozen at the old value and silently defeats the improvement,
because group_vars beats role defaults in Ansible's precedence order.

The maubot management hostname fix in
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/5248
is an example of this: the role default had been improved to derive
from matrix_bot_maubot_hostname, but the stale group_vars override
held it back to matrix_server_fqn_matrix.

Removing these overrides lets the role defaults do their job.

Closes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/5248

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-19 09:09:57 +03:00
renovate[bot] 684f579991 Update dependency myst-parser to v5.1.0 2026-05-18 10:25:11 +03:00
renovate[bot] 516316bf16 Update dependency cinny to v4.12.1-0 2026-05-18 10:25:00 +03:00
renovate[bot] 987ce97f4f Update dependency click to v8.4.0 2026-05-18 10:24:51 +03:00
renovate[bot] 5681769b22 Update dependency requests to v2.34.2 2026-05-18 10:23:50 +03:00
renovate[bot] b1ec0f63d0 Update dependency mdit-py-plugins to v0.6.1 2026-05-18 10:23:36 +03:00
github-actions[bot] 515e5195cc Automatic translations update 2026-05-18 10:23:27 +03:00
renovate[bot] f1f58eed07 Update dependency idna to v3.15 2026-05-18 10:23:18 +03:00
Slavi Pantaleev eb79e2180d Update LiveKit Server role to v1.12.0-0 
LiveKit v1.12.0 tightens TURN security: credentials now carry a TTL,
and TURN no longer relays to restricted peer CIDRs by default. The
role defaults match upstream's secure defaults and are appropriate
for typical playbook deployments.

Bumps the migration-validation gate accordingly so users are pointed
at the CHANGELOG entry on next run.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-18 09:25:30 +03:00
renovate[bot] 3ce630830c Update dock.mau.dev/mautrix/telegram Docker tag to v0.2605.0 2026-05-17 07:51:19 +03:00
renovate[bot] f8f0da5690 Update dock.mau.dev/mautrix/whatsapp Docker tag to v0.2605.0 2026-05-17 07:50:59 +03:00
renovate[bot] 23d3b74aa8 Update dock.mau.dev/mautrix/slack Docker tag to v0.2605.0 2026-05-16 21:29:42 +03:00
renovate[bot] 3d6ae24588 Update dependency postgres to v18.4-0 2026-05-16 21:29:24 +03:00
renovate[bot] 0b197a6418 Update dock.mau.dev/mautrix/gmessages Docker tag to v0.2605.0 2026-05-16 16:44:24 +03:00
renovate[bot] 52fe6a5f63 Update dock.mau.dev/mautrix/meta Docker tag to v0.2605.0 2026-05-16 16:44:15 +03:00
renovate[bot] 90637bdb27 Update dependency hydrogen to v0.5.1-5 2026-05-16 07:58:21 +03:00
renovate[bot] b3511d0cdd Update dependency sable to v1.16.1-0 2026-05-15 17:25:20 +03:00
renovate[bot] 2fba6c12d1 Update dependency auxiliary to v1.0.0-7 (#5233) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2026-05-15 09:08:48 +00:00
renovate[bot] 9e6b826c08 Update dependency prek to v0.4.0 2026-05-14 16:41:07 +03:00
renovate[bot] 1063e6de62 Update dependency sable to v1.16.0-0 2026-05-14 13:15:51 +03:00
renovate[bot] 5186360194 Update nginx Docker tag to v1.31.0 2026-05-14 08:30:16 +03:00
renovate[bot] 401dfe6c86 Update dependency matrix-org/synapse-s3-storage-provider to v1.6.1 2026-05-13 21:10:43 +03:00
renovate[bot] 1a82f38061 Update ghcr.io/matrix-org/rageshake Docker tag to v1.18.0 2026-05-13 21:07:29 +03:00
renovate[bot] 953745aede Update docker.io/metio/matrix-alertmanager-receiver Docker tag to v2026.5.13 2026-05-13 15:53:06 +03:00
Mads Bårvåg Nesse 2c2b58cefc chore: update link to supported services section 
Link not working as it had the wrong section name
 2026-05-13 14:24:24 +03:00
renovate[bot] 6f116ed4d6 Update ghcr.io/element-hq/element-web Docker tag to v1.12.18 (#5223) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2026-05-12 20:30:25 +01:00
gardar 1961ab86ed docs: fix mautrix-meta link pointing to old instagram bridge 
Signed-off-by: gardar <gardar@users.noreply.github.com>
 2026-05-12 15:47:28 +03:00
renovate[bot] 59f0594a43 Update dependency traefik to v3.7.1-0 2026-05-12 09:05:18 +03:00
renovate[bot] ca74857835 Update ghcr.io/element-hq/element-call Docker tag to v0.19.3 2026-05-11 18:44:10 +03:00
renovate[bot] 5109c608c5 Update dependency sable to v1.15.3-0 2026-05-10 16:32:08 +03:00
renovate[bot] 2247c56c23 Update ghcr.io/etkecc/baibot Docker tag to v1.19.1 2026-05-09 20:33:10 +03:00
github-actions[bot] 727dc2c9ae Automatic translations update 2026-05-09 10:18:01 +03:00
Slavi Pantaleev 53ad97417d matrix-tuwunel: update to v1.6.2 
This release adds opt-in server-level enforcement of MSC4284 policy
servers via two new `[global]` keys: `enable_policy_servers` and
`policy_server_request_timeout`. Surface both as Ansible variables
matching tuwunel's upstream defaults (off, 5s timeout) and refresh the
docs section that previously claimed MSC4284 needed no playbook
configuration.

Closes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/5213.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-09 09:27:07 +03:00
Slavi Pantaleev 704cbd5655 Revert "Update dependency etherpad to v2.7.3-0" 
This reverts commit 68cc4a1c12.

Etherpad has been reported to be somewhat broken. Broken how? No clue.
Reverting till further feedback comes.
 2026-05-08 22:02:38 +03:00
renovate[bot] 6542ef8b3c Update forgejo.ellis.link/continuwuation/continuwuity Docker tag to v0.5.9 2026-05-08 09:29:03 +03:00
renovate[bot] e43bbfb44d Update dependency mdit-py-plugins to v0.6.0 2026-05-07 23:58:17 +03:00
renovate[bot] 143babe55c Update dependency markdown-it-py to v4.2.0 2026-05-07 23:58:06 +03:00
renovate[bot] bb77d89d2e Update dependency urllib3 to v2.7.0 2026-05-07 23:57:58 +03:00
renovate[bot] a0d056d160 Update ghcr.io/element-hq/synapse Docker tag to v1.152.1 2026-05-07 23:57:49 +03:00
github-actions[bot] 2d5b5ff7ef Automatic translations update (#5206) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-07 14:04:08 +00:00
Slavi Pantaleev 8c87f68d5b matrix-tuwunel: adjust SPDX year ranges to 2025 - 2026 
Files in this role were ported from matrix-continuwuity (which carries
2025 attribution), so the year range should reflect that the underlying
content predates 2026.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/5200.
 2026-05-07 17:01:55 +03:00
99 changed files with 3194 additions and 4018 deletions
Expand all files Collapse all files
CHANGELOG.md
+30
View File
@@ -1,3 +1,33 @@
# 2026-05-19
## matrix-registration has been removed from the playbook
The [matrix-registration](./docs/configuring-playbook-matrix-registration.md) service has been removed from the playbook, as it has been unmaintained (archived) since November, 2025.
The playbook will let you know if you're using any `matrix_registration_*` variables. You'll need to remove them from `vars.yml` and potentially [uninstall the component manually](./docs/configuring-playbook-matrix-registration.md#uninstalling-the-component-manually).
# 2026-05-18
## LiveKit Server has been upgraded to v1.12.0
The playbook now ships [LiveKit Server](./docs/configuring-playbook-livekit-server.md) v1.12.0. See the [upstream release notes](https://github.com/livekit/livekit/releases/tag/v1.12.0) for details.
This release tightens TURN security:
- **TURN credentials now carry a TTL** (default: 300 seconds), exposed via `livekit_server_config_turn_ttl_seconds`.
- **TURN no longer relays traffic to restricted peer CIDRs** (loopback, link-local, multicast, private, unspecified) by default. If your setup legitimately requires it, list the ranges in `livekit_server_config_turn_allow_restricted_peer_cidrs`.
For example, to allow TURN to reach the common [RFC1918](https://www.rfc-editor.org/rfc/rfc1918) private ranges, add to your `vars.yml`:
```yaml
livekit_server_config_turn_allow_restricted_peer_cidrs:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
```
Adjust the ranges to match your network. To deny specific CIDRs (taking precedence over the allow list above), use `livekit_server_config_turn_deny_peer_cidrs` in the same shape.
# 2026-05-07
## Tuwunel support
README.md
+2 -3
View File
@@ -4,7 +4,7 @@
## 🎯 Purpose
This [Ansible](https://www.ansible.com/) playbook is meant to help you run your own [Matrix](http://matrix.org/) homeserver, along with the [various services](#supported-services) related to that.
This [Ansible](https://www.ansible.com/) playbook is meant to help you run your own [Matrix](http://matrix.org/) homeserver, along with the [various services](#-supported-services) related to that.
That is, it lets you join the Matrix network using your own user ID like `@alice:example.com`, all hosted on your own server (see [prerequisites](docs/prerequisites.md)).
@@ -93,7 +93,6 @@ Extend and modify how users are authenticated on your homeserver.
|[matrix-synapse-shared-secret-auth](https://github.com/devture/matrix-synapse-shared-secret-auth) (advanced) | ❌ | Password provider module | [Link](docs/configuring-playbook-shared-secret-auth.md) |
| [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3) (advanced) | ❌ | LDAP Auth password provider module | [Link](docs/configuring-playbook-ldap-auth.md) |
| [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) (advanced) | ❌ | Proxy that handles Matrix registration requests and forwards them to LDAP | [Link](docs/configuring-playbook-matrix-ldap-registration-proxy.md) |
| [matrix-registration](https://github.com/ZerataX/matrix-registration) | ❌ | Simple python application to have a token based Matrix registration | [Link](docs/configuring-playbook-matrix-registration.md) |
| [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) | ❌ | Service to verify details of a user based on an Open ID token | [Link](docs/configuring-playbook-user-verification-service.md) |
| [synapse-simple-antispam](https://github.com/t2bot/synapse-simple-antispam) (advanced) | ❌ | Spam checker module | [Link](docs/configuring-playbook-synapse-simple-antispam.md) |
@@ -122,7 +121,7 @@ Bridges can be used to connect your Matrix installation with third-party communi
| [mautrix-bluesky](https://github.com/mautrix/bluesky) | ❌ | Bridge to [Bluesky](https://bsky.social/) | [Link](docs/configuring-playbook-bridge-mautrix-bluesky.md) |
| [mautrix-twitter](https://github.com/mautrix/twitter) | ❌ | Bridge to [Twitter](https://twitter.com/) | [Link](docs/configuring-playbook-bridge-mautrix-twitter.md) |
| [mautrix-googlechat](https://github.com/mautrix/googlechat) | ❌ | Bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) | [Link](docs/configuring-playbook-bridge-mautrix-googlechat.md) |
| [mautrix-meta](https://github.com/mautrix/instagram) | ❌ | Bridge to [Messenger](https://messenger.com/) and [Instagram](https://instagram.com/) | Link for [Messenger](docs/configuring-playbook-bridge-mautrix-meta-messenger.md) / [Instagram](docs/configuring-playbook-bridge-mautrix-meta-instagram.md) |
| [mautrix-meta](https://github.com/mautrix/meta) | ❌ | Bridge to [Messenger](https://messenger.com/) and [Instagram](https://instagram.com/) | Link for [Messenger](docs/configuring-playbook-bridge-mautrix-meta-messenger.md) / [Instagram](docs/configuring-playbook-bridge-mautrix-meta-instagram.md) |
| [mautrix-signal](https://github.com/mautrix/signal) | ❌ | Bridge to [Signal](https://www.signal.org/) | [Link](docs/configuring-playbook-bridge-mautrix-signal.md) |
| [beeper-linkedin](https://github.com/beeper/linkedin) | ❌ | Bridge to [LinkedIn](https://www.linkedin.com/) | [Link](docs/configuring-playbook-bridge-beeper-linkedin.md) |
| [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) | ❌ | Bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-appservice-irc.md) |
docs/configuring-playbook-ldap-auth.md
+1 -1
View File
@@ -11,7 +11,7 @@ SPDX-License-Identifier: AGPL-3.0-or-later
The playbook can install and configure the [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3) LDAP Auth password provider for you.
See the project's [documentation](https://github.com/matrix-org/matrix-synapse-ldap3/blob/main/README.rst) to learn what it does and why it might be useful to you.
See the project's [documentation](https://github.com/matrix-org/matrix-synapse-ldap3/blob/main/README.md) to learn what it does and why it might be useful to you.
## Adjusting the playbook configuration
docs/configuring-playbook-livekit-server.md
+6
View File
@@ -61,6 +61,12 @@ livekit_server_container_labels_turn_traefik_entrypoints: "<your-livekit-turn-tr
and configuring their own Traefik TCP entrypoint dedicated to LiveKit TURN traffic.
## TURN access controls
LiveKit's embedded TURN server enforces a credential TTL and restricts which peer CIDRs it will relay to. The playbook leaves these at the role's secure defaults, which are appropriate for typical deployments where TURN peers live on the public Internet.
If your setup needs TURN to relay to private/restricted ranges, or you want to override the credential TTL, see the [TURN access controls and credential TTL](https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server/blob/main/docs/configuring-livekit-server.md#turn-access-controls-and-credential-ttl) section of the role's documentation.
## Limitations
LiveKit Server's TURN listener behavior depends on where TLS is terminated:
docs/configuring-playbook-matrix-registration.md
+24 -103
View File
@@ -1,115 +1,36 @@
<!--
SPDX-FileCopyrightText: 2020 - 2022 Slavi Pantaleev
SPDX-FileCopyrightText: 2022 MDAD project contributors
SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
SPDX-FileCopyrightText: 2019 Edgars Voroboks
SPDX-FileCopyrightText: 2019 Eduardo Beltrame
SPDX-FileCopyrightText: 2019-2025 MDAD project contributors
SPDX-FileCopyrightText: 2019-2025 Slavi Pantaleev
SPDX-FileCopyrightText: 2020 Chris van Dijk
SPDX-FileCopyrightText: 2020 Tulir Asokan
SPDX-FileCopyrightText: 2020 jens quade
SPDX-FileCopyrightText: 2022 Dennis Ciba
SPDX-FileCopyrightText: 2022 Kim Brose
SPDX-FileCopyrightText: 2022 Travis Ralston
SPDX-FileCopyrightText: 2022 Vladimir Panteleev
SPDX-FileCopyrightText: 2022 Yan Minagawa
SPDX-FileCopyrightText: 2024-2026 Suguru Hirahara
SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Setting up matrix-registration (optional)
# Setting up matrix-registration (optional, removed)
> [!WARNING]
> - This is a poorly maintained and buggy project. It's better to avoid using it.
> - This is not related to [matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md)
> [!NOTE]
> This is not related to [matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md).
The playbook can install and configure [matrix-registration](https://github.com/ZerataX/matrix-registration) for you. It is a simple python application to have a token based Matrix registration.
🪦 The playbook used to be able to install and configure [matrix-registration](https://github.com/ZerataX/matrix-registration), but no longer includes this component, as it has been unmaintained since November, 2025.
Use matrix-registration to **create unique registration links**, which people can use to register on your Matrix server. It allows certain people (these having a special link) to register a user account, **keeping your server's registration closed (private)**.
## Uninstalling the component manually
**matrix-registration** provides 2 things:
- **an API for creating registration tokens** (unique registration links). This API can be used via `curl` or via the playbook (see [Usage](#usage) below)
- **a user registration page**, where people can use these registration tokens. By default, exposed at `https://matrix.example.com/matrix-registration`
## Adjusting DNS records (optional)
By default, this playbook installs the matrix-registration on the `matrix.` subdomain, at the `/matrix-registration` path (https://matrix.example.com/matrix-registration). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section.
If you wish to adjust it, see the section [below](#adjusting-the-matrix-registration-url-optional) for details about DNS configuration.
## Adjusting the playbook configuration
To enable matrix-registration, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
```yaml
matrix_registration_enabled: true
# Generate a strong secret here. You can create one with a command like `pwgen -s 64 1`.
matrix_registration_admin_secret: "ENTER_SOME_SECRET_HERE"
```
### Adjusting the matrix-registration URL (optional)
By tweaking the `matrix_registration_hostname` and `matrix_registration_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one.
Example additional configuration for your `vars.yml` file:
```yaml
# Change the default hostname and path prefix
matrix_registration_hostname: registration.example.com
matrix_registration_path_prefix: /
```
If you've changed the default hostname, you may need to create a CNAME record for the matrix-registration domain (`registration.example.com`), which targets `matrix.example.com`.
When setting, replace `example.com` with your own.
### Extending the configuration
There are some additional things you may wish to configure about the component.
Take a look at:
- `roles/custom/matrix-registration/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
- `roles/custom/matrix-registration/templates/config.yaml.j2` for the component's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_registration_configuration_extension_yaml` variable
## Installing
After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the playbook with [playbook tags](playbook-tags.md) as below:
<!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
```sh
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
```
The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
## Usage
**matrix-registration** gets exposed at `https://matrix.example.com/matrix-registration`
It provides various [APIs](https://github.com/ZerataX/matrix-registration/wiki/api) — for creating registration tokens, listing tokens, disabling tokens, etc. To make use of all of its capabilities, consider using `curl`.
We make the most common APIs easy to use via the playbook (see below).
### Creating registration tokens
To **create a new user registration token (link)**, use this command:
If you still have matrix-registration installed on your Matrix server, the playbook can no longer help you uninstall it and you will need to do it manually. To uninstall manually, run these commands on the server:
```sh
ansible-playbook -i inventory/hosts setup.yml \
--tags=generate-matrix-registration-token \
--extra-vars="one_time=yes ex_date=2021-12-31"
systemctl disable --now matrix-registration.service
rm -rf /matrix/matrix-registration
/matrix/postgres/bin/cli-non-interactive -c 'DROP DATABASE matrix_registration;'
```
The above command creates and returns a **one-time use** token, which **expires** on the 31st of December 2021. Adjust the `one_time` and `ex_date` variables as you see fit.
Share the unique registration link (generated by the command above) with users to let them register on your Matrix server.
### Listing registration tokens
To **list the existing user registration tokens**, use this command:
```sh
ansible-playbook -i inventory/hosts setup.yml \
--tags=list-matrix-registration-tokens
```
The shortcut command with `just` program is also available: `just run-tags list-matrix-registration-tokens`
## Troubleshooting
As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-registration`.
docs/configuring-playbook-tuwunel.md
+11 -3
View File
@@ -140,15 +140,16 @@ The S3 backend ships with native multipart upload, so no goofys/rclone sidecar i
### RocksDB and cache tuning
Tuwunel embeds RocksDB. The defaults (`rocksdb_compression_algo: zstd`) suit most deployments. For high-throughput servers you may want to enable direct I/O, raise parallelism, and bump the cache modifier:
Tuwunel embeds RocksDB. The defaults (`rocksdb_compression_algo: zstd`) suit most deployments. For high-throughput servers you may want to enable direct I/O, raise parallelism, and configure a backup path:
```yaml
matrix_tuwunel_config_rocksdb_direct_io: true
matrix_tuwunel_config_rocksdb_parallelism_threads: 8
matrix_tuwunel_config_cache_capacity_modifier: 2.0
matrix_tuwunel_config_database_backup_path: /var/lib/tuwunel/backups
```
`matrix_tuwunel_config_cache_capacity_modifier` is left empty by default, so Tuwunel picks a value (`1.0` since v1.7.0, with rebalanced per-cache sizes that already raise memory use). Set it to `2.0` only on small hosts with four or fewer cores; on larger machines the default is recommended.
If you run on ZFS, the [Tuwunel maintenance guide](https://matrix-construct.github.io/tuwunel/maintenance.html#zfs) lists the dataset properties (`recordsize`, `primarycache`, `compression`, `atime`, `logbias`) and config flags (`rocksdb_direct_io`, `rocksdb_allow_fallocate`) you need to adjust to avoid severe write amplification.
To enable Sentry crash reporting, set `matrix_tuwunel_config_sentry_enabled: true`.
@@ -166,7 +167,14 @@ matrix_tuwunel_config_prevent_media_downloads_from:
- 'heavy\.example\.com$'
```
Tuwunel additionally implements [MSC4284 policy servers](https://github.com/matrix-org/matrix-spec-proposals/pull/4284) for room-level federation gating; that lives in room state and needs no playbook configuration.
Tuwunel additionally implements [MSC4284 policy servers](https://github.com/matrix-org/matrix-spec-proposals/pull/4284) for room-level federation gating. The policy itself lives in room state, but enforcement is opt-in at the server level:
```yaml
matrix_tuwunel_config_enable_policy_servers: true
matrix_tuwunel_config_policy_server_request_timeout: 5
```
When enabled, rooms with a valid `m.room.policy` state event have outgoing events signed by the configured policy server before federation. Transient network or timeout failures fail open (with a warn log), so a policy-server outage will not silently take the room offline.
### Default room version
docs/configuring-playbook.md
+2 -2
View File
@@ -106,8 +106,6 @@ Extend and modify how users are authenticated on your homeserver.
- [Setting up Ketesa](configuring-playbook-ketesa.md)
- [Setting up matrix-registration](configuring-playbook-matrix-registration.md)
- [Setting up the REST authentication password provider module](configuring-playbook-rest-auth.md) (advanced)
- [Setting up the Shared Secret Auth password provider module](configuring-playbook-shared-secret-auth.md) (advanced)
@@ -281,6 +279,8 @@ Various services that don't fit any other categories.
- [Setting up matrix-bot-chatgpt](configuring-playbook-bot-chatgpt.md) (unmaintained; the bridge's author suggests taking a look at [baibot](https://github.com/etkecc/baibot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bot-baibot.md))
- [Setting up matrix-registration](configuring-playbook-matrix-registration.md) (removed; this component has been unmaintained)
- [Setting up Mautrix Facebook bridging](configuring-playbook-bridge-mautrix-facebook.md) (deprecated in favor of the Messenger/Instagram bridge with [mautrix-meta-messenger](configuring-playbook-bridge-mautrix-meta-messenger.md))
- [Setting up Mautrix Instagram bridging](configuring-playbook-bridge-mautrix-instagram.md) (deprecated in favor of the Messenger/Instagram bridge with [mautrix-meta-instagram](configuring-playbook-bridge-mautrix-meta-instagram.md))
docs/container-images.md
+1 -1
View File
@@ -68,7 +68,6 @@ Extend and modify how users are authenticated on your homeserver.
| [matrix-synapse-shared-secret-auth](configuring-playbook-shared-secret-auth.md) | (N/A) | ❌ | Password provider module |
| [matrix-synapse-ldap3](configuring-playbook-ldap-auth.md) (advanced) | (N/A) | ❌ | LDAP Auth password provider module |
| [matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) | [activism.international/matrix_ldap_registration_proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/container_registry) | ❌ | Proxy that handles Matrix registration requests and forwards them to LDAP |
| [matrix-registration](configuring-playbook-matrix-registration.md) | [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) | ❌ | Simple python application to have a token based Matrix registration |
| [Matrix User Verification Service](configuring-playbook-user-verification-service.md) | [matrixdotorg/matrix-user-verification-service](https://hub.docker.com/r/atrixdotorg/matrix-user-verification-service) | ❌ | Service to verify details of a user based on an Open ID token |
| [synapse-simple-antispam](configuring-playbook-synapse-simple-antispam.md) (advanced) | (N/A) | ❌ | Spam checker module |
@@ -179,6 +178,7 @@ The list of the deprecated or unmaintained services is available [here](configur
| [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) | [matrixdotorg/matrix-appservice-slack](https://hub.docker.com/r/matrixdotorg/matrix-appservice-slack) | ❌ | Bridge to [Slack](https://slack.com/) |
| [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md) | [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) | ❌ | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) |
| [matrix-chatgpt-bot](configuring-playbook-bot-chatgpt.md) | [matrixgpt/matrix-chatgpt-bot](https://ghcr.io/matrixgpt/matrix-chatgpt-bot) | ❌ | Accessing ChatGPT via your favourite Matrix client |
| [matrix-registration](configuring-playbook-matrix-registration.md) | [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) | ❌ | Simple python application to have a token based Matrix registration |
| [mautrix-facebook](configuring-playbook-bridge-mautrix-facebook.md) | [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) | ❌ | Bridge to [Facebook](https://facebook.com/) |
| [mautrix-instagram](configuring-playbook-bridge-mautrix-instagram.md) | [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) | ❌ | Bridge to [Instagram](https://instagram.com/) |
| [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) | [mx-puppet/discord/mx-puppet-discord](https://gitlab.com/mx-puppet/discord/mx-puppet-discord/container_registry) | ❌ | Bridge to [Discord](https://discordapp.com/) |
docs/registering-users.md
-4
View File
@@ -97,10 +97,6 @@ This `register-user` script actually invokes the `mas-cli manage register-user`
To manage users and your homeserver more easily (via a web interface), you can install [Ketesa](configuring-playbook-ketesa.md) — a fully-featured admin UI covering users, rooms, media, sessions, and MAS management.
## Letting certain users register on your private server
If you'd rather **keep your server private** (public registration closed, as is the default), and **let certain people create accounts by themselves** (instead of creating user accounts manually like this), consider installing and making use of [matrix-registration](configuring-playbook-matrix-registration.md).
## Enabling public user registration
To **open up user registration publicly** (usually **not recommended**), add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
docs/self-building.md
-1
View File
@@ -31,7 +31,6 @@ Possibly outdated list of roles where self-building the Docker image is currentl
- `hydrogen`
- `cinny`
- `sable`
- `matrix-registration`
- `coturn`
- `matrix-corporal`
- `exim-relay`
examples/vars.yml
+1 -1
View File
@@ -2,7 +2,7 @@
# This variable acknowledges that you've reviewed breaking changes up to this version.
# The playbook will fail if this is outdated, guiding you through what changed.
# See the changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md
matrix_playbook_migration_validated_version: v2026.04.24.0
matrix_playbook_migration_validated_version: v2026.05.18.0
# The bare domain name which represents your Matrix identity.
# Matrix user IDs for your server will be of the form (`@alice:example.com`).
group_vars/matrix_servers
-103
View File
@@ -834,13 +834,6 @@ devture_systemd_service_manager_services_list_auto: |
'groups': ['matrix', 'livekit-server'],
}] if livekit_server_enabled else [])
+
([{
'name': 'matrix-registration.service',
'priority': 4000,
'restart_necessary': (matrix_registration_restart_necessary | bool),
'groups': ['matrix', 'registration', 'matrix-registration'],
}] if matrix_registration_enabled else [])
+
([{
'name': 'matrix-sygnal.service',
'priority': 800,
@@ -2178,7 +2171,6 @@ matrix_mautrix_wsproxy_systemd_required_services_list_default: |
([postgres_identifier ~ '.service'] if (postgres_enabled and matrix_mautrix_wsproxy_syncproxy_database_hostname == postgres_connection_hostname) else [])
}}
matrix_mautrix_wsproxy_homeserver_domain: "{{ matrix_domain }}"
matrix_mautrix_wsproxy_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
matrix_mautrix_wsproxy_hostname: "wsproxy.{{ matrix_mautrix_wsproxy_homeserver_domain }}"
@@ -2491,7 +2483,6 @@ matrix_hookshot_container_labels_metrics_middleware_basic_auth_enabled: "{{ matr
matrix_hookshot_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
matrix_hookshot_public_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"
matrix_hookshot_public_hostname: "{{ matrix_server_fqn_matrix }}"
######################################################################
#
@@ -3539,8 +3530,6 @@ matrix_rageshake_hostname: "{{ matrix_server_fqn_rageshake }}"
matrix_rageshake_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_rageshake_container_image_registry_prefix_upstream_default }}"
matrix_rageshake_container_network: matrix-rageshake
matrix_rageshake_container_additional_networks: "{{ [matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else [] }}"
matrix_rageshake_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '9110') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
@@ -4124,12 +4113,6 @@ postgres_managed_databases_auto: |
'password': matrix_bot_buscarron_database_password,
}] if (matrix_bot_buscarron_enabled and matrix_bot_buscarron_database_engine == 'postgres' and matrix_bot_buscarron_database_hostname == postgres_connection_hostname) else [])
+
([{
'name': matrix_registration_database_name,
'username': matrix_registration_database_username,
'password': matrix_registration_database_password,
}] if (matrix_registration_enabled and matrix_registration_database_engine == 'postgres' and matrix_registration_database_hostname == postgres_connection_hostname) else [])
+
([{
'name': matrix_appservice_discord_database_name,
'username': matrix_appservice_discord_database_username,
@@ -4463,12 +4446,6 @@ matrix_client_element_container_labels_traefik_compression_middleware_name: "{{
matrix_client_element_default_hs_url: "{{ matrix_homeserver_url }}"
matrix_client_element_default_is_url: "{{ matrix_identity_server_url }}"
# Use Scalar by default
matrix_client_element_integrations_ui_url: "https://scalar.vector.im/"
matrix_client_element_integrations_rest_url: "https://scalar.vector.im/api"
matrix_client_element_integrations_widgets_urls: "{{ ['https://scalar.vector.im/api'] }}"
matrix_client_element_integrations_jitsi_widget_url: "https://scalar.vector.im/api/widgets/jitsi.html"
matrix_client_element_self_check_validate_certificates: "{{ matrix_playbook_ssl_enabled }}"
matrix_client_element_registration_enabled: "{{ matrix_synapse_enable_registration }}"
@@ -4698,12 +4675,6 @@ matrix_client_schildichat_container_labels_traefik_tls_certResolver: "{{ traefik
matrix_client_schildichat_default_hs_url: "{{ matrix_homeserver_url }}"
matrix_client_schildichat_default_is_url: "{{ matrix_identity_server_url }}"
# Use Scalar by default
matrix_client_schildichat_integrations_ui_url: "https://scalar.vector.im/"
matrix_client_schildichat_integrations_rest_url: "https://scalar.vector.im/api"
matrix_client_schildichat_integrations_widgets_urls: "{{ ['https://scalar.vector.im/api'] }}"
matrix_client_schildichat_integrations_jitsi_widget_url: "https://scalar.vector.im/api/widgets/jitsi.html"
matrix_client_schildichat_self_check_validate_certificates: "{{ matrix_playbook_ssl_enabled }}"
matrix_client_schildichat_registration_enabled: "{{ matrix_synapse_enable_registration }}"
@@ -4827,7 +4798,6 @@ matrix_synapse_container_labels_internal_client_synapse_admin_api_traefik_entryp
matrix_synapse_container_labels_public_federation_api_traefik_hostname: "{{ matrix_server_fqn_matrix_federation }}"
matrix_synapse_container_labels_public_federation_api_traefik_entrypoints: "{{ matrix_federation_traefik_entrypoint_name }}"
matrix_synapse_container_labels_public_federation_api_traefik_tls: "{{ matrix_federation_traefik_entrypoint_tls }}"
matrix_synapse_container_labels_public_federation_api_traefik_tls_certResolver: "{{ matrix_synapse_container_labels_traefik_tls_certResolver }}" # noqa var-naming
matrix_synapse_container_labels_public_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
matrix_synapse_container_labels_public_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
@@ -4871,7 +4841,6 @@ matrix_synapse_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_path_pr
matrix_synapse_email_enabled: "{{ exim_relay_enabled }}"
matrix_synapse_email_smtp_host: "{{ exim_relay_identifier }}"
matrix_synapse_email_smtp_port: 8025
matrix_synapse_email_smtp_require_transport_security: false
matrix_synapse_email_notif_from: "Matrix <{{ exim_relay_sender_address }}>"
matrix_synapse_turn_uris: "{{ coturn_turn_uris if coturn_enabled else [] }}"
@@ -5225,7 +5194,6 @@ matrix_synapse_usage_exporter_container_network: "{{ matrix_monitoring_container
matrix_synapse_usage_exporter_container_additional_networks: "{{ [matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else [] }}"
matrix_synapse_usage_exporter_container_labels_traefik_enabled: "{{ matrix_synapse_usage_exporter_proxying_enabled }}"
matrix_synapse_usage_exporter_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
matrix_synapse_usage_exporter_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
matrix_synapse_usage_exporter_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
@@ -5571,76 +5539,6 @@ grafana_default_home_dashboard_path: |-
#
######################################################################
######################################################################
#
# matrix-registration
#
######################################################################
matrix_registration_enabled: false
matrix_registration_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"
matrix_registration_hostname: "{{ matrix_server_fqn_matrix }}"
matrix_registration_path_prefix: /matrix-registration
matrix_registration_systemd_required_services_list_auto: |
{{
([postgres_identifier ~ '.service'] if (postgres_enabled and matrix_registration_database_hostname == postgres_connection_hostname) else [])
}}
matrix_registration_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_registration_container_image_registry_prefix_upstream_default }}"
matrix_registration_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_registration_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '8767') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
matrix_registration_container_network: "{{ matrix_addons_container_network }}"
matrix_registration_container_additional_networks_auto: |-
{{
(
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
+
([postgres_container_network] if (postgres_enabled and matrix_registration_database_hostname == postgres_connection_hostname and matrix_registration_container_network != postgres_container_network) else [])
+
([matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_playbook_reverse_proxyable_services_additional_network and matrix_registration_container_labels_traefik_enabled) else [])
) | unique
}}
matrix_registration_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
matrix_registration_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
matrix_registration_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
matrix_registration_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
matrix_registration_riot_instance: "{{ (('https://' if matrix_playbook_ssl_enabled else 'http://') + matrix_server_fqn_element) if matrix_client_element_enabled else 'https://element.io/app/' }}"
matrix_registration_shared_secret: |-
{{
{
'synapse': matrix_synapse_registration_shared_secret | default (''),
'dendrite': matrix_dendrite_client_api_registration_shared_secret | default (''),
'conduit': '',
'continuwuity': '',
'tuwunel': '',
}[matrix_homeserver_implementation]
}}
matrix_registration_server_location: "{{ matrix_addons_homeserver_client_api_url }}"
matrix_registration_api_validate_certs: "{{ matrix_playbook_ssl_enabled }}"
# Postgres is the default, except if not using internal Postgres server
matrix_registration_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
matrix_registration_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
matrix_registration_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mx.registr.db') | hash('sha512') | to_uuid }}"
######################################################################
#
# /matrix-registration
#
######################################################################
######################################################################
#
# matrix-dendrite
@@ -6417,7 +6315,6 @@ matrix_livekit_jwt_service_enabled: "{{ matrix_rtc_enabled and livekit_server_en
matrix_livekit_jwt_service_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"
matrix_livekit_jwt_service_hostname: "{{ matrix_server_fqn_matrix }}"
matrix_livekit_jwt_service_path_prefix: "/livekit-jwt-service"
matrix_livekit_jwt_service_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
i18n/requirements.txt
+8 -8
View File
@@ -1,22 +1,22 @@
alabaster==1.0.0
babel==2.18.0
certifi==2026.4.22
certifi==2026.5.20
charset-normalizer==3.4.7
click==8.3.3
click==8.4.0
docutils==0.22.4
idna==3.13
idna==3.15
imagesize==2.0.0
Jinja2==3.1.6
linkify-it-py==2.1.0
markdown-it-py==4.1.0
markdown-it-py==4.2.0
MarkupSafe==3.0.3
mdit-py-plugins==0.5.0
mdit-py-plugins==0.6.1
mdurl==0.1.2
myst-parser==5.0.0
myst-parser==5.1.0
packaging==26.2
Pygments==2.20.0
PyYAML==6.0.3
requests==2.33.1
requests==2.34.2
setuptools==82.0.1
snowballstemmer==3.0.1
Sphinx==9.1.0
@@ -30,4 +30,4 @@ sphinxcontrib-qthelp==2.0.0
sphinxcontrib-serializinghtml==2.0.0
tabulate==0.10.0
uc-micro-py==2.0.0
urllib3==2.6.3
urllib3==2.7.0
i18n/translation-templates/CHANGELOG.pot
+2299 -2251
View File
File diff suppressed because it is too large Load Diff
i18n/translation-templates/README.pot
+26 -38
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-05-07 11:16+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -41,7 +41,7 @@ msgid "🎯 Purpose"
msgstr ""
#: ../../../README.md:7
msgid "This [Ansible](https://www.ansible.com/) playbook is meant to help you run your own [Matrix](http://matrix.org/) homeserver, along with the [various services](#supported-services) related to that."
msgid "This [Ansible](https://www.ansible.com/) playbook is meant to help you run your own [Matrix](http://matrix.org/) homeserver, along with the [various services](#-supported-services) related to that."
msgstr ""
#: ../../../README.md:9
@@ -436,18 +436,6 @@ msgstr ""
msgid "[Link](docs/configuring-playbook-matrix-ldap-registration-proxy.md)"
msgstr ""
#: ../../../README.md:0
msgid "[matrix-registration](https://github.com/ZerataX/matrix-registration)"
msgstr ""
#: ../../../README.md:0
msgid "Simple python application to have a token based Matrix registration"
msgstr ""
#: ../../../README.md:0
msgid "[Link](docs/configuring-playbook-matrix-registration.md)"
msgstr ""
#: ../../../README.md:0
msgid "[Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service)"
msgstr ""
@@ -472,11 +460,11 @@ msgstr ""
msgid "[Link](docs/configuring-playbook-synapse-simple-antispam.md)"
msgstr ""
#: ../../../README.md:100
#: ../../../README.md:99
msgid "File Storage"
msgstr ""
#: ../../../README.md:102
#: ../../../README.md:101
msgid "Use alternative file storage to the default `media_store` folder."
msgstr ""
@@ -512,11 +500,11 @@ msgstr ""
msgid "[Link](docs/configuring-playbook-matrix-media-repo.md)"
msgstr ""
#: ../../../README.md:110
#: ../../../README.md:109
msgid "Bridges"
msgstr ""
#: ../../../README.md:112
#: ../../../README.md:111
msgid "Bridges can be used to connect your Matrix installation with third-party communication networks."
msgstr ""
@@ -629,7 +617,7 @@ msgid "[Link](docs/configuring-playbook-bridge-mautrix-googlechat.md)"
msgstr ""
#: ../../../README.md:0
msgid "[mautrix-meta](https://github.com/mautrix/instagram)"
msgid "[mautrix-meta](https://github.com/mautrix/meta)"
msgstr ""
#: ../../../README.md:0
@@ -808,11 +796,11 @@ msgstr ""
msgid "[Link](docs/configuring-playbook-bridge-postmoogle.md)"
msgstr ""
#: ../../../README.md:141
#: ../../../README.md:140
msgid "Bots"
msgstr ""
#: ../../../README.md:143
#: ../../../README.md:142
msgid "Bots provide various additional functionality to your installation."
msgstr ""
@@ -912,11 +900,11 @@ msgstr ""
msgid "[Link](docs/configuring-playbook-bot-buscarron.md)"
msgstr ""
#: ../../../README.md:156
#: ../../../README.md:155
msgid "Administration"
msgstr ""
#: ../../../README.md:158
#: ../../../README.md:157
msgid "Services that help you in administrating and monitoring your Matrix installation."
msgstr ""
@@ -1004,11 +992,11 @@ msgstr ""
msgid "[Link](docs/configuring-playbook-synapse-usage-exporter.md)"
msgstr ""
#: ../../../README.md:170
#: ../../../README.md:169
msgid "Misc"
msgstr ""
#: ../../../README.md:172
#: ../../../README.md:171
msgid "Various services that don't fit any other categories."
msgstr ""
@@ -1132,54 +1120,54 @@ msgstr ""
msgid "[Link](docs/configuring-playbook-element-call.md)"
msgstr ""
#: ../../../README.md:187
#: ../../../README.md:186
msgid "🆕 Changes"
msgstr ""
#: ../../../README.md:189
#: ../../../README.md:188
msgid "This playbook evolves over time, sometimes with backward-incompatible changes."
msgstr ""
#: ../../../README.md:191
#: ../../../README.md:190
msgid "When updating the playbook, refer to [the changelog](CHANGELOG.md) to catch up with what's new."
msgstr ""
#: ../../../README.md:193
#: ../../../README.md:192
msgid "🆘 Support"
msgstr ""
#: ../../../README.md:195
#: ../../../README.md:194
msgid "Matrix room: [#matrix-docker-ansible-deploy:devture.com](https://matrix.to/#/#matrix-docker-ansible-deploy:devture.com)"
msgstr ""
#: ../../../README.md:197
#: ../../../README.md:196
msgid "IRC channel: `#matrix-docker-ansible-deploy` on the [Libera Chat](https://libera.chat/) IRC network (irc.libera.chat:6697)"
msgstr ""
#: ../../../README.md:199
#: ../../../README.md:198
msgid "GitHub issues: [spantaleev/matrix-docker-ansible-deploy/issues](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues)"
msgstr ""
#: ../../../README.md:201
#: ../../../README.md:200
msgid "🌐 Translation"
msgstr ""
#: ../../../README.md:203
#: ../../../README.md:202
msgid "See the [i18n/README.md](i18n/README.md) file for more information about translation."
msgstr ""
#: ../../../README.md:205
#: ../../../README.md:204
msgid "Translations are still work in progress."
msgstr ""
#: ../../../README.md:207
#: ../../../README.md:206
msgid "🤝 Related"
msgstr ""
#: ../../../README.md:209
#: ../../../README.md:208
msgid "You may also be interested in [mash-playbook](https://github.com/mother-of-all-self-hosting/mash-playbook) - another Ansible playbook for self-hosting non-Matrix services (see its [List of supported services](https://github.com/mother-of-all-self-hosting/mash-playbook/blob/main/docs/supported-services.md))."
msgstr ""
#: ../../../README.md:211
#: ../../../README.md:210
msgid "mash-playbook also makes use of [Traefik](./docs/configuring-playbook-traefik.md) as its reverse-proxy, so with minor [interoperability adjustments](https://github.com/mother-of-all-self-hosting/mash-playbook/blob/main/docs/interoperability.md), you can make matrix-docker-ansible-deploy and mash-playbook co-exist and host Matrix and non-Matrix services on the same server."
msgstr ""
i18n/translation-templates/docs/ansible.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -48,8 +48,8 @@ msgstr ""
msgid "If your distro ships with an Ansible version older than this, you may run into issues. Consider [Upgrading Ansible](#upgrading-ansible) or [using Ansible via Docker](#using-ansible-via-docker)."
msgstr ""
#: ../../../docs/ansible.md:27
msgid "[!WARNING] One reason for the version requirement being as such is that the playbook by default installs Docker for you using [this Docker role](https://github.com/geerlingguy/ansible-role-docker) which [has a hard requirement on Ansible v2.15.1](https://github.com/geerlingguy/ansible-role-docker/commit/7f44a1d9ad8132819ea9852918bca5dab8757cd0). If you install Docker yourself another way, you can tell the playbook to skip running this role (by adding `matrix_playbook_docker_installation_enabled: false` to your `vars.yml` configuration). It may then be possible to get the playbook running on an older version of Ansible. Still, this is a complication and your mileage may vary. We recommend [upgrading Ansible](#upgrading-ansible) instead of going into uncharted territory."
#: ../../../docs/ansible.md:28
msgid "One reason for the version requirement being as such is that the playbook by default installs Docker for you using [this Docker role](https://github.com/geerlingguy/ansible-role-docker) which [has a hard requirement on Ansible v2.15.1](https://github.com/geerlingguy/ansible-role-docker/commit/7f44a1d9ad8132819ea9852918bca5dab8757cd0). If you install Docker yourself another way, you can tell the playbook to skip running this role (by adding `matrix_playbook_docker_installation_enabled: false` to your `vars.yml` configuration). It may then be possible to get the playbook running on an older version of Ansible. Still, this is a complication and your mileage may vary. We recommend [upgrading Ansible](#upgrading-ansible) instead of going into uncharted territory."
msgstr ""
#: ../../../docs/ansible.md:30
i18n/translation-templates/docs/configuring-ipv6.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -96,8 +96,8 @@ msgstr ""
msgid "traffic destined for the IPv6 address of the server will be forwarded to the containers that handle (and publish) that specific port"
msgstr ""
#: ../../../docs/configuring-ipv6.md:59
msgid "[!WARNING] Without enabling this and assuming you have IPv6 `AAAA` DNS records pointing to the server (see [Configuring DNS records for IPv6](#configuring-dns-records-for-ipv6)), IPv6 traffic will still be handled, but NAT64 will be used instead of NAT66. As such, containers will only have an IPv4 address and all IPv6 traffic that reaches them will seem to originate from a local IP. Containers also won't be able to make outgoing (even cross-container) IPv6 requests."
#: ../../../docs/configuring-ipv6.md:60
msgid "Without enabling this and assuming you have IPv6 `AAAA` DNS records pointing to the server (see [Configuring DNS records for IPv6](#configuring-dns-records-for-ipv6)), IPv6 traffic will still be handled, but NAT64 will be used instead of NAT66. As such, containers will only have an IPv4 address and all IPv6 traffic that reaches them will seem to originate from a local IP. Containers also won't be able to make outgoing (even cross-container) IPv6 requests."
msgstr ""
#: ../../../docs/configuring-ipv6.md:63
i18n/translation-templates/docs/configuring-playbook-alertmanager-receiver.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -64,8 +64,8 @@ msgstr ""
msgid "The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md)."
msgstr ""
#: ../../../docs/configuring-playbook-alertmanager-receiver.md:37
msgid "[!WARNING] Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
#: ../../../docs/configuring-playbook-alertmanager-receiver.md:38
msgid "Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
msgstr ""
#: ../../../docs/configuring-playbook-alertmanager-receiver.md:40
i18n/translation-templates/docs/configuring-playbook-appservice-draupnir-for-all.pot
+98 -62
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-05-07 11:16+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -16,179 +16,215 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:8
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:9
msgid "Setting up Draupnir for All/D4A (optional)"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:10
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:11
msgid "The playbook can install and configure the [Draupnir](https://github.com/the-draupnir-project/Draupnir) moderation tool for you in appservice mode."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:12
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:13
msgid "Appservice mode can be used together with the regular [Draupnir bot](configuring-playbook-bot-draupnir.md) or independently. Details about the differences between the 2 modes are described below."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:14
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:15
msgid "Draupnir Appservice mode compared to Draupnir bot mode"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:16
msgid "The administrative functions for managing the appservice are alpha quality and very limited. However, the experience of using an appservice-provisioned Draupnir is on par with the experience of using Draupnir from bot mode except in the case of avatar customisation as described later on in this document."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:17
msgid "The administrative functions for managing the appservice are alpha quality and very limited. However, the experience of using an appservice-provisioned Draupnir is on par with the experience of using Draupnir from bot mode."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:18
msgid "Draupnir for all is the way to go if you need more than 1 Draupnir instance, but you don't need access to Synapse Admin features as they are not accessible through Draupnir for All (Even though the commands do show up in help)."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:19
msgid "Draupnir for all is the way to go if you need more than 1 Draupnir instance, but you don't need access to Synapse Admin features as they are not accessible through Draupnir for All."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:20
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:21
msgid "Draupnir for all in the playbook is rate-limit-exempt automatically as its appservice configuration file does not specify any rate limits."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:22
msgid "Normal Draupnir does come with the benefit of access to Synapse Admin features. You are also able to more easily customise your normal Draupnir than D4A as D4A even on the branch with the Avatar command (To be Upstreamed to Mainline Draupnir) that command is clunky as it requires the use of things like Element Web devtools. In normal Draupnir this is a quick operation where you login to Draupnir with a normal client and set Avatar and Display name normally."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:23
msgid "Normal Draupnir does come with the benefit of access to Synapse Admin features. You are also able to more easily customise your normal Draupnir than D4A as the avatar command is clunky as it requires the use of things like Element Web devtools. In normal Draupnir this can be done while logged in to the Draupnir account with a normal client and set Avatar and Display name normally."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:24
msgid "Draupnir for all does not support external tooling like [MRU](https://mru.rory.gay) as it can't access Draupnir's user account."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:25
msgid "Draupnir for all only has limited support for external tooling like [MRU](https://mru.rory.gay) as it can't access Draupnir's user account."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:26
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:27
msgid "Prerequisites"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:28
msgid "Create a main management room"
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:29
msgid "Prerequisites for Zero Touch Deployment (recommended)"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:30
msgid "The playbook does not create a management room for your Main Draupnir. You **need to create the room manually** before setting up the bot."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:31
msgid "As of Draupnir 3.1.0, Zero Touch Deployment of Draupnir Appservice Mode (Draupnir for all) requires you to supply the following:"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:32
msgid "Note that the room must be unencrypted."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:33
msgid "MXID of the first person who gets invited to the admin room that the bot creates for you."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:34
msgid "The management room has to be given an alias, and your bot has to be invited to the room."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:35
msgid "That is all. The appservice manages everything on its own after you provide it with an MXID to invite."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:36
msgid "This management room is used to control who has access to your D4A deployment. The room stores this data inside of the control room state so your bot must have sufficient powerlevel to send custom state events. This is default 50 or moderator as Element clients call this powerlevel."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:37
msgid "If proceeding with Zero Touch Deployment, skip ahead to [Adjusting the playbook configuration](#adjusting-the-playbook-configuration)."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:38
msgid "[!WARNING] Anyone in this room can control the bot so it is important that you only invite trusted users to this room."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:39
msgid "Create an admin room (optional)"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:41
msgid "Adjusting the playbook configuration"
msgid "The playbook does not create an admin room for your Draupnir, but the appservice itself can do this for you. Alternatively, you **can create the room manually** before setting up the bot."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:43
msgid "Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file. Make sure to replace `MANAGEMENT_ROOM_ALIAS_HERE`."
msgid "Note that the room must be unencrypted."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:51
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:45
msgid "The admin room has to be given an alias, and your bot has to be invited to the room."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:47
msgid "This admin room is used to control who has access to your D4A deployment. The room stores this data in the control room state, so your bot must have sufficient power level to send custom state events. This is `50` by default (moderator, as Element clients call this power level)."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:50
msgid "Anyone in this room can control the bot so it is important that you only invite trusted users to this room."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:52
msgid "Adjusting the playbook configuration"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:54
msgid "When using Zero Touch Deployment, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file. Make sure to replace `INITIAL_MANAGER_MXID_HERE` with the MXID of the user who should be invited to the admin room first."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:64
msgid "If opting out of Zero Touch Deployment, use the following configuration block instead. Make sure to replace `MANAGEMENT_ROOM_ALIAS_HERE` with the alias of the admin room you have created earlier."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:72
msgid "Running both bot mode and appservice mode"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:53
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:74
msgid "When running both [bot mode](./configuring-playbook-bot-draupnir.md) and appservice mode, the playbook will force-restart the bot if running a non-release tag like `latest` or `main` or a development build. This is due to the conditional restart logic not being able to reliably tell when an update happened."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:57
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:78
msgid "Conditional restarts work correctly for all tags when running only one of these two operating modes."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:59
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:80
msgid "Extending the configuration"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:61
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:82
msgid "There are some additional things you may wish to configure about the component."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:63
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:84
msgid "Take a look at:"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:65
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:86
msgid "`roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml` for some variables that you can customize via your `vars.yml` file. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_appservice_draupnir_for_all_configuration_extension_yaml` variable"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:67
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:88
msgid "For example, to change Draupnir's `protectAllJoinedRooms` option to `true`, add the following configuration to your `vars.yml` file:"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:81
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:102
msgid "You can refer to the upstream [documentation](https://github.com/the-draupnir-project/Draupnir) for more configuration documentation."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:83
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:98
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:104
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:119
msgid "**Notes**:"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:85
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:106
msgid "The playbook ships a full copy of the example config that does transfer to provisioned Draupnirs in the production-bots.yaml.j2 file in the template directory of the role."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:87
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:108
msgid "Config extension does not affect the appservices config as this config is not extensible in current Draupnir anyway. It instead touches the config passed to the Draupnirs that your Appservice creates. So the example above (`protectAllJoinedRooms: true`) makes all provisioned Draupnirs protect all joined rooms."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:89
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:110
msgid "Installing"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:91
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:112
msgid "After configuring the playbook, run it with [playbook tags](playbook-tags.md) as below:"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:100
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:121
msgid "The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:102
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:123
msgid "`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:104
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:125
msgid "Usage"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:106
msgid "If you made it through all the steps above and your main control room was joined by a user called `@draupnir-main:example.com` you have successfully installed Draupnir for All and can now start using it."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:127
msgid "If you made it through all the steps above and your main control room was joined by a user called `@draupnir-main:example.com`, you have successfully installed Draupnir for All and can now start using it."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:108
msgid "The installation of Draupnir for all in this playbook is very much Alpha quality. Usage-wise, Draupnir for all is almost identical to Draupnir bot mode."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:129
msgid "If using Zero Touch Deployment, the flow is reversed and the success signal is the initial manager account being invited to the admin room."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:110
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:131
msgid "Draupnir for all installation via this playbook is very much Alpha quality. Usage-wise, Draupnir for all is almost identical to Draupnir bot mode, except that protections requiring homeserver admin access are not available, and the config file is shared between all bots so legacy protections like wordlist share a single global config."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:133
msgid "Granting Users the ability to use D4A"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:112
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:135
msgid "Draupnir for all includes several security measures like that it only allows users that are on its allow list to ask for a bot. To add a user to this list we have 2 primary options. Using the chat to tell Draupnir to do this for us or if you want to automatically do it by sending `m.policy.rule.user` events that target the subject you want to allow provisioning for with the `org.matrix.mjolnir.allow` recommendation. Using the chat is recommended."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:114
msgid "The bot requires a powerlevel of 50 in the management room to control who is allowed to use the bot. The bot does currently not say anything if this is true or false. (This is considered a bug and is documented in issue [#297](https://github.com/the-draupnir-project/Draupnir/issues/297))"
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:137
msgid "The bot requires a power level of 50 in the management room to control who is allowed to use the bot. The bot does currently not say anything if this is true or false. (This is considered a bug and is documented in issue [#297](https://github.com/the-draupnir-project/Draupnir/issues/297).) This issue is largely mitigated by the Zero Touch Deployment workflows introduced in Draupnir 3.1.0."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:116
msgid "To allow users or whole homeservers you type /plain !admin allow `target` and target can be either a MXID or a wildcard like `@*:example.com` to allow all users on example.com to register. We use /plain to force the client to not attempt to mess with this command as it can break Wildcard commands especially."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:139
msgid "To allow users or whole homeservers you type /plain !admin allow `target` and target can be either a MXID or a wildcard like `@*:example.com` to allow all users on example.com to provision a bot. We use /plain to force the client to not attempt to mess with this command as it can break Wildcard commands especially."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:118
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:141
msgid "How to provision a D4A once you are allowed to"
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:120
msgid "To provision a D4A, you need to start a chat with `@draupnir-main:example.com`. The bot will reject this invite and you will shortly get invited to the Draupnir control room for your newly provisioned Draupnir. From here its just a normal Draupnir experience."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:143
msgid "Once someone is allowed to provision a bot, simply provision them one with `!admin provision MXID`."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:122
msgid "Congratulations if you made it all the way here because you now have a fully working Draupnir for all deployment."
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:145
msgid "Self-service provisioning is disabled as a security measure because it is currently bugged. Force-provisioning (with `!admin provision`) bypasses this disabled status."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:147
msgid "Note that you should always make sure there is an allow entry matching whoever is provisioned, because once self-service is fixed, the bot of anyone who is not allowed to provision a bot will refuse to start."
msgstr ""
#: ../../../docs/configuring-playbook-appservice-draupnir-for-all.md:149
msgid "Congratulations if you made it all the way here, because you now have a fully working Draupnir for all deployment."
msgstr ""
i18n/translation-templates/docs/configuring-playbook-bot-draupnir.pot
+266 -210
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-05-07 11:16+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -16,431 +16,487 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ../../../docs/configuring-playbook-bot-draupnir.md:10
#: ../../../docs/configuring-playbook-bot-draupnir.md:11
msgid "Setting up Draupnir (optional)"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:12
#: ../../../docs/configuring-playbook-bot-draupnir.md:13
msgid "The playbook can install and configure the [Draupnir](https://github.com/the-draupnir-project/Draupnir) moderation bot for you."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:14
#: ../../../docs/configuring-playbook-bot-draupnir.md:15
msgid "See the project's [documentation](https://the-draupnir-project.github.io/draupnir-documentation/) to learn what it does and why it might be useful to you."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:16
#: ../../../docs/configuring-playbook-bot-draupnir.md:17
msgid "This documentation page is about installing Draupnir in bot mode. As an alternative, you can run a multi-instance Draupnir deployment by installing [Draupnir in appservice mode](./configuring-playbook-appservice-draupnir-for-all.md) (called Draupnir-for-all) instead."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:18
#: ../../../docs/configuring-playbook-bot-draupnir.md:19
msgid "If your migrating from [Mjolnir](configuring-playbook-bot-mjolnir.md), skip to [this section](#migrating-from-mjolnir-only-required-if-migrating)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:20
#: ../../../docs/configuring-playbook-bot-draupnir.md:21
msgid "Prerequisites"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:22
msgid "Create a management room"
#: ../../../docs/configuring-playbook-bot-draupnir.md:23
msgid "Prerequisites for Zero Touch Deployment (recommended)"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:24
msgid "Using your own account, create a new invite only room that you will use to manage the bot. This is the room where you will see the status of the bot and where you will send commands to the bot, such as the command to ban a user from another room."
#: ../../../docs/configuring-playbook-bot-draupnir.md:25
msgid "As of Draupnir 3.1.0, Zero Touch Deployment of Draupnir bot mode requires you to supply the following:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:26
msgid "[!WARNING] Anyone in this room can control the bot so it is important that you only invite trusted users to this room."
#: ../../../docs/configuring-playbook-bot-draupnir.md:27
msgid "MXID of the first person who gets invited to the management room that the bot creates for you."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:28
msgid "A permanent access token for authentication. Instructions for obtaining one can be found at [obtain an access token via curl](obtaining-access-tokens.md#obtain-an-access-token-via-curl)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:29
msgid "It is possible to make the management room encrypted (E2EE). If doing so, then you need to enable the native E2EE support (see [below](#native-e2ee-support))."
msgid "A user account for Draupnir."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:31
msgid "Once you have created the room you need to copy the room ID so you can specify it on your `inventory/host_vars/matrix.example.com/vars.yml` file. In Element Web you can check the ID by going to the room's settings and clicking \"Advanced\". The room ID will look something like `!qporfwt:example.com`."
msgid "Zero Touch Deployment is the officially preferred installation method for new deployments of Draupnir as of 3.1.0."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:33
msgid "End-to-End Encryption support"
msgid "Create a management room (optional)"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:35
msgid "Using your own account, create a new invite only room that you will use to manage the bot. This is the room where you will see the status of the bot and where you will send commands to the bot, such as the command to ban a user from another room."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:38
msgid "Anyone in this room can control the bot so it is important that you only invite trusted users to this room."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:40
msgid "It is possible to make the management room encrypted (E2EE). If doing so, then you need to enable the native E2EE support (see [below](#native-e2ee-support))."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:42
msgid "E2EE support for the management room is mutually exclusive with Zero Touch Deployment of Draupnir."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:44
msgid "Once you have created the room you need to copy the room ID so you can specify it on your `inventory/host_vars/matrix.example.com/vars.yml` file. In Element Web you can check the ID by going to the room's settings and clicking \"Advanced\". The room ID will look something like `!qporfwt:example.com`."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:46
msgid "End-to-End Encryption support"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:48
msgid "Decide whether you want to support having an encrypted management room or not. Draupnir can still protect encrypted rooms without encryption support enabled."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:37
#: ../../../docs/configuring-playbook-bot-draupnir.md:50
msgid "Refer to Draupnir's [documentation](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#protecting-encrypted-rooms) for more details about why you might want to care about encryption support for protected rooms."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:39
#: ../../../docs/configuring-playbook-bot-draupnir.md:52
msgid "Disable Pantalaimon for Draupnir (since v2.0.0; optional)"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:41
#: ../../../docs/configuring-playbook-bot-draupnir.md:54
msgid "It is known that running Draupnir along with Pantalaimon breaks all workflows that involve answering prompts with reactions."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:43
#: ../../../docs/configuring-playbook-bot-draupnir.md:56
msgid "If you are updating Draupnir from v1.x.x and have enabled Pantalaimon for it, you can disable Pantalaimon in favor of the native E2EE support. To disable Pantalaimon, remove the configuration `matrix_bot_draupnir_pantalaimon_use: true` from your `vars.yml` file."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:45
#: ../../../docs/configuring-playbook-bot-draupnir.md:58
msgid "**Note**: because the management room is still encrypted, disabling it without enabling the native E2EE support will break the management room."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:47
#: ../../../docs/configuring-playbook-bot-draupnir.md:60
msgid "Native E2EE support"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:49
#: ../../../docs/configuring-playbook-bot-draupnir.md:62
msgid "To enable the native E2EE support, you need to obtain an access token for Draupnir and set it on your `vars.yml` file."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:51
#: ../../../docs/configuring-playbook-bot-draupnir.md:64
msgid "Note that native E2EE requires a clean access token that has not touched E2EE so curl is recommended as a method to obtain it. **The access token obtained via Element Web does not work with it**. Refer to the documentation on [how to obtain an access token via curl](obtaining-access-tokens.md#obtain-an-access-token-via-curl)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:53
#: ../../../docs/configuring-playbook-bot-draupnir.md:66
msgid "To enable the native E2EE support, add the following configuration to your `vars.yml` file. Make sure to replace `CLEAN_ACCESS_TOKEN_HERE` with the access token you obtained just now."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:64
#: ../../../docs/configuring-playbook-bot-draupnir.md:77
msgid "Adjusting the playbook configuration"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:66
msgid "To enable the bot, add the following configuration to your `vars.yml` file. Make sure to replace `MANAGEMENT_ROOM_ID_HERE` with the one of the room which you have created earlier."
#: ../../../docs/configuring-playbook-bot-draupnir.md:79
msgid "Configuration for Zero Touch Deployment (recommended)"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:85
msgid "Running both bot mode and appservice mode"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:87
msgid "When running both bot mode and [appservice mode (Draupnir for all)](./configuring-playbook-appservice-draupnir-for-all.md), the playbook will force-restart the bot if running a non-release tag like `latest` or `main` or a development build. This is due to the conditional restart logic not being able to reliably tell when an update happened."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:91
msgid "Conditional restarts work correctly for all tags when running only one of these two operating modes."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:93
msgid "Create and invite the bot to the management room"
#: ../../../docs/configuring-playbook-bot-draupnir.md:81
msgid "To enable the bot using Zero Touch Deployment, add the following configuration to your `vars.yml` file. Make sure to replace `INITIAL_MANAGER_MXID_HERE` with the MXID of the user who should be invited to the management room first, and `CLEAN_ACCESS_TOKEN_HERE` with the access token you obtained."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:95
msgid "Configuration without Zero Touch Deployment"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:97
msgid "If you'd prefer to have the bot manage its own login at the cost of having to create the management room manually, you can use native login with the configuration block below. Make sure to replace `MANAGEMENT_ROOM_ID_HERE` with the ID of the management room you have created earlier."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:116
msgid "Running both bot mode and appservice mode"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:118
msgid "When running both bot mode and [appservice mode (Draupnir for all)](./configuring-playbook-appservice-draupnir-for-all.md), the playbook will force-restart the bot if running a non-release tag like `latest` or `main` or a development build. This is due to the conditional restart logic not being able to reliably tell when an update happened."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:122
msgid "Conditional restarts work correctly for all tags when running only one of these two operating modes."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:124
msgid "Create and invite the bot to the management room (only when using native login without Zero Touch Deployment)"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:126
msgid "Before proceeding to the next step, run the playbook with the following command to create the bot user."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:101
#: ../../../docs/configuring-playbook-bot-draupnir.md:132
msgid "**Note**: the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:103
#: ../../../docs/configuring-playbook-bot-draupnir.md:134
msgid "Then, invite the bot (`@bot.draupnir:example.com`) to its management room which you have created earlier."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:105
msgid "Make sure the account is free from rate limiting (optional, recommended)"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:107
msgid "If your homeserver's implementation is Synapse, you will need to prevent it from rate limiting the bot's account. **This is a highly recommended step. If you do not configure it, Draupnir performance will be degraded.**"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:109
msgid "This can be done using Synapse's [Admin APIs](https://element-hq.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). They can be accessed both externally and internally."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:111
msgid "**Note**: access to the APIs is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, doing so is not recommended for additional security. See [official Synapse reverse-proxying recommendations](https://element-hq.github.io/synapse/latest/reverse_proxy.html#synapse-administration-endpoints)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:113
msgid "The APIs can also be accessed via [Ketesa](https://github.com/etkecc/ketesa), a web UI tool you can use to administrate users, rooms, media, etc. on your Matrix server. The playbook can install and configure Ketesa for you. For details about it, see [this page](configuring-playbook-ketesa.md)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:115
msgid "Add the configuration"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:117
msgid "To expose the APIs publicly, add the following configuration to your `vars.yml` file:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:123
msgid "Obtain an access token for admin account"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:125
msgid "Manual access to Synapse's Admin APIs requires an access token for a homeserver admin account. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:127
msgid "[!WARNING] Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:130
msgid "Run the `curl` command"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:132
msgid "To disable rate limiting, run the following command on systems that ship curl. Before running it, make sure to replace:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:134
msgid "`ADMIN_ACCESS_TOKEN_HERE` with the access token of the admin account"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:135
msgid "`example.com` with your base domain"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:136
msgid "`@bot.draupnir:example.com` with the MXID of your Draupnir bot user"
msgid "Creating a user account for the bot (when using Zero Touch Deployment)"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:138
msgid "Since Zero Touch Deployment is not validated with native login, you will need to create the user account manually."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:140
msgid "Refer to [registering users](registering-users.md) for documentation on how to configure the user account."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:142
#: ../../../docs/configuring-playbook-bot-draupnir.md:215
msgid "**Notes**:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:143
msgid "This does not work on outdated Windows 10 as curl is not available there."
msgid "Make sure the account is free from rate limiting (optional, recommended)"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:144
msgid "Even if the APIs are not exposed to the internet, you should still be able to run the command on the homeserver locally."
msgid "If your homeserver's implementation is Synapse, you will need to prevent it from rate limiting the bot's account. **This is a highly recommended step. If you do not configure it, Draupnir performance will be degraded.**"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:146
msgid "Abuse Reports"
msgid "This can be done using Synapse's [Admin APIs](https://element-hq.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). They can be accessed both externally and internally."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:148
msgid "Draupnir can receive reports in the management room."
msgid "**Note**: access to the APIs is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, doing so is not recommended for additional security. See [official Synapse reverse-proxying recommendations](https://element-hq.github.io/synapse/latest/reverse_proxy.html#synapse-administration-endpoints)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:150
msgid "The bot can intercept the report API endpoint of the client-server API, which requires integration with the reverse proxy in front of the homeserver. If you are using Traefik, this playbook can set this up for you:"
msgid "The APIs can also be accessed via [Ketesa](https://github.com/etkecc/ketesa), a web UI tool you can use to administrate users, rooms, media, etc. on your Matrix server. The playbook can install and configure Ketesa for you. For details about it, see [this page](configuring-playbook-ketesa.md)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:156
msgid "Enabling synapse-http-antispam support"
#: ../../../docs/configuring-playbook-bot-draupnir.md:152
msgid "Add the configuration"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:158
msgid "Certain protections in Draupnir require the [synapse-http-antispam](https://github.com/maunium/synapse-http-antispam) module and a Synapse homeserver plus homeserver admin status to function. This module can be enabled in the playbook via setting `matrix_bot_draupnir_config_web_synapseHTTPAntispam_enabled` to `true` and making sure that Draupnir admin API access is enabled."
#: ../../../docs/configuring-playbook-bot-draupnir.md:154
msgid "This is automatically done if Ketesa is enabled. Otherwise, to expose the APIs publicly, add the following configuration to your `vars.yml` file:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:168
msgid "These protections need to be manually activated and consulting the [enabling protections](#enabling-built-in-protections) guide can be helpful or consulting upstream documentation."
#: ../../../docs/configuring-playbook-bot-draupnir.md:160
msgid "Obtain an access token for admin account"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:176
msgid "Extending the configuration"
#: ../../../docs/configuring-playbook-bot-draupnir.md:162
msgid "Manual access to Synapse's Admin APIs requires an access token for a homeserver admin account. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:178
msgid "There are some additional things you may wish to configure about the bot."
#: ../../../docs/configuring-playbook-bot-draupnir.md:165
msgid "Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:180
msgid "Take a look at:"
#: ../../../docs/configuring-playbook-bot-draupnir.md:167
msgid "Run the `curl` command"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:169
msgid "To disable rate limiting, run the following command on systems that ship curl. Before running it, make sure to replace:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:171
msgid "`ADMIN_ACCESS_TOKEN_HERE` with the access token of the admin account"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:172
msgid "`example.com` with your base domain"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:173
msgid "`@bot.draupnir:example.com` with the MXID of your Draupnir bot user"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:179
#: ../../../docs/configuring-playbook-bot-draupnir.md:254
msgid "**Notes**:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:181
msgid "This does not work on outdated Windows 10 as curl is not available there."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:182
msgid "`roles/custom/matrix-bot-draupnir/defaults/main.yml` for some variables that you can customize via your `vars.yml` file. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_bot_draupnir_configuration_extension_yaml` variable"
msgid "Even if the APIs are not exposed to the internet, you should still be able to run the command on the homeserver locally."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:184
msgid "For example, to change Draupnir's `acceptInvitesFromSpace` option to `!qporfwt:example.com`, add the following configuration to your `vars.yml` file:"
msgid "Abuse Reports"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:198
msgid "Migrating from Mjolnir (Only required if migrating)"
#: ../../../docs/configuring-playbook-bot-draupnir.md:186
msgid "Draupnir can receive reports in the management room."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:200
msgid "Replace your `matrix_bot_mjolnir` config with `matrix_bot_draupnir` config. Also disable Mjolnir if you're doing migration."
#: ../../../docs/configuring-playbook-bot-draupnir.md:188
msgid "The bot can intercept the report API endpoint of the client-server API, which requires integration with the reverse proxy in front of the homeserver. If you are using Traefik, this playbook can set this up for you:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:202
msgid "Note that Draupnir supports E2EE natively, so you can enable it instead of Pantalaimon. It is recommended to consult the instruction [here](#native-e2ee-support)."
#: ../../../docs/configuring-playbook-bot-draupnir.md:194
msgid "Enabling synapse-http-antispam support"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:204
msgid "That is all you need to do due to that Draupnir can complete migration on its own."
#: ../../../docs/configuring-playbook-bot-draupnir.md:196
msgid "Certain protections in Draupnir require the [synapse-http-antispam](https://github.com/maunium/synapse-http-antispam) module and a Synapse homeserver plus homeserver admin status to function. This module can be enabled in the playbook via setting `matrix_bot_draupnir_config_web_synapseHTTPAntispam_enabled` to `true` and making sure that Draupnir admin API access is enabled."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:206
msgid "Installing"
msgid "These protections need to be manually activated. Consulting the [enabling protections](#enabling-built-in-protections) guide and/or upstream documentation can be helpful."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:208
msgid "After configuring the playbook, run it with [playbook tags](playbook-tags.md) as below:"
msgid "The other method polls a Synapse Admin API endpoint, hence it is available only if using Synapse and if the Draupnir user is an admin. To enable it, set `pollReports: true` in your `vars.yml` file as below:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:215
msgid "Extending the configuration"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:217
msgid "The `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account."
msgid "There are some additional things you may wish to configure about the bot."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:219
msgid "The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`"
msgid "Take a look at:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:221
msgid "`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed."
msgid "`roles/custom/matrix-bot-draupnir/defaults/main.yml` for some variables that you can customize via your `vars.yml` file. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_bot_draupnir_configuration_extension_yaml` variable"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:223
msgid "If you change the bot password (`matrix_bot_draupnir_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [Ketesa](configuring-playbook-ketesa.md) to change it, and then update `matrix_bot_draupnir_password` to let the bot know its new password."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:225
msgid "Usage"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:227
msgid "You can refer to the upstream [documentation](https://the-draupnir-project.github.io/draupnir-documentation/) for additional ways to use and configure Draupnir and for a more detailed usage guide."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:229
msgid "Below is a **non-exhaustive quick-start guide** for the impatient."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:231
msgid "Making Draupnir join and protect a room"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:233
msgid "Draupnir can be told to self-join public rooms, but it's better to follow this flow which works well for all kinds of rooms:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:235
msgid "Invite the bot to the room manually ([inviting Draupnir to rooms](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#inviting-draupnir-to-rooms)). Before joining, the bot *may* ask for confirmation in the Management Room"
msgid "For example, to change Draupnir's `acceptInvitesFromSpace` option to `!qporfwt:example.com`, add the following configuration to your `vars.yml` file:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:237
msgid "[Give the bot permissions to do its job](#giving-draupnir-permissions-to-do-its-job)"
msgid "Migrating from Mjolnir (Only required if migrating)"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:239
msgid "Tell it to protect the room (using the [rooms command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#using-the-draupnir-rooms-command)) by sending the following command to the Management Room: `!draupnir rooms add !qporfwt:example.com`"
msgid "Replace your `matrix_bot_mjolnir` config with `matrix_bot_draupnir` config. Also disable Mjolnir if you're doing migration."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:241
msgid "To have Draupnir provide useful room protection, you need do to a bit more work (at least the first time around). You may wish to [Subscribe to a public policy list](#subscribing-to-a-public-policy-list), [Create your own own policy and rules](#creating-your-own-policy-lists-and-rules) and [Enabling built-in protections](#enabling-built-in-protections)."
msgid "Note that Draupnir supports E2EE natively, so you can enable it instead of Pantalaimon. It is recommended to consult the instruction [here](#native-e2ee-support)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:243
msgid "Giving Draupnir permissions to do its job"
msgid "That is all you need to do due to that Draupnir can complete migration on its own."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:245
msgid "For Draupnir to do its job, you need to [give it permissions](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#giving-draupnir-permissions) in rooms it's protecting. This involves **giving it an Administrator power level**."
msgid "Installing"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:247
msgid "**We recommend setting this power level as soon as the bot joins your room** (and before you create new rules), so that it can apply rules as soon as they are available. If the bot is under-privileged, it may fail to apply protections and may not retry for a while (or until your restart it)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:249
msgid "Subscribing to a public policy list"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:251
msgid "We recommend **subscribing to a public [policy list](https://the-draupnir-project.github.io/draupnir-documentation/concepts/policy-lists)** using the [watch command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-policy-lists#using-draupnirs-watch-command-to-subscribe-to-policy-rooms)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:253
msgid "Policy lists are maintained in Matrix rooms. Popular ones maintained in the public are:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:255
msgid "`#community-moderation-effort-bl:neko.dev`"
msgid "After configuring the playbook, run it with [playbook tags](playbook-tags.md) as below:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:256
msgid "`#huginn-muninn-active-threats:feline.support`"
msgid "The `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:258
msgid "You can tell Draupnir to subscribe to each of these by sending the following command to the Management Room: `!draupnir watch POLICY_LIST_ADDRESS_HERE` (e.g. `!draupnir watch #community-moderation-effort-bl:neko.dev`)"
msgid "The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:260
msgid "Creating your own policy lists and rules"
msgid "`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:262
msgid "We also recommend **creating your own policy lists** with the [list create](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-policy-lists#using-draupnirs-list-create-command-to-create-a-policy-room) command."
msgid "If you change the bot password (`matrix_bot_draupnir_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [Ketesa](configuring-playbook-ketesa.md) to change it, and then update `matrix_bot_draupnir_password` to let the bot know its new password."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:264
msgid "You can do so by sending the following command to the Management Room: `!draupnir list create my-bans my-bans-bl`. This will create a policy list having a name (shortcode) of `my-bans` and stored in a public `#my-bans-bl:example.com` room on your server. As soon as you run this command, the bot will invite you to the policy list room."
msgid "Usage"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:266
msgid "A policy list does nothing by itself, so the next step is **adding some rules to your policy list**. Policies target a so-called `entity` (one of: `user`, `room` or `server`). These entities are mentioned on the [policy lists](https://the-draupnir-project.github.io/draupnir-documentation/concepts/policy-lists) documentation page and in the Matrix Spec [here](https://spec.matrix.org/v1.11/client-server-api/#mban-recommendation)."
msgid "You can refer to the upstream [documentation](https://the-draupnir-project.github.io/draupnir-documentation/) for additional ways to use and configure Draupnir and for a more detailed usage guide."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:268
msgid "The simplest and most useful entity to target is `user`. Below are a few examples using the [ban command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-users#the-ban-command) and targeting users."
msgid "Below is a **non-exhaustive quick-start guide** for the impatient."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:270
msgid "To create rules, you run commands in the Management Room (**not** in the policy list room)."
msgid "Making Draupnir join and protect a room"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:272
msgid "(ban a single user on a given homeserver): `!draupnir ban @charles:example.com my-bans Rude to others`"
msgid "Draupnir can be told to self-join public rooms, but it's better to follow this flow which works well for all kinds of rooms:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:273
msgid "(ban all users on a given homeserver by using a [wildcard](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-users#wildcards)): `!draupnir ban @*:example.org my-bans Spam server, all users are fake`"
#: ../../../docs/configuring-playbook-bot-draupnir.md:274
msgid "Invite the bot to the room manually ([inviting Draupnir to rooms](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#inviting-draupnir-to-rooms)). Before joining, the bot *may* ask for confirmation in the Management Room"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:275
msgid "As a result of running these commands, you may observe:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:277
msgid "Draupnir creating `m.policy.rule.user` state events in the `#my-bans-bl:example.com` room on your server"
#: ../../../docs/configuring-playbook-bot-draupnir.md:276
msgid "[Give the bot permissions to do its job](#giving-draupnir-permissions-to-do-its-job)"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:278
msgid "applying these rules against all rooms that Draupnir is an Administrator in"
msgid "Tell it to protect the room (using the [rooms command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#using-the-draupnir-rooms-command)) by sending the following command to the Management Room: `!draupnir rooms add !qporfwt:example.com`"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:280
msgid "You can undo bans with the [unban command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-users#the-unban-command)."
msgid "To have Draupnir provide useful room protection, you need do to a bit more work (at least the first time around). You may wish to [Subscribe to a public policy list](#subscribing-to-a-public-policy-list), [Create your own own policy and rules](#creating-your-own-policy-lists-and-rules) and [Enabling built-in protections](#enabling-built-in-protections)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:282
msgid "Enabling built-in protections"
msgid "Giving Draupnir permissions to do its job"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:284
msgid "You can also **turn on various built-in [protections](https://the-draupnir-project.github.io/draupnir-documentation/protections)** like `JoinWaveShortCircuitProtection` (\"If X amount of users join in Y time, set the room to invite-only\")."
msgid "For Draupnir to do its job, you need to [give it permissions](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-protected-rooms#giving-draupnir-permissions) in rooms it's protecting. This involves **giving it an Administrator power level**."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:286
msgid "To **see which protections are available and which are enabled**, send a `!draupnir protections` command to the Management Room."
msgid "**We recommend setting this power level as soon as the bot joins your room** (and before you create new rules), so that it can apply rules as soon as they are available. If the bot is under-privileged, it may fail to apply protections and may not retry for a while (or until your restart it)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:288
msgid "To [**see the configuration options for a given protection**](https://the-draupnir-project.github.io/draupnir-documentation/protections/configuring-protections#displaying-the-protection-settings), send a `!draupnir protections show PROTECTION_NAME` (e.g. `!draupnir protections show JoinWaveShortCircuitProtection`)."
msgid "Subscribing to a public policy list"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:290
msgid "To [**set a specific option for a given protection**](https://the-draupnir-project.github.io/draupnir-documentation/protections/configuring-protections#changing-protection-settings), send a command like this: `!draupnir protections config set PROTECTION_NAME OPTION VALUE` (e.g. `!draupnir protections config set JoinWaveShortCircuitProtection timescaleMinutes 30`)."
msgid "We recommend **subscribing to a public [policy list](https://the-draupnir-project.github.io/draupnir-documentation/concepts/policy-lists)** using the [watch command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-policy-lists#using-draupnirs-watch-command-to-subscribe-to-policy-rooms)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:292
msgid "To [**enable a given protection**](https://the-draupnir-project.github.io/draupnir-documentation/protections/block-invitations-on-server-protection#enabling-the-protection), send a command like this: `!draupnir protections enable PROTECTION_NAME` (e.g. `!draupnir protections enable JoinWaveShortCircuitProtection`)."
msgid "Policy lists are maintained in Matrix rooms. Popular ones maintained in the public are:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:294
msgid "`#community-moderation-effort-bl:neko.dev`"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:295
msgid "`#huginn-muninn-active-threats:feline.support`"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:297
msgid "You can tell Draupnir to subscribe to each of these by sending the following command to the Management Room: `!draupnir watch POLICY_LIST_ADDRESS_HERE` (e.g. `!draupnir watch #community-moderation-effort-bl:neko.dev`)"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:299
msgid "Creating your own policy lists and rules"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:301
msgid "We also recommend **creating your own policy lists** with the [list create](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-policy-lists#using-draupnirs-list-create-command-to-create-a-policy-room) command."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:303
msgid "You can do so by sending the following command to the Management Room: `!draupnir list create my-bans my-bans-bl`. This will create a policy list having a name (shortcode) of `my-bans` and stored in a public `#my-bans-bl:example.com` room on your server. As soon as you run this command, the bot will invite you to the policy list room."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:305
msgid "A policy list does nothing by itself, so the next step is **adding some rules to your policy list**. Policies target a so-called `entity` (one of: `user`, `room` or `server`). These entities are mentioned on the [policy lists](https://the-draupnir-project.github.io/draupnir-documentation/concepts/policy-lists) documentation page and in the Matrix Spec [here](https://spec.matrix.org/v1.11/client-server-api/#mban-recommendation)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:307
msgid "The simplest and most useful entity to target is `user`. Below are a few examples using the [ban command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-users#the-ban-command) and targeting users."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:309
msgid "To create rules, you run commands in the Management Room (**not** in the policy list room)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:311
msgid "(ban a single user on a given homeserver): `!draupnir ban @charles:example.com my-bans Rude to others`"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:312
msgid "(ban all users on a given homeserver by using a [wildcard](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-users#wildcards)): `!draupnir ban @*:example.org my-bans Spam server, all users are fake`"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:314
msgid "As a result of running these commands, you may observe:"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:316
msgid "Draupnir creating `m.policy.rule.user` state events in the `#my-bans-bl:example.com` room on your server"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:317
msgid "applying these rules against all rooms that Draupnir is an Administrator in"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:319
msgid "You can undo bans with the [unban command](https://the-draupnir-project.github.io/draupnir-documentation/moderator/managing-users#the-unban-command)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:321
msgid "Enabling built-in protections"
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:323
msgid "You can also **turn on various built-in [protections](https://the-draupnir-project.github.io/draupnir-documentation/protections)** like `JoinWaveShortCircuitProtection` (\"If X amount of users join in Y time, set the room to invite-only\")."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:325
msgid "To **see which protections are available and which are enabled**, send a `!draupnir protections` command to the Management Room."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:327
msgid "To [**see the configuration options for a given protection**](https://the-draupnir-project.github.io/draupnir-documentation/protections/configuring-protections#displaying-the-protection-settings), send a `!draupnir protections show PROTECTION_NAME` (e.g. `!draupnir protections show JoinWaveShortCircuitProtection`)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:329
msgid "To [**set a specific option for a given protection**](https://the-draupnir-project.github.io/draupnir-documentation/protections/configuring-protections#changing-protection-settings), send a command like this: `!draupnir protections config set PROTECTION_NAME OPTION VALUE` (e.g. `!draupnir protections config set JoinWaveShortCircuitProtection timescaleMinutes 30`)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:331
msgid "To [**enable a given protection**](https://the-draupnir-project.github.io/draupnir-documentation/protections/block-invitations-on-server-protection#enabling-the-protection), send a command like this: `!draupnir protections enable PROTECTION_NAME` (e.g. `!draupnir protections enable JoinWaveShortCircuitProtection`)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-draupnir.md:333
msgid "To **disable a given protection**, send a command like this: `!draupnir protections disable PROTECTION_NAME` (e.g. `!draupnir protections disable JoinWaveShortCircuitProtection`)."
msgstr ""
i18n/translation-templates/docs/configuring-playbook-bot-go-neb.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -64,8 +64,8 @@ msgstr ""
msgid "The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-go-neb.md:39
msgid "[!WARNING] Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
#: ../../../docs/configuring-playbook-bot-go-neb.md:40
msgid "Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
msgstr ""
#: ../../../docs/configuring-playbook-bot-go-neb.md:42
i18n/translation-templates/docs/configuring-playbook-bot-maubot.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-04-03 11:56+0100\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -177,8 +177,8 @@ msgstr ""
msgid "Alternatively, you can refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). Be aware that you'd better use the **Obtain an access token via curl** method (not **Obtain an access token via Element Web**) as the latter will causes issues to your bot in encrypted rooms. Read [more](https://docs.mau.fi/maubot/usage/basic.html#creating-clients)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-maubot.md:123
msgid "[!WARNING] Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
#: ../../../docs/configuring-playbook-bot-maubot.md:124
msgid "Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
msgstr ""
#: ../../../docs/configuring-playbook-bot-maubot.md:126
i18n/translation-templates/docs/configuring-playbook-bot-mjolnir.pot
+6 -6
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-04-03 11:56+0100\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -60,9 +60,9 @@ msgstr ""
msgid "The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md)."
msgstr ""
#: ../../../docs/configuring-playbook-bot-mjolnir.md:38
#: ../../../docs/configuring-playbook-bot-mjolnir.md:63
msgid "[!WARNING] Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
#: ../../../docs/configuring-playbook-bot-mjolnir.md:39
#: ../../../docs/configuring-playbook-bot-mjolnir.md:64
msgid "Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
msgstr ""
#: ../../../docs/configuring-playbook-bot-mjolnir.md:41
@@ -142,8 +142,8 @@ msgstr ""
msgid "Using your own account, create a new invite only room that you will use to manage the bot. This is the room where you will see the status of the bot and where you will send commands to the bot, such as the command to ban a user from another room."
msgstr ""
#: ../../../docs/configuring-playbook-bot-mjolnir.md:86
msgid "[!WARNING] Anyone in this room can control the bot so it is important that you only invite trusted users to this room."
#: ../../../docs/configuring-playbook-bot-mjolnir.md:87
msgid "Anyone in this room can control the bot so it is important that you only invite trusted users to this room."
msgstr ""
#: ../../../docs/configuring-playbook-bot-mjolnir.md:89
i18n/translation-templates/docs/configuring-playbook-bridge-appservice-kakaotalk.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -28,8 +28,8 @@ msgstr ""
msgid "See the project's [documentation](https://src.miscworks.net/fair/matrix-appservice-kakaotalk/src/branch/master/README.md) to learn what it does and why it might be useful to you."
msgstr ""
#: ../../../docs/configuring-playbook-bridge-appservice-kakaotalk.md:16
msgid "[!WARNING] There have been recent reports (~2022-09-16) that **using this bridge may get your account banned**."
#: ../../../docs/configuring-playbook-bridge-appservice-kakaotalk.md:17
msgid "There have been recent reports (~2022-09-16) that **using this bridge may get your account banned**."
msgstr ""
#: ../../../docs/configuring-playbook-bridge-appservice-kakaotalk.md:19
i18n/translation-templates/docs/configuring-playbook-bridge-wechat.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -28,8 +28,8 @@ msgstr ""
msgid "See the project's [documentation](https://github.com/duo/matrix-wechat/blob/master/README.md) to learn what it does and why it might be useful to you."
msgstr ""
#: ../../../docs/configuring-playbook-bridge-wechat.md:14
msgid "[!WARNING] This bridge does not work against newer versions of Synapse anymore. See [this issue](https://github.com/duo/matrix-wechat/issues/33). Don't even bother installing it. Unless bridge maintenance is resumed and fixes this issue, we have no choice but to remove it from the playbook."
#: ../../../docs/configuring-playbook-bridge-wechat.md:15
msgid "This bridge does not work against newer versions of Synapse anymore. See [this issue](https://github.com/duo/matrix-wechat/issues/33). Don't even bother installing it. Unless bridge maintenance is resumed and fixes this issue, we have no choice but to remove it from the playbook."
msgstr ""
#: ../../../docs/configuring-playbook-bridge-wechat.md:17
i18n/translation-templates/docs/configuring-playbook-conduit.pot
+1 -5
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -32,10 +32,6 @@ msgstr ""
msgid "By default, the playbook installs [Synapse](https://github.com/element-hq/synapse) as it's the only full-featured Matrix server at the moment. If that's okay, you can skip this document."
msgstr ""
#: ../../../docs/configuring-playbook-conduit.md:16
msgid "[!WARNING]"
msgstr ""
#: ../../../docs/configuring-playbook-conduit.md:17
msgid "**You can't switch an existing Matrix server's implementation** (e.g. Synapse -> Conduit). Proceed below only if you're OK with losing data or you're dealing with a server on a new domain name, which hasn't participated in the Matrix federation yet."
msgstr ""
i18n/translation-templates/docs/configuring-playbook-conduwuit.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-05-07 11:16+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -60,6 +60,6 @@ msgstr ""
msgid "If you are not going to migrate to [Tuwunel](configuring-playbook-tuwunel.md) or [Continuwuity](configuring-playbook-continuwuity.md), you can remove data by running the command on the server:"
msgstr ""
#: ../../../docs/configuring-playbook-conduwuit.md:48
msgid "[!WARNING] Once you removing the path, there is no going back. Your data on the homeserver (including chat history, rooms, etc.) will be deleted and not be possible to restore them. Please be certain."
#: ../../../docs/configuring-playbook-conduwuit.md:49
msgid "Once you removing the path, there is no going back. Your data on the homeserver (including chat history, rooms, etc.) will be deleted and not be possible to restore them. Please be certain."
msgstr ""
i18n/translation-templates/docs/configuring-playbook-continuwuity.pot
+1 -5
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-05-07 11:16+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -36,10 +36,6 @@ msgstr ""
msgid "💡 **Note**: continuwuity is a fork of [conduwuit](./configuring-playbook-conduwuit.md), which the playbook has supported."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:18
msgid "[!WARNING]"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:19
msgid "**You can't switch an existing Matrix server's implementation** (e.g. Synapse -> Continuwuity). Proceed below only if you're OK with losing data or you're dealing with a server on a new domain name, which hasn't participated in the Matrix federation yet."
msgstr ""
i18n/translation-templates/docs/configuring-playbook-dendrite.pot
+1 -5
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -32,10 +32,6 @@ msgstr ""
msgid "By default, the playbook installs [Synapse](https://github.com/element-hq/synapse) as it's the only full-featured Matrix server at the moment. If that's okay, you can skip this document."
msgstr ""
#: ../../../docs/configuring-playbook-dendrite.md:17
msgid "[!WARNING]"
msgstr ""
#: ../../../docs/configuring-playbook-dendrite.md:18
msgid "**You can't switch an existing Matrix server's implementation** (e.g. Synapse -> Dendrite). Proceed below only if you're OK with losing data or you're dealing with a server on a new domain name, which hasn't participated in the Matrix federation yet."
msgstr ""
i18n/translation-templates/docs/configuring-playbook-element-admin.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-04-03 11:56+0100\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -92,8 +92,8 @@ msgstr ""
msgid "Example additional configuration for your `vars.yml` file:"
msgstr ""
#: ../../../docs/configuring-playbook-element-admin.md:53
msgid "[!WARNING] A `matrix_element_admin_path_prefix` variable is also available and mean to let you configure a path prefix for the Element Admin service, but **Element Admin does not support running under a sub-path yet**."
#: ../../../docs/configuring-playbook-element-admin.md:54
msgid "A `matrix_element_admin_path_prefix` variable is also available and mean to let you configure a path prefix for the Element Admin service, but **Element Admin does not support running under a sub-path yet**."
msgstr ""
#: ../../../docs/configuring-playbook-element-admin.md:56
i18n/translation-templates/docs/configuring-playbook-element-call.pot
+7 -7
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -52,8 +52,8 @@ msgstr ""
msgid "(Optional) Guest accounts being enabled for your Matrix server, if you'd like guests to be able to use Element Call. See [Allowing guests to use Element Call](#allowing-guests-to-use-element-call-optional)"
msgstr ""
#: ../../../docs/configuring-playbook-element-call.md:23
msgid "[!WARNING] Because Element Call [requires](https://github.com/element-hq/element-call/blob/93ae2aed9841e0b066d515c56bd4c122d2b591b2/docs/self-hosting.md#a-matrix-homeserver) a few experimental features in the Matrix protocol, it's **very likely that it only works with the Synapse homeserver**."
#: ../../../docs/configuring-playbook-element-call.md:24
msgid "Because Element Call [requires](https://github.com/element-hq/element-call/blob/93ae2aed9841e0b066d515c56bd4c122d2b591b2/docs/self-hosting.md#a-matrix-homeserver) a few experimental features in the Matrix protocol, it's **very likely that it only works with the Synapse homeserver**."
msgstr ""
#: ../../../docs/configuring-playbook-element-call.md:26
@@ -192,8 +192,8 @@ msgstr ""
msgid "Example additional configuration for your `vars.yml` file:"
msgstr ""
#: ../../../docs/configuring-playbook-element-call.md:82
msgid "[!WARNING] A `matrix_element_call_path_prefix` variable is also available and mean to let you configure a path prefix for the Element Call service, but [Element Call does not support running under a sub-path yet](https://github.com/element-hq/element-call/issues/3084)."
#: ../../../docs/configuring-playbook-element-call.md:83
msgid "A `matrix_element_call_path_prefix` variable is also available and mean to let you configure a path prefix for the Element Call service, but [Element Call does not support running under a sub-path yet](https://github.com/element-hq/element-call/issues/3084)."
msgstr ""
#: ../../../docs/configuring-playbook-element-call.md:85
@@ -208,8 +208,8 @@ msgstr ""
msgid "If you'd like guests to be able to use Element Call as well, you need to enable guest accounts support for your homeserver."
msgstr ""
#: ../../../docs/configuring-playbook-element-call.md:91
msgid "[!WARNING] Enabling guest accounts means that your homeserver's user database may get polluted with guest account signups (potentially made by bots). Guest accounts should be limited in what (damage) they can do to your server and the rest of the Matrix ecosystem, but it's better to not enable them unless necessary."
#: ../../../docs/configuring-playbook-element-call.md:92
msgid "Enabling guest accounts means that your homeserver's user database may get polluted with guest account signups (potentially made by bots). Guest accounts should be limited in what (damage) they can do to your server and the rest of the Matrix ecosystem, but it's better to not enable them unless necessary."
msgstr ""
#: ../../../docs/configuring-playbook-element-call.md:95
i18n/translation-templates/docs/configuring-playbook-jitsi.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-04-15 09:10+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -124,8 +124,8 @@ msgstr ""
msgid "To enable the Gravatar service nevertheless, add the following configuration to your `vars.yml` file:"
msgstr ""
#: ../../../docs/configuring-playbook-jitsi.md:90
msgid "[!WARNING] This will result in third party request leaking data to the Gravatar Service (`gravatar.com`, unless configured otherwise). Besides metadata, the Matrix user_id and possibly the room ID (via `referrer` header) will be also sent to the third party."
#: ../../../docs/configuring-playbook-jitsi.md:91
msgid "This will result in third party request leaking data to the Gravatar Service (`gravatar.com`, unless configured otherwise). Besides metadata, the Matrix user_id and possibly the room ID (via `referrer` header) will be also sent to the third party."
msgstr ""
#: ../../../docs/configuring-playbook-jitsi.md:93
i18n/translation-templates/docs/configuring-playbook-ketesa.pot
+1 -5
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-04-15 09:10+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -28,10 +28,6 @@ msgstr ""
msgid "Ketesa is a fully-featured admin interface for Matrix homeservers — manage users, rooms, media, sessions, and more from one clean, responsive web UI. It is the evolution of [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologies/synapse-admin): what began as a fork has grown into its own independent project with a redesigned interface, comprehensive Synapse and MAS API coverage, and multi-language support. See the [Ketesa v1.0.0 announcement](https://etke.cc/blog/introducing-ketesa/) for a full overview of what's new."
msgstr ""
#: ../../../docs/configuring-playbook-ketesa.md:20
msgid "[!NOTE]"
msgstr ""
#: ../../../docs/configuring-playbook-ketesa.md:22
msgid "Ketesa does not work with other homeserver implementations than Synapse due to API's incompatibility."
msgstr ""
i18n/translation-templates/docs/configuring-playbook-ldap-auth.pot
+2 -2
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-20 02:45+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -25,7 +25,7 @@ msgid "The playbook can install and configure the [matrix-synapse-ldap3](https:/
msgstr ""
#: ../../../docs/configuring-playbook-ldap-auth.md:14
msgid "See the project's [documentation](https://github.com/matrix-org/matrix-synapse-ldap3/blob/main/README.rst) to learn what it does and why it might be useful to you."
msgid "See the project's [documentation](https://github.com/matrix-org/matrix-synapse-ldap3/blob/main/README.md) to learn what it does and why it might be useful to you."
msgstr ""
#: ../../../docs/configuring-playbook-ldap-auth.md:16
i18n/translation-templates/docs/configuring-playbook-livekit-server.pot
+17 -5
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-04-15 09:10+0000\n"
"POT-Creation-Date: 2026-05-18 07:22+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -117,21 +117,33 @@ msgid "and configuring their own Traefik TCP entrypoint dedicated to LiveKit TUR
msgstr ""
#: ../../../docs/configuring-playbook-livekit-server.md:64
msgid "Limitations"
msgid "TURN access controls"
msgstr ""
#: ../../../docs/configuring-playbook-livekit-server.md:66
msgid "LiveKit Server's TURN listener behavior depends on where TLS is terminated:"
msgid "LiveKit's embedded TURN server enforces a credential TTL and restricts which peer CIDRs it will relay to. The playbook leaves these at the role's secure defaults, which are appropriate for typical deployments where TURN peers live on the public Internet."
msgstr ""
#: ../../../docs/configuring-playbook-livekit-server.md:68
msgid "If your setup needs TURN to relay to private/restricted ranges, or you want to override the credential TTL, see the [TURN access controls and credential TTL](https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server/blob/main/docs/configuring-livekit-server.md#turn-access-controls-and-credential-ttl) section of the role's documentation."
msgstr ""
#: ../../../docs/configuring-playbook-livekit-server.md:70
msgid "Limitations"
msgstr ""
#: ../../../docs/configuring-playbook-livekit-server.md:72
msgid "LiveKit Server's TURN listener behavior depends on where TLS is terminated:"
msgstr ""
#: ../../../docs/configuring-playbook-livekit-server.md:74
msgid "Direct LiveKit TURN listeners (`livekit_server_config_turn_external_tls: false`) still use IPv4-only sockets for `3479/udp` and `5350/tcp`, so IPv6 connectivity to these endpoints is not possible."
msgstr ""
#: ../../../docs/configuring-playbook-livekit-server.md:69
#: ../../../docs/configuring-playbook-livekit-server.md:75
msgid "With [TURN TLS handling](#turn-tls-handling) (`livekit_server_config_turn_external_tls: true`), the playbook's dedicated `matrix-livekit-turn` TCP entrypoint can still listen on both IPv4 and IPv6. Traefik then forwards TURN/TCP to LiveKit."
msgstr ""
#: ../../../docs/configuring-playbook-livekit-server.md:71
#: ../../../docs/configuring-playbook-livekit-server.md:77
msgid "It appears that LiveKit Server intentionally only listens on `udp4` and `tcp4` in direct mode, as seen [here](https://github.com/livekit/livekit/blob/154b4d26b769c68a03c096124094b97bf61a996f/pkg/service/turn.go#L128) and [here](https://github.com/livekit/livekit/blob/154b4d26b769c68a03c096124094b97bf61a996f/pkg/service/turn.go#L92)."
msgstr ""
i18n/translation-templates/docs/configuring-playbook-matrix-corporal.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -20,8 +20,8 @@ msgstr ""
msgid "Setting up Matrix Corporal (optional, advanced)"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-corporal.md:11
msgid "[!WARNING] This is an advanced feature! It requires prior experience with Matrix and a specific need for using [Matrix Corporal](https://github.com/devture/matrix-corporal). If you're unsure whether you have such a need, you most likely don't."
#: ../../../docs/configuring-playbook-matrix-corporal.md:12
msgid "This is an advanced feature! It requires prior experience with Matrix and a specific need for using [Matrix Corporal](https://github.com/devture/matrix-corporal). If you're unsure whether you have such a need, you most likely don't."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-corporal.md:14
i18n/translation-templates/docs/configuring-playbook-matrix-registration.pot
+10 -154
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -16,166 +16,22 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ../../../docs/configuring-playbook-matrix-registration.md:9
msgid "Setting up matrix-registration (optional)"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:11
msgid "[!WARNING]"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:12
msgid "This is a poorly maintained and buggy project. It's better to avoid using it."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:13
msgid "This is not related to [matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md)"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:15
msgid "The playbook can install and configure [matrix-registration](https://github.com/ZerataX/matrix-registration) for you. It is a simple python application to have a token based Matrix registration."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:17
msgid "Use matrix-registration to **create unique registration links**, which people can use to register on your Matrix server. It allows certain people (these having a special link) to register a user account, **keeping your server's registration closed (private)**."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:19
msgid "**matrix-registration** provides 2 things:"
msgid "Setting up matrix-registration (optional, removed)"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:21
msgid "**an API for creating registration tokens** (unique registration links). This API can be used via `curl` or via the playbook (see [Usage](#usage) below)"
#: ../../../docs/configuring-playbook-matrix-registration.md:22
msgid "This is not related to [matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md)."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:23
msgid "**a user registration page**, where people can use these registration tokens. By default, exposed at `https://matrix.example.com/matrix-registration`"
#: ../../../docs/configuring-playbook-matrix-registration.md:24
msgid "🪦 The playbook used to be able to install and configure [matrix-registration](https://github.com/ZerataX/matrix-registration), but no longer includes this component, as it has been unmaintained since November, 2025."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:25
msgid "Adjusting DNS records (optional)"
#: ../../../docs/configuring-playbook-matrix-registration.md:26
msgid "Uninstalling the component manually"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:27
msgid "By default, this playbook installs the matrix-registration on the `matrix.` subdomain, at the `/matrix-registration` path (https://matrix.example.com/matrix-registration). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:29
msgid "If you wish to adjust it, see the section [below](#adjusting-the-matrix-registration-url-optional) for details about DNS configuration."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:31
msgid "Adjusting the playbook configuration"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:33
msgid "To enable matrix-registration, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:42
msgid "Adjusting the matrix-registration URL (optional)"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:44
msgid "By tweaking the `matrix_registration_hostname` and `matrix_registration_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:46
msgid "Example additional configuration for your `vars.yml` file:"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:54
msgid "If you've changed the default hostname, you may need to create a CNAME record for the matrix-registration domain (`registration.example.com`), which targets `matrix.example.com`."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:56
msgid "When setting, replace `example.com` with your own."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:58
msgid "Extending the configuration"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:60
msgid "There are some additional things you may wish to configure about the component."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:62
msgid "Take a look at:"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:64
msgid "`roles/custom/matrix-registration/defaults/main.yml` for some variables that you can customize via your `vars.yml` file"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:65
msgid "`roles/custom/matrix-registration/templates/config.yaml.j2` for the component's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_registration_configuration_extension_yaml` variable"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:67
msgid "Installing"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:69
msgid "After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the playbook with [playbook tags](playbook-tags.md) as below:"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:76
msgid "The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:78
msgid "`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:80
msgid "Usage"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:82
msgid "**matrix-registration** gets exposed at `https://matrix.example.com/matrix-registration`"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:84
msgid "It provides various [APIs](https://github.com/ZerataX/matrix-registration/wiki/api) — for creating registration tokens, listing tokens, disabling tokens, etc. To make use of all of its capabilities, consider using `curl`."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:86
msgid "We make the most common APIs easy to use via the playbook (see below)."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:88
msgid "Creating registration tokens"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:90
msgid "To **create a new user registration token (link)**, use this command:"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:98
msgid "The above command creates and returns a **one-time use** token, which **expires** on the 31st of December 2021. Adjust the `one_time` and `ex_date` variables as you see fit."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:100
msgid "Share the unique registration link (generated by the command above) with users to let them register on your Matrix server."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:102
msgid "Listing registration tokens"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:104
msgid "To **list the existing user registration tokens**, use this command:"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:111
msgid "The shortcut command with `just` program is also available: `just run-tags list-matrix-registration-tokens`"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:113
msgid "Troubleshooting"
msgstr ""
#: ../../../docs/configuring-playbook-matrix-registration.md:115
msgid "As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-registration`."
#: ../../../docs/configuring-playbook-matrix-registration.md:28
msgid "If you still have matrix-registration installed on your Matrix server, the playbook can no longer help you uninstall it and you will need to do it manually. To uninstall manually, run these commands on the server:"
msgstr ""
i18n/translation-templates/docs/configuring-playbook-matrix-rtc.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-05-07 11:16+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -56,8 +56,8 @@ msgstr ""
msgid "A client compatible with Element Call. As of 2025-03-15, that's just [Element Web](configuring-playbook-client-element-web.md) and the Element X mobile clients (iOS and Android)."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-rtc.md:24
msgid "[!WARNING] Because Element Call [requires](https://github.com/element-hq/element-call/blob/93ae2aed9841e0b066d515c56bd4c122d2b591b2/docs/self-hosting.md#a-matrix-homeserver) a few experimental features in the Matrix protocol, it's **very likely that it only works with the Synapse homeserver**."
#: ../../../docs/configuring-playbook-matrix-rtc.md:25
msgid "Because Element Call [requires](https://github.com/element-hq/element-call/blob/93ae2aed9841e0b066d515c56bd4c122d2b591b2/docs/self-hosting.md#a-matrix-homeserver) a few experimental features in the Matrix protocol, it's **very likely that it only works with the Synapse homeserver**."
msgstr ""
#: ../../../docs/configuring-playbook-matrix-rtc.md:27
i18n/translation-templates/docs/configuring-playbook-prometheus-grafana.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-04-15 09:10+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -24,8 +24,8 @@ msgstr ""
msgid "The playbook can install [Prometheus](https://prometheus.io/) with [Grafana](https://grafana.com/) and configure performance metrics of your homeserver with graphs for you."
msgstr ""
#: ../../../docs/configuring-playbook-prometheus-grafana.md:18
msgid "[!WARNING] Metrics and graphs contain a lot of information, and anyone who has access to them can make an educated guess about your server usage patterns. This especially applies to small personal/family scale homeservers, where the number of samples is fairly limited. Analyzing the metrics over time, one might be able to figure out your life cycle, such as when you wake up, go to bed, etc. Before enabling (anonymous) access, you should carefully evaluate the risk, and if you do enable it, it is highly recommended to change your Grafana password from the default one."
#: ../../../docs/configuring-playbook-prometheus-grafana.md:19
msgid "Metrics and graphs contain a lot of information, and anyone who has access to them can make an educated guess about your server usage patterns. This especially applies to small personal/family scale homeservers, where the number of samples is fairly limited. Analyzing the metrics over time, one might be able to figure out your life cycle, such as when you wake up, go to bed, etc. Before enabling (anonymous) access, you should carefully evaluate the risk, and if you do enable it, it is highly recommended to change your Grafana password from the default one."
msgstr ""
#: ../../../docs/configuring-playbook-prometheus-grafana.md:21
i18n/translation-templates/docs/configuring-playbook-traefik.pot
+5 -5
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-04-15 09:10+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -64,8 +64,8 @@ msgstr ""
msgid "The role also supports the legacy `traefik_dashboard_basicauth_user` / `traefik_dashboard_basicauth_password` convenience variables, but that path depends on the `passlib` Python library on the Ansible controller, may be affected by passlib/bcrypt compatibility issues, and generates non-deterministic hashes which can lead to unnecessary changes."
msgstr ""
#: ../../../docs/configuring-playbook-traefik.md:53
msgid "[!WARNING] Enabling the dashboard on a hostname you use for something else (like `matrix_server_fqn_matrix` in the configuration above) may cause conflicts. Enabling the Traefik Dashboard makes Traefik capture all `/dashboard` and `/api` requests and forward them to itself. If any of the services hosted on the same hostname requires any of these 2 URL prefixes, you will experience problems. So far, we're not aware of any playbook services which occupy these endpoints and are likely to cause conflicts."
#: ../../../docs/configuring-playbook-traefik.md:54
msgid "Enabling the dashboard on a hostname you use for something else (like `matrix_server_fqn_matrix` in the configuration above) may cause conflicts. Enabling the Traefik Dashboard makes Traefik capture all `/dashboard` and `/api` requests and forward them to itself. If any of the services hosted on the same hostname requires any of these 2 URL prefixes, you will experience problems. So far, we're not aware of any playbook services which occupy these endpoints and are likely to cause conflicts."
msgstr ""
#: ../../../docs/configuring-playbook-traefik.md:56
@@ -145,8 +145,8 @@ msgstr ""
msgid "With these changes, all TCP traffic will be reverse-proxied to the target system."
msgstr ""
#: ../../../docs/configuring-playbook-traefik.md:170
msgid "[!WARNING] This configuration might lead to problems or need additional steps when a [certbot](https://certbot.eff.org/) behind Traefik also tries to manage [Let's Encrypt](https://letsencrypt.org/) certificates, as Traefik captures all traffic to ```PathPrefix(`/.well-known/acme-challenge/`)```."
#: ../../../docs/configuring-playbook-traefik.md:171
msgid "This configuration might lead to problems or need additional steps when a [certbot](https://certbot.eff.org/) behind Traefik also tries to manage [Let's Encrypt](https://letsencrypt.org/) certificates, as Traefik captures all traffic to ```PathPrefix(`/.well-known/acme-challenge/`)```."
msgstr ""
#: ../../../docs/configuring-playbook-traefik.md:173
i18n/translation-templates/docs/configuring-playbook-turn.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-04-15 09:10+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -92,8 +92,8 @@ msgstr ""
msgid "If you'd like to rely on external IP address auto-detection (not recommended unless you need it), avoid configuring this variable. The playbook will automatically contact an [echoip](https://github.com/mpolden/echoip)-compatible service (`https://ifconfig.co/json` by default) to determine your server's IP address. This API endpoint is configurable via the `coturn_turn_external_ip_address_auto_detection_echoip_service_url` variable."
msgstr ""
#: ../../../docs/configuring-playbook-turn.md:57
msgid "[!NOTE] You can self-host the echoip service by using the [Mother-of-All-Self-Hosting (MASH)](https://github.com/mother-of-all-self-hosting/mash-playbook) Ansible playbook. See [this page](https://github.com/mother-of-all-self-hosting/mash-playbook/blob/main/docs/services/echoip.md) for the instruction to install it with the playbook. If you are wondering how to use it for your Matrix server, refer to [this page](https://github.com/mother-of-all-self-hosting/mash-playbook/blob/main/docs/setting-up-services-on-mdad-server.md) for the overview."
#: ../../../docs/configuring-playbook-turn.md:58
msgid "You can self-host the echoip service by using the [Mother-of-All-Self-Hosting (MASH)](https://github.com/mother-of-all-self-hosting/mash-playbook) Ansible playbook. See [this page](https://github.com/mother-of-all-self-hosting/mash-playbook/blob/main/docs/services/echoip.md) for the instruction to install it with the playbook. If you are wondering how to use it for your Matrix server, refer to [this page](https://github.com/mother-of-all-self-hosting/mash-playbook/blob/main/docs/setting-up-services-on-mdad-server.md) for the overview."
msgstr ""
#: ../../../docs/configuring-playbook-turn.md:60
i18n/translation-templates/docs/configuring-playbook-tuwunel.pot
+53 -49
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-05-07 11:16+0000\n"
"POT-Creation-Date: 2026-05-21 19:21+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -32,10 +32,6 @@ msgstr ""
msgid "By default, the playbook installs [Synapse](https://github.com/element-hq/synapse) as it's the only full-featured Matrix server at the moment. If that's okay, you can skip this document."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:16
msgid "[!WARNING]"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:17
msgid "**You can't switch an existing Matrix server's implementation** (e.g. Synapse → Tuwunel). Proceed below only if you're OK with starting over, or you're dealing with a server on a new domain name which hasn't participated in the Matrix federation yet. The one exception is migrating from conduwuit; see [Migrating from conduwuit](#migrating-from-conduwuit)."
msgstr ""
@@ -124,8 +120,8 @@ msgstr ""
msgid "Tuwunel can authenticate `m.login.password` requests against an LDAP directory and, in search-then-bind mode, keep admin status in sync with directory membership. The shipped image already includes the `ldap` build feature."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:97
msgid "[!NOTE] `bind_password_file` is read **inside the container**. The role bind-mounts `/matrix/tuwunel/config` to `/etc/tuwunel` (read-only) and `/matrix/tuwunel/data` to `/var/lib/tuwunel`. To make the file available at the path above, drop it on the host at `/matrix/tuwunel/config/ldap.pw` (owned by `matrix:matrix`) before running the playbook; the role does not template secret files for you."
#: ../../../docs/configuring-playbook-tuwunel.md:98
msgid "`bind_password_file` is read **inside the container**. The role bind-mounts `/matrix/tuwunel/config` to `/etc/tuwunel` (read-only) and `/matrix/tuwunel/data` to `/var/lib/tuwunel`. To make the file available at the path above, drop it on the host at `/matrix/tuwunel/config/ldap.pw` (owned by `matrix:matrix`) before running the playbook; the role does not template secret files for you."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:100
@@ -156,8 +152,8 @@ msgstr ""
msgid "The S3 backend ships with native multipart upload, so no goofys/rclone sidecar is required. MinIO, Cloudflare R2, and DigitalOcean Spaces all work; set `endpoint` and `use_vhost_request: false` as appropriate."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:138
msgid "[!NOTE] Local provider paths must live under `/var/lib/tuwunel` (the container's data mount, persisted on the host at `/matrix/tuwunel/data`), or you must mount the target directory into the container yourself via `matrix_tuwunel_container_extra_arguments`. The container otherwise runs read-only."
#: ../../../docs/configuring-playbook-tuwunel.md:139
msgid "Local provider paths must live under `/var/lib/tuwunel` (the container's data mount, persisted on the host at `/matrix/tuwunel/data`), or you must mount the target directory into the container yourself via `matrix_tuwunel_container_extra_arguments`. The container otherwise runs read-only."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:141
@@ -165,101 +161,109 @@ msgid "RocksDB and cache tuning"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:143
msgid "Tuwunel embeds RocksDB. The defaults (`rocksdb_compression_algo: zstd`) suit most deployments. For high-throughput servers you may want to enable direct I/O, raise parallelism, and bump the cache modifier:"
msgid "Tuwunel embeds RocksDB. The defaults (`rocksdb_compression_algo: zstd`) suit most deployments. For high-throughput servers you may want to enable direct I/O, raise parallelism, and configure a backup path:"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:152
#: ../../../docs/configuring-playbook-tuwunel.md:151
msgid "`matrix_tuwunel_config_cache_capacity_modifier` is left empty by default, so Tuwunel picks a value (`1.0` since v1.7.0, with rebalanced per-cache sizes that already raise memory use). Set it to `2.0` only on small hosts with four or fewer cores; on larger machines the default is recommended."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:153
msgid "If you run on ZFS, the [Tuwunel maintenance guide](https://matrix-construct.github.io/tuwunel/maintenance.html#zfs) lists the dataset properties (`recordsize`, `primarycache`, `compression`, `atime`, `logbias`) and config flags (`rocksdb_direct_io`, `rocksdb_allow_fallocate`) you need to adjust to avoid severe write amplification."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:154
#: ../../../docs/configuring-playbook-tuwunel.md:155
msgid "To enable Sentry crash reporting, set `matrix_tuwunel_config_sentry_enabled: true`."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:156
#: ../../../docs/configuring-playbook-tuwunel.md:157
msgid "Federation gating"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:158
#: ../../../docs/configuring-playbook-tuwunel.md:159
msgid "Tuwunel accepts regular-expression patterns at every level of remote-server filtering:"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:169
msgid "Tuwunel additionally implements [MSC4284 policy servers](https://github.com/matrix-org/matrix-spec-proposals/pull/4284) for room-level federation gating; that lives in room state and needs no playbook configuration."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:171
msgid "Default room version"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:173
msgid "The role sets `default_room_version: '12'`, so newly created rooms default to Matrix [room version 12](https://github.com/matrix-org/matrix-spec-proposals/pull/4289) (\"Hydra\"). Override `matrix_tuwunel_config_default_room_version` if you need an earlier version for client compatibility."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:175
msgid "Creating the first user account"
#: ../../../docs/configuring-playbook-tuwunel.md:170
msgid "Tuwunel additionally implements [MSC4284 policy servers](https://github.com/matrix-org/matrix-spec-proposals/pull/4284) for room-level federation gating. The policy itself lives in room state, but enforcement is opt-in at the server level:"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:177
msgid "When enabled, rooms with a valid `m.room.policy` state event have outgoing events signed by the configured policy server before federation. Transient network or timeout failures fail open (with a warn log), so a policy-server outage will not silently take the room offline."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:179
msgid "Default room version"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:181
msgid "The role sets `default_room_version: '12'`, so newly created rooms default to Matrix [room version 12](https://github.com/matrix-org/matrix-spec-proposals/pull/4289) (\"Hydra\"). Override `matrix_tuwunel_config_default_room_version` if you need an earlier version for client compatibility."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:183
msgid "Creating the first user account"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:185
msgid "Unlike Synapse and Dendrite, Tuwunel does not register users from the command line or via the playbook. On first startup it logs a one-time-use registration token to its journal:"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:184
#: ../../../docs/configuring-playbook-tuwunel.md:192
msgid "Use the token to create your first account from any client that supports token-gated registration (e.g. [Element Web](configuring-playbook-client-element-web.md)). The account is auto-promoted to admin and invited to the admin room together with the `@conduit:<server_name>` server bot. The bot keeps the legacy `conduit` localpart due to the project's lineage from Conduit."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:186
#: ../../../docs/configuring-playbook-tuwunel.md:194
msgid "Configuring bridges and appservices"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:188
#: ../../../docs/configuring-playbook-tuwunel.md:196
msgid "The playbook does not auto-register appservices for Tuwunel. After your bridge has produced its `registration.yaml` (e.g. `/matrix/mautrix-signal/bridge/registration.yaml`), register it manually by sending the contents to the admin room, prefixed with `!admin appservices register` and wrapped in a fenced code block:"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:209
#: ../../../docs/configuring-playbook-tuwunel.md:217
msgid "Registrations stored this way are persisted in the database and survive restarts. Re-running the command with the same `id` replaces the existing entry. See [Application services](https://matrix-construct.github.io/tuwunel/appservices.html) for the full reference and admin commands."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:211
#: ../../../docs/configuring-playbook-tuwunel.md:219
msgid "Migrating from conduwuit"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:213
#: ../../../docs/configuring-playbook-tuwunel.md:221
msgid "Tuwunel is a \"binary swap\" for conduwuit; it reads conduwuit's RocksDB layout directly, so migration is a data move, not an export/import."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:215
#: ../../../docs/configuring-playbook-tuwunel.md:223
msgid "Set `matrix_homeserver_implementation: tuwunel` on `vars.yml` and remove any `matrix_conduwuit_*` overrides."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:216
#: ../../../docs/configuring-playbook-tuwunel.md:224
msgid "Run a full installation so that the new service is created and the old one removed (e.g. `just setup-all`)."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:217
#: ../../../docs/configuring-playbook-tuwunel.md:225
msgid "Run `just run-tags tuwunel-migrate-from-conduwuit`."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:219
#: ../../../docs/configuring-playbook-tuwunel.md:227
msgid "The migration stops `matrix-conduwuit.service`, copies `/matrix/conduwuit` into `/matrix/tuwunel`, renames the config file, and starts `matrix-tuwunel.service`. The freshly generated tuwunel data directory is preserved alongside as `/matrix/tuwunel_old` until you remove it manually."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:221
msgid "[!CAUTION] Migrating from any other Conduit derivative (Conduit itself, Continuwuity, or any other fork) is **not supported** and will corrupt your database. All Conduit forks share the same linear database version with no awareness of each other; switching between them produces unrecoverable damage. See the [upstream migration table](https://matrix-construct.github.io/tuwunel/#migrating-to-tuwunel)."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:224
msgid "Troubleshooting"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:226
msgid "As with all other services, the logs are available via [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html):"
#: ../../../docs/configuring-playbook-tuwunel.md:230
msgid "Migrating from any other Conduit derivative (Conduit itself, Continuwuity, or any other fork) is **not supported** and will corrupt your database. All Conduit forks share the same linear database version with no awareness of each other; switching between them produces unrecoverable damage. See the [upstream migration table](https://matrix-construct.github.io/tuwunel/#migrating-to-tuwunel)."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:232
msgid "Logging verbosity is controlled by `matrix_tuwunel_config_log` in [`tracing-subscriber` env-filter syntax](https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct.EnvFilter.html). The default (`info,state_res=warn`) is reasonable for production; for debugging, try `debug` or scope it tighter, e.g. `info,tuwunel_service::sending=debug`."
msgid "Troubleshooting"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:234
msgid "As with all other services, the logs are available via [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html):"
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:240
msgid "Logging verbosity is controlled by `matrix_tuwunel_config_log` in [`tracing-subscriber` env-filter syntax](https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct.EnvFilter.html). The default (`info,state_res=warn`) is reasonable for production; for debugging, try `debug` or scope it tighter, e.g. `info,tuwunel_service::sending=debug`."
msgstr ""
#: ../../../docs/configuring-playbook-tuwunel.md:242
msgid "For RocksDB-level issues, online backups, and offline backup procedures, see the [Tuwunel maintenance guide](https://matrix-construct.github.io/tuwunel/maintenance.html). For protocol-compliance state across MSCs, the spec, and Complement, the project's [compliance dashboard](https://matrix-construct.github.io/tuwunel/development/compliance.html) is the authoritative tracker."
msgstr ""
i18n/translation-templates/docs/configuring-playbook-user-verification-service.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -100,8 +100,8 @@ msgstr ""
msgid "UVS requires an access token as an admin user to verify RoomMembership and PowerLevel against `matrix_user_verification_service_uvs_homeserver_url`. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md)."
msgstr ""
#: ../../../docs/configuring-playbook-user-verification-service.md:53
msgid "[!WARNING] Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
#: ../../../docs/configuring-playbook-user-verification-service.md:54
msgid "Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
msgstr ""
#: ../../../docs/configuring-playbook-user-verification-service.md:56
i18n/translation-templates/docs/configuring-playbook.pot
+91 -91
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-05-07 11:16+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -205,357 +205,357 @@ msgid "[Setting up Ketesa](configuring-playbook-ketesa.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:109
msgid "[Setting up matrix-registration](configuring-playbook-matrix-registration.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:111
msgid "[Setting up the REST authentication password provider module](configuring-playbook-rest-auth.md) (advanced)"
msgstr ""
#: ../../../docs/configuring-playbook.md:113
#: ../../../docs/configuring-playbook.md:111
msgid "[Setting up the Shared Secret Auth password provider module](configuring-playbook-shared-secret-auth.md) (advanced)"
msgstr ""
#: ../../../docs/configuring-playbook.md:115
#: ../../../docs/configuring-playbook.md:113
msgid "[Setting up the LDAP authentication password provider module](configuring-playbook-ldap-auth.md) (advanced)"
msgstr ""
#: ../../../docs/configuring-playbook.md:117
#: ../../../docs/configuring-playbook.md:115
msgid "[Setting up matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) (advanced)"
msgstr ""
#: ../../../docs/configuring-playbook.md:119
#: ../../../docs/configuring-playbook.md:117
msgid "[Setting up Synapse Simple Antispam](configuring-playbook-synapse-simple-antispam.md) (advanced)"
msgstr ""
#: ../../../docs/configuring-playbook.md:121
#: ../../../docs/configuring-playbook.md:119
msgid "[Setting up Matrix User Verification Service](configuring-playbook-user-verification-service.md) (advanced)"
msgstr ""
#: ../../../docs/configuring-playbook.md:123
#: ../../../docs/configuring-playbook.md:121
msgid "File Storage"
msgstr ""
#: ../../../docs/configuring-playbook.md:125
#: ../../../docs/configuring-playbook.md:123
msgid "Use alternative file storage to the default `media_store` folder."
msgstr ""
#: ../../../docs/configuring-playbook.md:127
#: ../../../docs/configuring-playbook.md:125
msgid "[Storing Matrix media files using matrix-media-repo](configuring-playbook-matrix-media-repo.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:129
#: ../../../docs/configuring-playbook.md:127
msgid "[Storing Synapse media files on Amazon S3 or another compatible Object Storage](configuring-playbook-s3.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:131
#: ../../../docs/configuring-playbook.md:129
msgid "[Storing Synapse media files on Amazon S3 with Goofys](configuring-playbook-s3-goofys.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:133
#: ../../../docs/configuring-playbook.md:131
msgid "[Storing Synapse media files on Amazon S3 with synapse-s3-storage-provider](configuring-playbook-synapse-s3-storage-provider.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:135
#: ../../../docs/configuring-playbook.md:133
msgid "Bridging other networks"
msgstr ""
#: ../../../docs/configuring-playbook.md:137
#: ../../../docs/configuring-playbook.md:135
msgid "Bridges can be used to connect your Matrix installation with third-party communication networks."
msgstr ""
#: ../../../docs/configuring-playbook.md:139
#: ../../../docs/configuring-playbook.md:137
msgid "[Setting up a Generic Mautrix Bridge](configuring-playbook-bridge-mautrix-bridges.md) — a common guide for configuring mautrix bridges"
msgstr ""
#: ../../../docs/configuring-playbook.md:141
#: ../../../docs/configuring-playbook.md:139
msgid "[Setting up Mautrix Bluesky bridging](configuring-playbook-bridge-mautrix-bluesky.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:143
#: ../../../docs/configuring-playbook.md:141
msgid "[Setting up Mautrix Discord bridging](configuring-playbook-bridge-mautrix-discord.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:145
#: ../../../docs/configuring-playbook.md:143
msgid "[Setting up Mautrix Telegram bridging](configuring-playbook-bridge-mautrix-telegram.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:147
#: ../../../docs/configuring-playbook.md:145
msgid "[Setting up Mautrix Slack bridging](configuring-playbook-bridge-mautrix-slack.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:149
#: ../../../docs/configuring-playbook.md:147
msgid "[Setting up Mautrix Google Messages bridging](configuring-playbook-bridge-mautrix-gmessages.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:151
#: ../../../docs/configuring-playbook.md:149
msgid "[Setting up Mautrix Whatsapp bridging](configuring-playbook-bridge-mautrix-whatsapp.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:153
#: ../../../docs/configuring-playbook.md:151
msgid "[Setting up Instagram bridging via Mautrix Meta](configuring-playbook-bridge-mautrix-meta-instagram.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:155
#: ../../../docs/configuring-playbook.md:153
msgid "[Setting up Messenger bridging via Mautrix Meta](configuring-playbook-bridge-mautrix-meta-messenger.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:157
#: ../../../docs/configuring-playbook.md:155
msgid "[Setting up Mautrix Google Chat bridging](configuring-playbook-bridge-mautrix-googlechat.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:159
#: ../../../docs/configuring-playbook.md:157
msgid "[Setting up Mautrix Twitter bridging](configuring-playbook-bridge-mautrix-twitter.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:161
#: ../../../docs/configuring-playbook.md:159
msgid "[Setting up Mautrix Signal bridging](configuring-playbook-bridge-mautrix-signal.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:163
#: ../../../docs/configuring-playbook.md:161
msgid "[Setting up Mautrix wsproxy for bridging Android SMS or Apple iMessage](configuring-playbook-bridge-mautrix-wsproxy.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:165
#: ../../../docs/configuring-playbook.md:163
msgid "[Setting up Appservice IRC bridging](configuring-playbook-bridge-appservice-irc.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:167
#: ../../../docs/configuring-playbook.md:165
msgid "[Setting up Appservice Discord bridging](configuring-playbook-bridge-appservice-discord.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:169
#: ../../../docs/configuring-playbook.md:167
msgid "[Setting up Appservice Kakaotalk bridging](configuring-playbook-bridge-appservice-kakaotalk.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:171
#: ../../../docs/configuring-playbook.md:169
msgid "[Setting up Beeper LinkedIn bridging](configuring-playbook-bridge-beeper-linkedin.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:173
#: ../../../docs/configuring-playbook.md:171
msgid "[Setting up matrix-hookshot](configuring-playbook-bridge-hookshot.md) — a bridge between Matrix and multiple project management services, such as [GitHub](https://github.com), [GitLab](https://about.gitlab.com) and [JIRA](https://www.atlassian.com/software/jira)."
msgstr ""
#: ../../../docs/configuring-playbook.md:175
#: ../../../docs/configuring-playbook.md:173
msgid "[Setting up MX Puppet GroupMe bridging](configuring-playbook-bridge-mx-puppet-groupme.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:177
#: ../../../docs/configuring-playbook.md:175
msgid "[Setting up Steam bridging](configuring-playbook-bridge-steam.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:179
#: ../../../docs/configuring-playbook.md:177
msgid "[Setting up MX Puppet Steam bridging](configuring-playbook-bridge-mx-puppet-steam.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:181
#: ../../../docs/configuring-playbook.md:179
msgid "[Setting up Postmoogle email bridging](configuring-playbook-bridge-postmoogle.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:183
#: ../../../docs/configuring-playbook.md:181
msgid "[Setting up Matrix SMS bridging](configuring-playbook-bridge-matrix-bridge-sms.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:185
#: ../../../docs/configuring-playbook.md:183
msgid "[Setting up Heisenbridge bouncer-style IRC bridging](configuring-playbook-bridge-heisenbridge.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:187
#: ../../../docs/configuring-playbook.md:185
msgid "[Setting up a Matrix <-> Meshtastic bridge](configuring-playbook-bridge-meshtastic-relay.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:189
#: ../../../docs/configuring-playbook.md:187
msgid "[Setting up WeChat bridging](configuring-playbook-bridge-wechat.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:191
#: ../../../docs/configuring-playbook.md:189
msgid "Bots"
msgstr ""
#: ../../../docs/configuring-playbook.md:193
#: ../../../docs/configuring-playbook.md:191
msgid "Bots provide various additional functionality to your installation."
msgstr ""
#: ../../../docs/configuring-playbook.md:195
#: ../../../docs/configuring-playbook.md:193
msgid "[Setting up baibot](configuring-playbook-bot-baibot.md) — a bot through which you can talk to various [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) services ([OpenAI](https://openai.com/)'s [ChatGPT](https://openai.com/blog/chatgpt/) and [others](https://github.com/etkecc/baibot/blob/main/docs/providers.md))"
msgstr ""
#: ../../../docs/configuring-playbook.md:197
#: ../../../docs/configuring-playbook.md:195
msgid "[Setting up matrix-reminder-bot](configuring-playbook-bot-matrix-reminder-bot.md) — a bot to remind you about stuff"
msgstr ""
#: ../../../docs/configuring-playbook.md:199
#: ../../../docs/configuring-playbook.md:197
msgid "[Setting up matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md) — a bot to create and manage registration tokens to invite users"
msgstr ""
#: ../../../docs/configuring-playbook.md:201
#: ../../../docs/configuring-playbook.md:199
msgid "[Setting up maubot](configuring-playbook-bot-maubot.md) — a plugin-based Matrix bot system"
msgstr ""
#: ../../../docs/configuring-playbook.md:203
#: ../../../docs/configuring-playbook.md:201
msgid "[Setting up Honoroit](configuring-playbook-bot-honoroit.md) — a helpdesk bot"
msgstr ""
#: ../../../docs/configuring-playbook.md:205
#: ../../../docs/configuring-playbook.md:203
msgid "[Setting up Mjolnir](configuring-playbook-bot-mjolnir.md) — a moderation tool/bot"
msgstr ""
#: ../../../docs/configuring-playbook.md:207
#: ../../../docs/configuring-playbook.md:205
msgid "[Setting up Draupnir](configuring-playbook-bot-draupnir.md) — a moderation tool/bot, forked from Mjolnir and maintained by its former leader developer"
msgstr ""
#: ../../../docs/configuring-playbook.md:209
#: ../../../docs/configuring-playbook.md:207
msgid "[Setting up Draupnir for all/D4A](configuring-playbook-appservice-draupnir-for-all.md) — like the [Draupnir bot](configuring-playbook-bot-draupnir.md) mentioned above, but running in appservice mode and supporting multiple instances"
msgstr ""
#: ../../../docs/configuring-playbook.md:211
#: ../../../docs/configuring-playbook.md:209
msgid "[Setting up Buscarron](configuring-playbook-bot-buscarron.md) — a bot you can use to send any form (HTTP POST, HTML) to a (encrypted) Matrix room"
msgstr ""
#: ../../../docs/configuring-playbook.md:213
#: ../../../docs/configuring-playbook.md:211
msgid "Administration"
msgstr ""
#: ../../../docs/configuring-playbook.md:215
#: ../../../docs/configuring-playbook.md:213
msgid "Services that help you in administrating and monitoring your Matrix installation."
msgstr ""
#: ../../../docs/configuring-playbook.md:217
#: ../../../docs/configuring-playbook.md:215
msgid "[Setting up Prometheus Alertmanager integration via matrix-alertmanager-receiver](configuring-playbook-alertmanager-receiver.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:219
#: ../../../docs/configuring-playbook.md:217
msgid "[Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:221
#: ../../../docs/configuring-playbook.md:219
msgid "[Setting up the rageshake bug report server](configuring-playbook-rageshake.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:223
#: ../../../docs/configuring-playbook.md:221
msgid "[Enabling synapse-usage-exporter for Synapse usage statistics](configuring-playbook-synapse-usage-exporter.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:225
#: ../../../docs/configuring-playbook.md:223
msgid "Backups:"
msgstr ""
#: ../../../docs/configuring-playbook.md:226
#: ../../../docs/configuring-playbook.md:224
msgid "[Setting up BorgBackup](configuring-playbook-backup-borg.md) — a full Matrix server backup solution, including the Postgres database"
msgstr ""
#: ../../../docs/configuring-playbook.md:228
#: ../../../docs/configuring-playbook.md:226
msgid "[Setting up Postgres backup](configuring-playbook-postgres-backup.md) — a Postgres-database backup solution (note: does not include other files)"
msgstr ""
#: ../../../docs/configuring-playbook.md:230
#: ../../../docs/configuring-playbook.md:228
msgid "Other specialized services"
msgstr ""
#: ../../../docs/configuring-playbook.md:232
#: ../../../docs/configuring-playbook.md:230
msgid "Various services that don't fit any other categories."
msgstr ""
#: ../../../docs/configuring-playbook.md:234
#: ../../../docs/configuring-playbook.md:232
msgid "[Setting up Element Call](configuring-playbook-element-call.md) — a native Matrix video conferencing application, built on top of the [Matrix RTC stack](configuring-playbook-matrix-rtc.md) (optional)"
msgstr ""
#: ../../../docs/configuring-playbook.md:236
#: ../../../docs/configuring-playbook.md:234
msgid "[Setting up LiveKit JWT Service](configuring-playbook-livekit-jwt-service.md) - a component of the [Matrix RTC stack](configuring-playbook-matrix-rtc.md) (optional)"
msgstr ""
#: ../../../docs/configuring-playbook.md:238
#: ../../../docs/configuring-playbook.md:236
msgid "[Setting up LiveKit Server](configuring-playbook-livekit-server.md) - a component of the [Matrix RTC stack](configuring-playbook-matrix-rtc.md) (optional)"
msgstr ""
#: ../../../docs/configuring-playbook.md:240
#: ../../../docs/configuring-playbook.md:238
msgid "[Setting up Matrix RTC](configuring-playbook-matrix-rtc.md) (optional)"
msgstr ""
#: ../../../docs/configuring-playbook.md:242
#: ../../../docs/configuring-playbook.md:240
msgid "[Setting up synapse-auto-compressor](configuring-playbook-synapse-auto-compressor.md) for compressing the database on Synapse homeservers"
msgstr ""
#: ../../../docs/configuring-playbook.md:244
#: ../../../docs/configuring-playbook.md:242
msgid "[Setting up Matrix Corporal](configuring-playbook-matrix-corporal.md) (advanced)"
msgstr ""
#: ../../../docs/configuring-playbook.md:246
#: ../../../docs/configuring-playbook.md:244
msgid "[Setting up Matrix.to](configuring-playbook-matrixto.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:248
#: ../../../docs/configuring-playbook.md:246
msgid "[Setting up Etherpad](configuring-playbook-etherpad.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:250
#: ../../../docs/configuring-playbook.md:248
msgid "[Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:252
#: ../../../docs/configuring-playbook.md:250
msgid "[Setting up Cactus Comments](configuring-playbook-cactus-comments.md) — a federated comment system built on Matrix"
msgstr ""
#: ../../../docs/configuring-playbook.md:254
#: ../../../docs/configuring-playbook.md:252
msgid "[Setting up Pantalaimon (E2EE aware proxy daemon)](configuring-playbook-pantalaimon.md) (advanced)"
msgstr ""
#: ../../../docs/configuring-playbook.md:256
#: ../../../docs/configuring-playbook.md:254
msgid "[Setting up the Sygnal push gateway](configuring-playbook-sygnal.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:258
#: ../../../docs/configuring-playbook.md:256
msgid "[Setting up the ntfy push notifications server](configuring-playbook-ntfy.md)"
msgstr ""
#: ../../../docs/configuring-playbook.md:260
#: ../../../docs/configuring-playbook.md:258
msgid "Deprecated / unmaintained / removed services"
msgstr ""
#: ../../../docs/configuring-playbook.md:262
#: ../../../docs/configuring-playbook.md:260
msgid "**Note**: since a deprecated or unmaintained service will not be updated, its bug or vulnerability will be unlikely to get patched. It is recommended to migrate from the service to an alternative if any, and make sure to do your own research before you decide to keep it running nonetheless."
msgstr ""
#: ../../../docs/configuring-playbook.md:264
#: ../../../docs/configuring-playbook.md:262
msgid "[Configuring conduwuit](configuring-playbook-conduwuit.md) (removed; this component has been abandoned and unmaintained)"
msgstr ""
#: ../../../docs/configuring-playbook.md:266
#: ../../../docs/configuring-playbook.md:264
msgid "[Setting up the Sliding Sync proxy](configuring-playbook-sliding-sync-proxy.md) for clients which require Sliding Sync support (like old Element X versions, before it got switched to Simplified Sliding Sync)"
msgstr ""
#: ../../../docs/configuring-playbook.md:268
#: ../../../docs/configuring-playbook.md:266
msgid "[Setting up Appservice Slack bridging](configuring-playbook-bridge-appservice-slack.md) (removed; this component has been discontinued)"
msgstr ""
#: ../../../docs/configuring-playbook.md:270
#: ../../../docs/configuring-playbook.md:268
msgid "[Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (deprecated; the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bridge-hookshot.md))"
msgstr ""
#: ../../../docs/configuring-playbook.md:272
#: ../../../docs/configuring-playbook.md:270
msgid "[Setting up the Dimension integration manager](configuring-playbook-dimension.md) ([unmaintained](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2806#issuecomment-1673559299); after [installing](installing.md))"
msgstr ""
#: ../../../docs/configuring-playbook.md:274
#: ../../../docs/configuring-playbook.md:272
msgid "[Setting up Email2Matrix](configuring-playbook-email2matrix.md) (removed; the author suggests taking a look at [Postmoogle](https://github.com/etkecc/postmoogle) as a replacement, which can also be [installed using this playbook](configuring-playbook-bridge-postmoogle.md))"
msgstr ""
#: ../../../docs/configuring-playbook.md:276
#: ../../../docs/configuring-playbook.md:274
msgid "[Setting up Go-NEB](configuring-playbook-bot-go-neb.md) (unmaintained; the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bridge-hookshot.md))"
msgstr ""
#: ../../../docs/configuring-playbook.md:278
#: ../../../docs/configuring-playbook.md:276
msgid "[Setting up Go Skype Bridge bridging](configuring-playbook-bridge-go-skype-bridge.md) (removed; Skype has been discontinued since May 2025)"
msgstr ""
#: ../../../docs/configuring-playbook.md:280
#: ../../../docs/configuring-playbook.md:278
msgid "[Setting up ma1sd Identity Server](configuring-playbook-ma1sd.md) (removed; this component has been unmaintained for a long time, so it has been removed from the playbook.)"
msgstr ""
#: ../../../docs/configuring-playbook.md:282
#: ../../../docs/configuring-playbook.md:280
msgid "[Setting up matrix-bot-chatgpt](configuring-playbook-bot-chatgpt.md) (unmaintained; the bridge's author suggests taking a look at [baibot](https://github.com/etkecc/baibot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bot-baibot.md))"
msgstr ""
#: ../../../docs/configuring-playbook.md:282
msgid "[Setting up matrix-registration](configuring-playbook-matrix-registration.md) (removed; this component has been unmaintained)"
msgstr ""
#: ../../../docs/configuring-playbook.md:284
msgid "[Setting up Mautrix Facebook bridging](configuring-playbook-bridge-mautrix-facebook.md) (deprecated in favor of the Messenger/Instagram bridge with [mautrix-meta-messenger](configuring-playbook-bridge-mautrix-meta-messenger.md))"
msgstr ""
i18n/translation-templates/docs/container-images.pot
+25 -25
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-05-07 11:16+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -332,18 +332,6 @@ msgstr ""
msgid "Proxy that handles Matrix registration requests and forwards them to LDAP"
msgstr ""
#: ../../../docs/container-images.md:0
msgid "[matrix-registration](configuring-playbook-matrix-registration.md)"
msgstr ""
#: ../../../docs/container-images.md:0
msgid "[zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/)"
msgstr ""
#: ../../../docs/container-images.md:0
msgid "Simple python application to have a token based Matrix registration"
msgstr ""
#: ../../../docs/container-images.md:0
msgid "[Matrix User Verification Service](configuring-playbook-user-verification-service.md)"
msgstr ""
@@ -364,11 +352,11 @@ msgstr ""
msgid "Spam checker module"
msgstr ""
#: ../../../docs/container-images.md:75
#: ../../../docs/container-images.md:74
msgid "File Storage"
msgstr ""
#: ../../../docs/container-images.md:77
#: ../../../docs/container-images.md:76
msgid "Use alternative file storage to the default `media_store` folder."
msgstr ""
@@ -400,11 +388,11 @@ msgstr ""
msgid "Highly customizable multi-domain media repository for Matrix. Intended for medium to large deployments, this media repo de-duplicates media while being fully compliant with the specification."
msgstr ""
#: ../../../docs/container-images.md:85
#: ../../../docs/container-images.md:84
msgid "Bridges"
msgstr ""
#: ../../../docs/container-images.md:87
#: ../../../docs/container-images.md:86
msgid "Bridges can be used to connect your Matrix installation with third-party communication networks."
msgstr ""
@@ -684,11 +672,11 @@ msgstr ""
msgid "Email to Matrix bridge"
msgstr ""
#: ../../../docs/container-images.md:115
#: ../../../docs/container-images.md:114
msgid "Bots"
msgstr ""
#: ../../../docs/container-images.md:117
#: ../../../docs/container-images.md:116
msgid "Bots provide various additional functionality to your installation."
msgstr ""
@@ -788,11 +776,11 @@ msgstr ""
msgid "Web forms (HTTP POST) to Matrix"
msgstr ""
#: ../../../docs/container-images.md:130
#: ../../../docs/container-images.md:129
msgid "Administration"
msgstr ""
#: ../../../docs/container-images.md:132
#: ../../../docs/container-images.md:131
msgid "Services that help you in administrating and monitoring your Matrix installation."
msgstr ""
@@ -912,11 +900,11 @@ msgstr ""
msgid "Export the usage statistics of a Synapse homeserver to be scraped by Prometheus."
msgstr ""
#: ../../../docs/container-images.md:148
#: ../../../docs/container-images.md:147
msgid "Misc"
msgstr ""
#: ../../../docs/container-images.md:150
#: ../../../docs/container-images.md:149
msgid "Various services that don't fit any other categories."
msgstr ""
@@ -1056,11 +1044,11 @@ msgstr ""
msgid "A native Matrix video conferencing application"
msgstr ""
#: ../../../docs/container-images.md:168
#: ../../../docs/container-images.md:167
msgid "Container images of deprecated / unmaintained services"
msgstr ""
#: ../../../docs/container-images.md:170
#: ../../../docs/container-images.md:169
msgid "The list of the deprecated or unmaintained services is available [here](configuring-playbook.md#deprecated--unmaintained--removed-services)."
msgstr ""
@@ -1156,6 +1144,18 @@ msgstr ""
msgid "Accessing ChatGPT via your favourite Matrix client"
msgstr ""
#: ../../../docs/container-images.md:0
msgid "[matrix-registration](configuring-playbook-matrix-registration.md)"
msgstr ""
#: ../../../docs/container-images.md:0
msgid "[zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/)"
msgstr ""
#: ../../../docs/container-images.md:0
msgid "Simple python application to have a token based Matrix registration"
msgstr ""
#: ../../../docs/container-images.md:0
msgid "[mautrix-facebook](configuring-playbook-bridge-mautrix-facebook.md)"
msgstr ""
i18n/translation-templates/docs/installing.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-05-07 11:16+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -112,8 +112,8 @@ msgstr ""
msgid "To do the installation **without** starting services, run `ansible-playbook` with the `install-all` tag only:"
msgstr ""
#: ../../../docs/installing.md:70
msgid "[!WARNING] Do not run the just \"recipe\" `just install-all` instead, because it automatically starts services at the end of execution. See: [Difference between playbook tags and shortcuts](just.md#difference-between-playbook-tags-and-shortcuts)"
#: ../../../docs/installing.md:71
msgid "Do not run the just \"recipe\" `just install-all` instead, because it automatically starts services at the end of execution. See: [Difference between playbook tags and shortcuts](just.md#difference-between-playbook-tags-and-shortcuts)"
msgstr ""
#: ../../../docs/installing.md:73
i18n/translation-templates/docs/maintenance-postgres.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -76,8 +76,8 @@ msgstr ""
msgid "You can then proceed to write queries. Example: `SELECT COUNT(*) FROM users;`"
msgstr ""
#: ../../../docs/maintenance-postgres.md:38
msgid "[!WARNING] **Modifying the database directly (especially as services are running) is dangerous and may lead to irreversible database corruption.** When in doubt, consider [making a backup](#backing-up-postgresql)."
#: ../../../docs/maintenance-postgres.md:39
msgid "**Modifying the database directly (especially as services are running) is dangerous and may lead to irreversible database corruption.** When in doubt, consider [making a backup](#backing-up-postgresql)."
msgstr ""
#: ../../../docs/maintenance-postgres.md:41
i18n/translation-templates/docs/maintenance-synapse.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-04-15 09:10+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -60,8 +60,8 @@ msgstr ""
msgid "To make use of this Synapse Admin API, **you'll need an admin access token** first. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md)."
msgstr ""
#: ../../../docs/maintenance-synapse.md:30
msgid "[!WARNING] Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
#: ../../../docs/maintenance-synapse.md:31
msgid "Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
msgstr ""
#: ../../../docs/maintenance-synapse.md:33
i18n/translation-templates/docs/obtaining-access-tokens.pot
+3 -3
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -24,8 +24,8 @@ msgstr ""
msgid "When setting up some optional features like bots and bridges you will need to provide an access token for some user. This document provides documentation on how to obtain such an access token."
msgstr ""
#: ../../../docs/obtaining-access-tokens.md:14
msgid "[!WARNING] Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
#: ../../../docs/obtaining-access-tokens.md:15
msgid "Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
msgstr ""
#: ../../../docs/obtaining-access-tokens.md:17
i18n/translation-templates/docs/registering-users.pot
+27 -35
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-04-03 11:56+0100\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -57,7 +57,7 @@ msgid "Registering users manually"
msgstr ""
#: ../../../docs/registering-users.md:25
#: ../../../docs/registering-users.md:127
#: ../../../docs/registering-users.md:123
msgid "**Notes**:"
msgstr ""
@@ -97,8 +97,8 @@ msgstr ""
msgid "Feel free to register as many users (for friends, family, etc.) as you want. Still, perhaps you should grant full administrative access to your user account only (with `admin=yes`), and others should be created with `admin=no`."
msgstr ""
#: ../../../docs/registering-users.md:54
msgid "[!WARNING] If you're registering users against Matrix Authentication Service, do note that it [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information."
#: ../../../docs/registering-users.md:55
msgid "If you're registering users against Matrix Authentication Service, do note that it [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information."
msgstr ""
#: ../../../docs/registering-users.md:57
@@ -129,8 +129,8 @@ msgstr ""
msgid "This `register-user` script actually invokes the `mas-cli manage register-user` command under the hood. If you'd like more control over the registration process, consider invoking the `mas-cli` command directly:"
msgstr ""
#: ../../../docs/registering-users.md:93
msgid "[!WARNING] Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information."
#: ../../../docs/registering-users.md:94
msgid "Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information."
msgstr ""
#: ../../../docs/registering-users.md:96
@@ -142,97 +142,89 @@ msgid "To manage users and your homeserver more easily (via a web interface), yo
msgstr ""
#: ../../../docs/registering-users.md:100
msgid "Letting certain users register on your private server"
msgstr ""
#: ../../../docs/registering-users.md:102
msgid "If you'd rather **keep your server private** (public registration closed, as is the default), and **let certain people create accounts by themselves** (instead of creating user accounts manually like this), consider installing and making use of [matrix-registration](configuring-playbook-matrix-registration.md)."
msgstr ""
#: ../../../docs/registering-users.md:104
msgid "Enabling public user registration"
msgstr ""
#: ../../../docs/registering-users.md:106
#: ../../../docs/registering-users.md:102
msgid "To **open up user registration publicly** (usually **not recommended**), add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:"
msgstr ""
#: ../../../docs/registering-users.md:108
#: ../../../docs/registering-users.md:104
msgid "For Synapse:"
msgstr ""
#: ../../../docs/registering-users.md:114
#: ../../../docs/registering-users.md:110
msgid "For Dendrite:"
msgstr ""
#: ../../../docs/registering-users.md:120
#: ../../../docs/registering-users.md:116
msgid "After configuring the playbook, run it with [playbook tags](playbook-tags.md) as below:"
msgstr ""
#: ../../../docs/registering-users.md:129
#: ../../../docs/registering-users.md:125
msgid "The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`"
msgstr ""
#: ../../../docs/registering-users.md:131
#: ../../../docs/registering-users.md:127
msgid "`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too."
msgstr ""
#: ../../../docs/registering-users.md:133
#: ../../../docs/registering-users.md:129
msgid "If you're opening up registrations publicly like this, you might also wish to [configure CAPTCHA protection](configuring-captcha.md)."
msgstr ""
#: ../../../docs/registering-users.md:135
#: ../../../docs/registering-users.md:131
msgid "Adding/Removing Administrator privileges to an existing user"
msgstr ""
#: ../../../docs/registering-users.md:137
#: ../../../docs/registering-users.md:133
msgid "Adding/Removing Administrator privileges to an existing user in Synapse"
msgstr ""
#: ../../../docs/registering-users.md:139
#: ../../../docs/registering-users.md:135
msgid "To change the admin privileges for a user in Synapse's local database, you need to run an SQL query like this against the `synapse` database:"
msgstr ""
#: ../../../docs/registering-users.md:145
#: ../../../docs/registering-users.md:141
msgid "where:"
msgstr ""
#: ../../../docs/registering-users.md:147
#: ../../../docs/registering-users.md:143
msgid "`ADMIN_VALUE` being either `0` (regular user) or `1` (admin)"
msgstr ""
#: ../../../docs/registering-users.md:148
#: ../../../docs/registering-users.md:144
msgid "`USER` and `example.com` pointing to a valid user on your server"
msgstr ""
#: ../../../docs/registering-users.md:150
#: ../../../docs/registering-users.md:146
msgid "If you're using the integrated Postgres server and not an [external Postgres server](configuring-playbook-external-postgres.md), you can launch a Postgres into the `synapse` database by:"
msgstr ""
#: ../../../docs/registering-users.md:152
#: ../../../docs/registering-users.md:148
msgid "running `/matrix/postgres/bin/cli` — to launch [`psql`](https://www.postgresql.org/docs/current/app-psql.html)"
msgstr ""
#: ../../../docs/registering-users.md:153
#: ../../../docs/registering-users.md:149
msgid "running `\\c synapse` — to change to the `synapse` database"
msgstr ""
#: ../../../docs/registering-users.md:155
#: ../../../docs/registering-users.md:151
msgid "You can then proceed to run the query above."
msgstr ""
#: ../../../docs/registering-users.md:157
#: ../../../docs/registering-users.md:153
msgid "**Note**: directly modifying the raw data of Synapse (or any other software) could cause the software to break. You've been warned!"
msgstr ""
#: ../../../docs/registering-users.md:159
#: ../../../docs/registering-users.md:155
msgid "Adding/Removing Administrator privileges to an existing user in Matrix Authentication Service"
msgstr ""
#: ../../../docs/registering-users.md:161
#: ../../../docs/registering-users.md:157
msgid "Promoting/demoting a user in Matrix Authentication Service can be done using the [`mas-cli`](./configuring-playbook-matrix-authentication-service.md#management) management tool's [`manage promote-admin`](https://element-hq.github.io/matrix-authentication-service/reference/cli/manage.html#manage-promote-admin) and [`manage demote-admin`](https://element-hq.github.io/matrix-authentication-service/reference/cli/manage.html#manage-demote-admin) commands. For example: `/matrix/matrix-authentication-service/bin/mas-cli manage promote-admin some.username`."
msgstr ""
#: ../../../docs/registering-users.md:163
#: ../../../docs/registering-users.md:159
msgid "You can also do it via the [MAS Admin API](https://element-hq.github.io/matrix-authentication-service/api/index.html)'s `POST /api/admin/v1/users/{id}/set-admin` endpoint."
msgstr ""
i18n/translation-templates/docs/self-building.pot
+19 -23
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-04-03 12:09+0100\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -69,81 +69,77 @@ msgid "`sable`"
msgstr ""
#: ../../../docs/self-building.md:34
msgid "`matrix-registration`"
msgstr ""
#: ../../../docs/self-building.md:35
msgid "`coturn`"
msgstr ""
#: ../../../docs/self-building.md:36
#: ../../../docs/self-building.md:35
msgid "`matrix-corporal`"
msgstr ""
#: ../../../docs/self-building.md:37
#: ../../../docs/self-building.md:36
msgid "`exim-relay`"
msgstr ""
#: ../../../docs/self-building.md:38
#: ../../../docs/self-building.md:37
msgid "`matrix-bridge-hookshot`"
msgstr ""
#: ../../../docs/self-building.md:39
#: ../../../docs/self-building.md:38
msgid "`matrix-bridge-appservice-irc`"
msgstr ""
#: ../../../docs/self-building.md:40
#: ../../../docs/self-building.md:39
msgid "`matrix-bridge-beeper-linkedin`"
msgstr ""
#: ../../../docs/self-building.md:41
#: ../../../docs/self-building.md:40
msgid "`matrix-bridge-mautrix-googlechat`"
msgstr ""
#: ../../../docs/self-building.md:42
#: ../../../docs/self-building.md:41
msgid "`matrix-bridge-mautrix-telegram`"
msgstr ""
#: ../../../docs/self-building.md:43
#: ../../../docs/self-building.md:42
msgid "`matrix-bridge-mautrix-signal`"
msgstr ""
#: ../../../docs/self-building.md:44
#: ../../../docs/self-building.md:43
msgid "`matrix-bridge-mautrix-gmessages`"
msgstr ""
#: ../../../docs/self-building.md:45
#: ../../../docs/self-building.md:44
msgid "`matrix-bridge-mautrix-whatsapp`"
msgstr ""
#: ../../../docs/self-building.md:46
#: ../../../docs/self-building.md:45
msgid "`matrix-bridge-mx-puppet-steam`"
msgstr ""
#: ../../../docs/self-building.md:47
#: ../../../docs/self-building.md:46
msgid "`matrix-bot-mjolnir`"
msgstr ""
#: ../../../docs/self-building.md:48
#: ../../../docs/self-building.md:47
msgid "`matrix-bot-honoroit`"
msgstr ""
#: ../../../docs/self-building.md:49
#: ../../../docs/self-building.md:48
msgid "`matrix-bot-matrix-reminder-bot`"
msgstr ""
#: ../../../docs/self-building.md:50
#: ../../../docs/self-building.md:49
msgid "`matrix-bot-maubot`"
msgstr ""
#: ../../../docs/self-building.md:51
#: ../../../docs/self-building.md:50
msgid "`matrix-pantalaimon`"
msgstr ""
#: ../../../docs/self-building.md:53
#: ../../../docs/self-building.md:52
msgid "Adding self-building support to other roles is welcome. Feel free to contribute!"
msgstr ""
#: ../../../docs/self-building.md:55
#: ../../../docs/self-building.md:54
msgid "If you'd like **to force self-building** even if an image is available for your architecture, look into the `matrix_*_self_build` variables provided by individual roles."
msgstr ""
i18n/translation-templates/docs/uninstalling.pot
+1 -5
View File
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-02-13 10:32+0000\n"
"POT-Creation-Date: 2026-05-19 07:40+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -20,10 +20,6 @@ msgstr ""
msgid "Uninstalling"
msgstr ""
#: ../../../docs/uninstalling.md:11
msgid "[!WARNING]"
msgstr ""
#: ../../../docs/uninstalling.md:12
msgid "If your server federates with others, make sure to **leave any federated rooms before nuking your Matrix server's data**. Otherwise, the next time you set up a Matrix server for this domain (regardless of the installation method you use), you'll encounter trouble federating."
msgstr ""
mise.toml
+1 -1
View File
@@ -3,7 +3,7 @@
# SPDX-License-Identifier: AGPL-3.0-or-later
[tools]
prek = "0.3.13"
prek = "0.4.1"
[settings]
yes = true
requirements.yml
+10 -10
View File
@@ -1,13 +1,13 @@
---
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-aux.git
version: v1.0.0-6
version: v1.0.0-7
name: auxiliary
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git
version: v1.4.4-2.1.4-1
name: backup_borg
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-cinny.git
version: v4.11.1-2
version: v4.12.1-0
name: cinny
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-container-socket-proxy.git
version: v0.4.2-5
@@ -27,7 +27,7 @@
version: 542a2d68db4e9a8e9bb4b508052760b900c7dce6
name: docker_sdk_for_python
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-etherpad.git
version: v2.7.3-0
version: v2.7.2-1
name: etherpad
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git
version: v4.99.1-r0-2-1
@@ -36,13 +36,13 @@
version: v11.6.5-10
name: grafana
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-hydrogen.git
version: v0.5.1-4
version: v0.5.1-5
name: hydrogen
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
version: v10888-1
version: v10978-0
name: jitsi
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server.git
version: v1.11.0-2
version: v1.12.0-0
name: livekit_server
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-ntfy.git
version: v2.22.0-1
@@ -57,7 +57,7 @@
version: dd6e15246b7a9a2d921e0b3f9cd8a4a917a1bb2f
name: playbook_state_preserver
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres.git
version: v18.3-5
version: v18.4-0
name: postgres
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres-backup.git
version: v18-3
@@ -75,7 +75,7 @@
version: v0.19.1-4
name: prometheus_postgres_exporter
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-sable.git
version: v1.15.2-0
version: v1.16.1-0
name: sable
- src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git
version: v1.5.0-0
@@ -87,11 +87,11 @@
version: v1.1.0-1
name: timesync
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git
version: v3.7.0-0
version: v3.7.1-0
name: traefik
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git
version: v2.10.0-7
name: traefik_certs_dumper
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-valkey.git
version: v9.0.4-0
version: v9.1.0-0
name: valkey
roles/custom/matrix-alertmanager-receiver/defaults/main.yml
+1 -1
View File
@@ -11,7 +11,7 @@
matrix_alertmanager_receiver_enabled: true
# renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver
matrix_alertmanager_receiver_version: 2026.5.6
matrix_alertmanager_receiver_version: 2026.5.20
matrix_alertmanager_receiver_scheme: https
roles/custom/matrix-authentication-service/defaults/main.yml
+1 -1
View File
@@ -22,7 +22,7 @@ matrix_authentication_service_container_repo_version: "{{ 'main' if matrix_authe
matrix_authentication_service_container_src_files_path: "{{ matrix_base_data_path }}/matrix-authentication-service/container-src"
# renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service
matrix_authentication_service_version: 1.16.0
matrix_authentication_service_version: 1.17.0
matrix_authentication_service_container_image_registry_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else matrix_authentication_service_container_image_registry_prefix_upstream }}"
matrix_authentication_service_container_image_registry_prefix_upstream: "{{ matrix_authentication_service_container_image_registry_prefix_upstream_default }}"
matrix_authentication_service_container_image_registry_prefix_upstream_default: "ghcr.io/"
roles/custom/matrix-bot-baibot/defaults/main.yml
+1 -1
View File
@@ -17,7 +17,7 @@ matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_versio
matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src"
# renovate: datasource=docker depName=ghcr.io/etkecc/baibot
matrix_bot_baibot_version: v1.18.0
matrix_bot_baibot_version: v1.19.2
matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_registry_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}"
matrix_bot_baibot_container_image_registry_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else matrix_bot_baibot_container_image_registry_prefix_upstream }}"
matrix_bot_baibot_container_image_registry_prefix_upstream: "{{ matrix_bot_baibot_container_image_registry_prefix_upstream_default }}"
roles/custom/matrix-bot-maubot/defaults/main.yml
+5 -2
View File
@@ -23,6 +23,9 @@ matrix_bot_maubot_initial_password: ''
matrix_bot_maubot_scheme: https
matrix_bot_maubot_hostname: ''
# The path at which maubot is exposed.
# This value must either be `/` or not end with a slash (e.g. `/_matrix/maubot`).
matrix_bot_maubot_path_prefix: /_matrix/maubot
matrix_bot_maubot_container_image_self_build: false
@@ -58,9 +61,9 @@ matrix_bot_maubot_container_src_files_path: "{{ matrix_bot_maubot_base_path }}/d
matrix_bot_maubot_customized_container_src_files_path: "{{ matrix_bot_maubot_base_path }}/customized-docker-src"
matrix_bot_maubot_bot_server_public_url: "{{ matrix_bot_maubot_scheme }}://{{ matrix_bot_maubot_hostname }}"
matrix_bot_maubot_bot_server_base_path: "{{ matrix_bot_maubot_path_prefix }}/v1"
matrix_bot_maubot_bot_server_base_path: "{{ '' if matrix_bot_maubot_path_prefix == '/' else matrix_bot_maubot_path_prefix }}/v1"
matrix_bot_maubot_bot_server_ui_base_path: "{{ matrix_bot_maubot_path_prefix }}"
matrix_bot_maubot_bot_server_plugin_base_path: "{{ matrix_bot_maubot_path_prefix }}/plugin/"
matrix_bot_maubot_bot_server_plugin_base_path: "{{ '' if matrix_bot_maubot_path_prefix == '/' else matrix_bot_maubot_path_prefix }}/plugin/"
matrix_bot_maubot_bot_server_appservice_base_path: "{{ matrix_bot_maubot_bot_server_base_path }}"
matrix_bot_maubot_proxy_management_interface: true
roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml
+1 -1
View File
@@ -18,7 +18,7 @@ matrix_mautrix_gmessages_container_image_self_build_repo: "https://github.com/ma
matrix_mautrix_gmessages_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_gmessages_version == 'latest' else matrix_mautrix_gmessages_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/gmessages
matrix_mautrix_gmessages_version: v0.2604.0
matrix_mautrix_gmessages_version: v0.2605.0
# See: https://mau.dev/mautrix/gmessages/container_registry
matrix_mautrix_gmessages_container_image: "{{ matrix_mautrix_gmessages_container_image_registry_prefix }}mautrix/gmessages:{{ matrix_mautrix_gmessages_version }}"
roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml
+1 -1
View File
@@ -20,7 +20,7 @@ matrix_mautrix_meta_instagram_enabled: true
matrix_mautrix_meta_instagram_identifier: matrix-mautrix-meta-instagram
# renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
matrix_mautrix_meta_instagram_version: v0.2604.0
matrix_mautrix_meta_instagram_version: v0.2605.0
matrix_mautrix_meta_instagram_base_path: "{{ matrix_base_data_path }}/mautrix-meta-instagram"
matrix_mautrix_meta_instagram_config_path: "{{ matrix_mautrix_meta_instagram_base_path }}/config"
roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml
+1 -1
View File
@@ -20,7 +20,7 @@ matrix_mautrix_meta_messenger_enabled: true
matrix_mautrix_meta_messenger_identifier: matrix-mautrix-meta-messenger
# renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
matrix_mautrix_meta_messenger_version: v0.2604.0
matrix_mautrix_meta_messenger_version: v0.2605.0
matrix_mautrix_meta_messenger_base_path: "{{ matrix_base_data_path }}/mautrix-meta-messenger"
matrix_mautrix_meta_messenger_config_path: "{{ matrix_mautrix_meta_messenger_base_path }}/config"
roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml
+1 -1
View File
@@ -17,7 +17,7 @@ matrix_mautrix_slack_container_image_self_build_repo: "https://mau.dev/mautrix/s
matrix_mautrix_slack_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_slack_version == 'latest' else matrix_mautrix_slack_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/slack
matrix_mautrix_slack_version: v0.2604.0
matrix_mautrix_slack_version: v0.2605.0
# See: https://mau.dev/mautrix/slack/container_registry
matrix_mautrix_slack_container_image: "{{ matrix_mautrix_slack_container_image_registry_prefix }}mautrix/slack:{{ matrix_mautrix_slack_version }}"
matrix_mautrix_slack_container_image_registry_prefix: "{{ 'localhost/' if matrix_mautrix_slack_container_image_self_build else matrix_mautrix_slack_container_image_registry_prefix_upstream }}"
roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml
+1 -1
View File
@@ -26,7 +26,7 @@ matrix_mautrix_telegram_container_image_self_build_repo: "https://mau.dev/mautri
matrix_mautrix_telegram_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_telegram_version == 'latest' else matrix_mautrix_telegram_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/telegram
matrix_mautrix_telegram_version: v0.2604.0
matrix_mautrix_telegram_version: v0.2605.0
# See: https://mau.dev/mautrix/telegram/container_registry
matrix_mautrix_telegram_container_image: "{{ matrix_mautrix_telegram_container_image_registry_prefix }}mautrix/telegram:{{ matrix_mautrix_telegram_version }}"
roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
+1 -1
View File
@@ -28,7 +28,7 @@ matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautri
matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/whatsapp
matrix_mautrix_whatsapp_version: v0.2604.0
matrix_mautrix_whatsapp_version: v0.2605.0
# See: https://mau.dev/mautrix/whatsapp/container_registry
matrix_mautrix_whatsapp_container_image: "{{ matrix_mautrix_whatsapp_container_image_registry_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"
roles/custom/matrix-client-element/defaults/main.yml
+1 -1
View File
@@ -29,7 +29,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme
matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_facts['memtotal_mb'] < 4096 }}"
# renovate: datasource=docker depName=ghcr.io/element-hq/element-web
matrix_client_element_version: v1.12.17
matrix_client_element_version: v1.12.18
matrix_client_element_container_image: "{{ matrix_client_element_container_image_registry_prefix }}element-hq/element-web:{{ matrix_client_element_version }}"
matrix_client_element_container_image_registry_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_client_element_container_image_registry_prefix_upstream }}"
roles/custom/matrix-continuwuity/defaults/main.yml
+1 -1
View File
@@ -13,7 +13,7 @@ matrix_continuwuity_enabled: true
matrix_continuwuity_hostname: ''
# renovate: datasource=docker depName=forgejo.ellis.link/continuwuation/continuwuity
matrix_continuwuity_version: v0.5.8
matrix_continuwuity_version: v0.5.9
matrix_continuwuity_container_image: "{{ matrix_continuwuity_container_image_registry_prefix }}/continuwuation/continuwuity:{{ matrix_continuwuity_container_image_tag }}"
matrix_continuwuity_container_image_tag: "{{ matrix_continuwuity_version }}"
roles/custom/matrix-element-call/defaults/main.yml
+1 -1
View File
@@ -21,7 +21,7 @@ matrix_element_call_enabled: false
matrix_rtc_enabled: "{{ matrix_element_call_enabled }}"
# renovate: datasource=docker depName=ghcr.io/element-hq/element-call
matrix_element_call_version: v0.19.2
matrix_element_call_version: v0.19.4
matrix_element_call_scheme: https
roles/custom/matrix-rageshake/defaults/main.yml
+1 -1
View File
@@ -24,7 +24,7 @@ matrix_rageshake_path_prefix: /
# There are no stable container image tags yet.
# See: https://github.com/matrix-org/rageshake/issues/69
# renovate: datasource=docker depName=ghcr.io/matrix-org/rageshake
matrix_rageshake_version: 1.17.1
matrix_rageshake_version: 1.18.0
matrix_rageshake_base_path: "{{ matrix_base_data_path }}/rageshake"
matrix_rageshake_config_path: "{{ matrix_rageshake_base_path }}/config"
roles/custom/matrix-registration/defaults/main.yml
-176
View File
@@ -1,176 +0,0 @@
# SPDX-FileCopyrightText: 2020 - 2025 Slavi Pantaleev
# SPDX-FileCopyrightText: 2021 Aaron Raimist
# SPDX-FileCopyrightText: 2021 Ahmad Haghighi
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2022 Nikita Chernyi
# SPDX-FileCopyrightText: 2023 Samuel Meenzen
# SPDX-FileCopyrightText: 2024 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
# matrix-registration is a simple python application to have a token based Matrix registration
# See: https://zeratax.github.io/matrix-registration/
# Project source code URL: https://github.com/ZerataX/matrix-registration
matrix_registration_enabled: true
matrix_registration_scheme: https
matrix_registration_hostname: ''
matrix_registration_path_prefix: /
matrix_registration_container_image_self_build: false
matrix_registration_container_image_self_build_repo: "https://github.com/ZerataX/matrix-registration"
matrix_registration_container_image_self_build_branch: "{{ 'master' if matrix_registration_version == 'latest' else matrix_registration_version }}"
# Controls whether we'll be patching the dependencies in `setup.py` when self-building.
# Without patching, building will likely fail, because of the poor unbounded way dependencies are defined (e.g. `flask-limiter>=1.1.0`).
# This is an attempt to get matrix-registration in its current (outdated) version to build.
matrix_registration_container_image_self_build_python_dependencies_patch_enabled: true
matrix_registration_base_path: "{{ matrix_base_data_path }}/matrix-registration"
matrix_registration_config_path: "{{ matrix_registration_base_path }}/config"
matrix_registration_data_path: "{{ matrix_registration_base_path }}/data"
matrix_registration_container_src_files_path: "{{ matrix_registration_base_path }}/docker-src"
# renovate: datasource=docker depName=zeratax/matrix-registration
matrix_registration_version: "v0.7.2"
matrix_registration_container_image: "{{ matrix_registration_container_image_registry_prefix }}zeratax/matrix-registration:{{ matrix_registration_version }}"
matrix_registration_container_image_registry_prefix: "{{ 'localhost/' if matrix_registration_container_image_self_build else matrix_registration_container_image_registry_prefix_upstream }}"
matrix_registration_container_image_registry_prefix_upstream: "{{ matrix_registration_container_image_registry_prefix_upstream_default }}"
matrix_registration_container_image_registry_prefix_upstream_default: "docker.io/"
matrix_registration_container_network: ""
matrix_registration_container_additional_networks: "{{ matrix_registration_container_additional_networks_auto + matrix_registration_container_additional_networks_custom }}"
matrix_registration_container_additional_networks_auto: []
matrix_registration_container_additional_networks_custom: []
# matrix_registration_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
# See `../templates/labels.j2` for details.
#
# To inject your own other container labels, see `matrix_registration_container_labels_additional_labels`.
matrix_registration_container_labels_traefik_enabled: true
matrix_registration_container_labels_traefik_docker_network: "{{ matrix_registration_container_network }}"
matrix_registration_container_labels_traefik_entrypoints: web-secure
matrix_registration_container_labels_traefik_tls_certResolver: default # noqa var-naming
# Controls whether labels will be added that expose matrix-registration's public endpoints
matrix_registration_container_labels_public_endpoint_enabled: true
matrix_registration_container_labels_public_endpoint_traefik_rule: "Host(`{{ matrix_registration_hostname }}`){% if matrix_registration_path_prefix != '/' %} && PathPrefix(`{{ matrix_registration_path_prefix }}`){% endif %}"
matrix_registration_container_labels_public_endpoint_traefik_priority: 0
matrix_registration_container_labels_public_endpoint_traefik_entrypoints: "{{ matrix_registration_container_labels_traefik_entrypoints }}"
matrix_registration_container_labels_public_endpoint_traefik_tls: "{{ matrix_registration_container_labels_public_endpoint_traefik_entrypoints != 'web' }}"
matrix_registration_container_labels_public_endpoint_traefik_tls_certResolver: "{{ matrix_registration_container_labels_traefik_tls_certResolver }}" # noqa var-naming
# matrix_registration_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
# See `../templates/labels.j2` for details.
#
# Example:
# matrix_registration_container_labels_additional_labels: |
# my.label=1
# another.label="here"
matrix_registration_container_labels_additional_labels: ''
# A list of extra arguments to pass to the container
matrix_registration_container_extra_arguments: []
# List of systemd services that matrix-registration.service depends on
matrix_registration_systemd_required_services_list: "{{ matrix_registration_systemd_required_services_list_default + matrix_registration_systemd_required_services_list_auto + matrix_registration_systemd_required_services_list_custom }}"
matrix_registration_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
matrix_registration_systemd_required_services_list_auto: []
matrix_registration_systemd_required_services_list_custom: []
# List of systemd services that matrix-registration.service wants
matrix_registration_systemd_wanted_services_list: []
# Controls whether the matrix-registration container exposes its HTTP port (tcp/5000 in the container).
#
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8767"), or empty string to not expose.
matrix_registration_container_http_host_bind_port: ''
# Database-related configuration fields.
#
# To use SQLite, stick to these defaults.
#
# To use Postgres:
# - change the engine (`matrix_registration_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_registration_database_*` variables
matrix_registration_database_engine: 'sqlite'
matrix_registration_sqlite_database_path_local: "{{ matrix_registration_data_path }}/db.sqlite3"
matrix_registration_sqlite_database_path_in_container: "/data/db.sqlite3"
matrix_registration_database_username: 'matrix_registration'
matrix_registration_database_password: 'some-password'
matrix_registration_database_hostname: ''
matrix_registration_database_port: 5432
matrix_registration_database_name: 'matrix_registration'
matrix_registration_database_connection_string: 'postgresql://{{ matrix_registration_database_username }}:{{ matrix_registration_database_password }}@{{ matrix_registration_database_hostname }}:{{ matrix_registration_database_port }}/{{ matrix_registration_database_name }}'
# For some reason, matrix-registraiton expects the `db` field to be like this: `sqlite:////data/db.sqlite3`.
# (seems like one too many slashes, but..)
matrix_registration_db: "{{ {
'sqlite': ('sqlite:///' + matrix_registration_sqlite_database_path_in_container),
'postgres': matrix_registration_database_connection_string,
}[matrix_registration_database_engine] }}"
matrix_registration_base_url: "{{ matrix_registration_path_prefix }}"
matrix_registration_api_register_endpoint: "{{ matrix_registration_scheme }}://{{ matrix_registration_hostname }}{{ matrix_registration_base_url }}{{ '' if matrix_registration_base_url == '/' else '/' }}register"
matrix_registration_api_token_endpoint: "{{ matrix_registration_scheme }}://{{ matrix_registration_hostname }}{{ matrix_registration_base_url }}{{ '' if matrix_registration_base_url == '/' else '/' }}token"
matrix_registration_api_validate_certs: true
# The URL to your homeserver (e.g.: `https://matrix.example.com`).
# A local (in-container address) is preferable.
matrix_registration_server_location: ""
matrix_registration_server_name: "{{ matrix_domain }}"
# matrix_registration_shared_secret needs to match the homeserver's registration secret.
# For Synapse, that's the `registration_shared_secret` setting.
matrix_registration_shared_secret: ""
# matrix_registration_admin_secret is your own admin secret for using matrix-registration (creating new tokens, etc.)
matrix_registration_admin_secret: ""
matrix_registration_riot_instance: "https://element.io/app/"
# Default matrix-registration configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it.
#
# For a more advanced customization, you can extend the default (see `matrix_registration_configuration_extension_yaml`)
# or completely replace this variable with your own template.
matrix_registration_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
matrix_registration_configuration_extension_yaml: |
# Your custom YAML configuration for registration goes here.
# This configuration extends the default starting configuration (`matrix_registration_configuration_yaml`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_registration_configuration_yaml`.
#
# Example configuration extension follows:
#
# password:
# min_length: 12
matrix_registration_configuration_extension: "{{ matrix_registration_configuration_extension_yaml | from_yaml if matrix_registration_configuration_extension_yaml | from_yaml is mapping else {} }}"
# Holds the final matrix-registration configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_registration_configuration_yaml`.
matrix_registration_configuration: "{{ matrix_registration_configuration_yaml | from_yaml | combine(matrix_registration_configuration_extension, recursive=True) }}"
# matrix_registration_restart_necessary controls whether the service
# will be restarted (when true) or merely started (when false) by the
# systemd service manager role (when conditional restart is enabled).
#
# This value is automatically computed during installation based on whether
# any configuration files, the systemd service file, or the container image changed.
# The default of `false` means "no restart needed" — appropriate when the role's
# installation tasks haven't run (e.g., due to --tags skipping them).
matrix_registration_restart_necessary: false
roles/custom/matrix-registration/tasks/generate_token.yml
-57
View File
@@ -1,57 +0,0 @@
# SPDX-FileCopyrightText: 2020 - 2022 Slavi Pantaleev
# SPDX-FileCopyrightText: 2022 Marko Weltzer
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Fail if playbook called incorrectly
ansible.builtin.fail:
msg: "The `one_time` variable needs to be provided to this playbook, via --extra-vars"
when: "one_time is not defined or one_time not in ['yes', 'no']"
- name: Fail if playbook called incorrectly
ansible.builtin.fail:
msg: "The `ex_date` variable (expiration date) needs to be provided to this playbook, via --extra-vars"
when: "ex_date is not defined or ex_date == '<date>'"
- name: Call matrix-registration token creation API
ansible.builtin.uri:
url: "{{ matrix_registration_api_token_endpoint }}"
follow_redirects: none
validate_certs: "{{ matrix_registration_api_validate_certs }}"
headers:
Content-Type: application/json
Authorization: "SharedSecret {{ matrix_registration_admin_secret }}"
method: POST
body_format: json
body: |
{
"one_time": {{ 'true' if one_time == 'yes' else 'false' }},
"ex_date": {{ ex_date | to_json }}
}
check_mode: false
register: matrix_registration_api_result
- ansible.builtin.set_fact:
matrix_registration_api_result_message: >-
matrix-registration result:
Direct registration link (with the token prefilled):
{{ matrix_registration_api_register_endpoint }}?token={{ matrix_registration_api_result.json.name }}
Full token details are:
{{ matrix_registration_api_result.json }}
check_mode: false
- name: Inject result message into devture_playbook_runtime_messages_list
ansible.builtin.set_fact:
devture_playbook_runtime_messages_list: |
{{
devture_playbook_runtime_messages_list | default([])
+
[matrix_registration_api_result_message]
}}
check_mode: false
roles/custom/matrix-registration/tasks/list_tokens.yml
-37
View File
@@ -1,37 +0,0 @@
# SPDX-FileCopyrightText: 2021 MDAD project contributors
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2022 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Call matrix-registration list all tokens API
ansible.builtin.uri:
url: "{{ matrix_registration_api_token_endpoint }}"
follow_redirects: none
validate_certs: "{{ matrix_registration_api_validate_certs }}"
headers:
Content-Type: application/json
Authorization: "SharedSecret {{ matrix_registration_admin_secret }}"
method: GET
body_format: json
check_mode: false
register: matrix_registration_api_result
- ansible.builtin.set_fact:
matrix_registration_api_result_message: >-
matrix-registration result:
{{ matrix_registration_api_result.json | to_nice_json }}
check_mode: false
- name: Inject result message into devture_playbook_runtime_messages_list
ansible.builtin.set_fact:
devture_playbook_runtime_messages_list: |
{{
devture_playbook_runtime_messages_list | default([])
+
[matrix_registration_api_result_message]
}}
check_mode: false
roles/custom/matrix-registration/tasks/main.yml
-38
View File
@@ -1,38 +0,0 @@
# SPDX-FileCopyrightText: 2020 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2021 MDAD project contributors
# SPDX-FileCopyrightText: 2022 Marko Weltzer
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- tags:
- setup-all
- setup-matrix-registration
- install-all
- install-matrix-registration
block:
- when: matrix_registration_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
- when: matrix_registration_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
- tags:
- setup-all
- setup-matrix-registration
block:
- when: not matrix_registration_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
- tags:
- generate-matrix-registration-token
block:
- when: matrix_registration_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/generate_token.yml"
- tags:
- list-matrix-registration-tokens
block:
- when: matrix_registration_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/list_tokens.yml"
roles/custom/matrix-registration/tasks/setup_install.yml
-149
View File
@@ -1,149 +0,0 @@
# SPDX-FileCopyrightText: 2020 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2020 Stuart Mumford
# SPDX-FileCopyrightText: 2022 Jim Myhrberg
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2022 Nikita Chernyi
# SPDX-FileCopyrightText: 2022 Sebastian Gumprich
# SPDX-FileCopyrightText: 2024 David Mehren
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- ansible.builtin.set_fact:
matrix_registration_migration_requires_restart: false
- when: "matrix_registration_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_registration_sqlite_database_path_local }}"
register: matrix_registration_sqlite_database_path_local_stat_result
- when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.include_role:
name: galaxy/postgres
tasks_from: migrate_db_to_postgres
vars:
postgres_db_migration_request:
src: "{{ matrix_registration_sqlite_database_path_local }}"
dst: "{{ matrix_registration_database_connection_string }}"
caller: "{{ role_path | basename }}"
engine_variable_name: 'matrix_registration_database_engine'
engine_old: 'sqlite'
systemd_services_to_stop: ['matrix-registration.service']
# pgloader makes `ex_date` of type `TIMESTAMP WITH TIMEZONE`,
# which makes matrix-registration choke on it later on when comparing dates.
additional_psql_statements_list:
- ALTER TABLE tokens ALTER COLUMN ex_date TYPE TIMESTAMP WITHOUT TIME ZONE;
additional_psql_statements_db_name: "{{ matrix_registration_database_name }}"
- ansible.builtin.set_fact:
matrix_registration_migration_requires_restart: true
- name: Ensure matrix-registration paths exist
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
mode: '0750'
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
with_items:
- {path: "{{ matrix_registration_base_path }}", when: true}
- {path: "{{ matrix_registration_config_path }}", when: true}
- {path: "{{ matrix_registration_data_path }}", when: true}
- {path: "{{ matrix_registration_container_src_files_path }}", when: "{{ matrix_registration_container_image_self_build }}"}
when: "item.when | bool"
- name: Ensure matrix-registration image is pulled
community.docker.docker_image_pull:
name: "{{ matrix_registration_container_image }}"
pull: always
when: "not matrix_registration_container_image_self_build | bool"
register: matrix_registration_container_image_pull_result
retries: "{{ devture_playbook_help_container_retries_count }}"
delay: "{{ devture_playbook_help_container_retries_delay }}"
until: matrix_registration_container_image_pull_result is not failed
- name: Ensure matrix-registration repository is present when self-building
ansible.builtin.git:
repo: "{{ matrix_registration_container_image_self_build_repo }}"
dest: "{{ matrix_registration_container_src_files_path }}"
version: "{{ matrix_registration_container_image_self_build_branch }}"
force: "yes"
become: true
become_user: "{{ matrix_user_name }}"
register: matrix_registration_git_pull_results
when: "matrix_registration_container_image_self_build | bool"
# See: https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1864
- name: Patch setup.py to allow self-built version to work
ansible.builtin.lineinfile:
path: "{{ matrix_registration_container_src_files_path }}/setup.py"
regexp: 'flask-limiter'
line: '"flask-limiter~=1.1.0", "Markupsafe<2.1",'
when: "matrix_registration_container_image_self_build | bool and matrix_registration_container_image_self_build_python_dependencies_patch_enabled | bool"
- name: Ensure matrix-registration Docker image is built
community.docker.docker_image_build:
name: "{{ matrix_registration_container_image }}"
dockerfile: Dockerfile
path: "{{ matrix_registration_container_src_files_path }}"
pull: true
rebuild: "{{ 'always' if matrix_registration_git_pull_results.changed | bool else 'never' }}"
when: "matrix_registration_container_image_self_build | bool"
register: matrix_registration_container_image_build_result
- name: Ensure matrix-registration config installed
ansible.builtin.copy:
content: "{{ matrix_registration_configuration | to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_registration_config_path }}/config.yaml"
mode: '0644'
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
register: matrix_registration_config_result
- name: Ensure matrix-registration support files installed
ansible.builtin.template:
src: "{{ role_path }}/templates/{{ item }}.j2"
dest: "{{ matrix_registration_base_path }}/{{ item }}"
mode: '0640'
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
with_items:
- labels
register: matrix_registration_support_files_result
- name: Ensure matrix-registration container network is created
community.general.docker_network:
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_registration_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-registration.service installed
ansible.builtin.template:
src: "{{ role_path }}/templates/systemd/matrix-registration.service.j2"
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-registration.service"
mode: '0644'
register: matrix_registration_systemd_service_result
- name: Determine whether matrix-registration needs a restart
ansible.builtin.set_fact:
matrix_registration_restart_necessary: >-
{{
matrix_registration_migration_requires_restart | default(false)
or matrix_registration_config_result.changed | default(false)
or matrix_registration_support_files_result.changed | default(false)
or matrix_registration_systemd_service_result.changed | default(false)
or matrix_registration_container_image_pull_result.changed | default(false)
or matrix_registration_container_image_build_result.changed | default(false)
}}
- name: Ensure matrix-registration.service restarted, if necessary
ansible.builtin.service:
name: "matrix-registration.service"
state: restarted
daemon_reload: true
when: "matrix_registration_migration_requires_restart | bool"
roles/custom/matrix-registration/tasks/setup_uninstall.yml
-26
View File
@@ -1,26 +0,0 @@
# SPDX-FileCopyrightText: 2020 - 2022 Slavi Pantaleev
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2022 Sebastian Gumprich
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Check existence of matrix-registration service
ansible.builtin.stat:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-registration.service"
register: matrix_registration_service_stat
- when: matrix_registration_service_stat.stat.exists | bool
block:
- name: Ensure matrix-registration is stopped
ansible.builtin.service:
name: matrix-registration
state: stopped
enabled: false
daemon_reload: true
- name: Ensure matrix-registration.service doesn't exist
ansible.builtin.file:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-registration.service"
state: absent
roles/custom/matrix-registration/tasks/validate_config.yml
-37
View File
@@ -1,37 +0,0 @@
# SPDX-FileCopyrightText: 2020 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: (Deprecation) Catch and report renamed settings
ansible.builtin.fail:
msg: >-
Your configuration contains a variable, which now has a different name.
Please rename the variable (`{{ item.old }}` -> `{{ item.new }}`) on your configuration file (vars.yml).
when: "lookup('ansible.builtin.varnames', ('^' + item.old + '$'), wantlist=True) | length > 0"
with_items:
- {'old': 'matrix_registration_docker_repo', 'new': 'matrix_registration_container_image_self_build_repo'}
- {'old': 'matrix_registration_public_endpoint', 'new': 'matrix_registration_path_prefix'}
- {'old': 'matrix_registration_docker_image', 'new': 'matrix_registration_container_image'}
- {'old': 'matrix_registration_docker_image_force_pull', 'new': 'matrix_registration_container_image_force_pull'}
- {'old': 'matrix_registration_docker_image_registry_prefix', 'new': 'matrix_registration_container_image_registry_prefix'}
- {'old': 'matrix_registration_docker_image_registry_prefix_upstream', 'new': 'matrix_registration_container_image_registry_prefix_upstream'}
- {'old': 'matrix_registration_docker_image_registry_prefix_upstream_default', 'new': 'matrix_registration_container_image_registry_prefix_upstream_default'}
- {'old': 'matrix_registration_docker_src_files_path', 'new': 'matrix_registration_container_src_files_path'}
- {'old': 'matrix_registration_container_image_force_pull', 'new': '<removed> (the new community.docker.docker_image_pull module handles this natively)'}
- name: Fail if required matrix-registration settings not defined
ansible.builtin.fail:
msg: >
You need to define a required configuration setting (`{{ item.name }}`).
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
with_items:
- {'name': 'matrix_registration_hostname', when: true}
- {'name': 'matrix_registration_path_prefix', when: true}
- {'name': 'matrix_registration_container_network', when: true}
- {'name': 'matrix_registration_shared_secret', when: true}
- {'name': 'matrix_registration_admin_secret', when: true}
- {'name': 'matrix_registration_server_location', when: true}
- {'name': 'matrix_registration_database_hostname', when: "{{ matrix_registration_database_engine == 'postgres' }}"}
roles/custom/matrix-registration/templates/config.yaml.j2
-37
View File
@@ -1,37 +0,0 @@
{#
SPDX-FileCopyrightText: 2020 - 2022 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later
#}
server_location: {{ matrix_registration_server_location|to_json }}
server_name: {{ matrix_registration_server_name|to_json }}
shared_secret: {{ matrix_registration_shared_secret|to_json }}
admin_secret: {{ matrix_registration_admin_secret|to_json }}
riot_instance: {{ matrix_registration_riot_instance|to_json }}
db: {{ matrix_registration_db|to_json }}
host: '0.0.0.0'
port: 5000
rate_limit: ["100 per day", "10 per minute"]
allow_cors: false
logging:
disable_existing_loggers: False
version: 1
root:
level: DEBUG
handlers: [console]
formatters:
brief:
format: '%(name)s - %(levelname)s - %(message)s'
precise:
format: '%(asctime)s - %(name)s - %(levelname)s - %(message)s'
handlers:
console:
class: logging.StreamHandler
level: INFO
formatter: brief
stream: ext://sys.stdout
# password requirements
password:
min_length: 8
base_url: {{ matrix_registration_base_url|to_json }}
roles/custom/matrix-registration/templates/labels.j2
-69
View File
@@ -1,69 +0,0 @@
{#
SPDX-FileCopyrightText: 2024 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later
#}
{% if matrix_registration_container_labels_traefik_enabled %}
traefik.enable=true
{% if matrix_registration_container_labels_traefik_docker_network %}
traefik.docker.network={{ matrix_registration_container_labels_traefik_docker_network }}
{% endif %}
traefik.http.services.matrix-registration.loadbalancer.server.port=5000
{% if matrix_registration_container_labels_public_endpoint_enabled %}
############################################################
# #
# Public (e.g. /matrix-registration) #
# #
############################################################
{% set middlewares = [] %}
{% if matrix_registration_path_prefix != '/' %}
traefik.http.middlewares.matrix-registration-slashless-redirect-slashless.redirectregex.regex=({{ matrix_registration_path_prefix | quote }})$
traefik.http.middlewares.matrix-registration-slashless-redirect-slashless.redirectregex.replacement=${1}/
{% set middlewares = middlewares + ['matrix-registration-slashless-redirect-slashless'] %}
{% endif %}
# matrix-registration serves nothing at the root URL, so we redirect to /register instead.
traefik.http.middlewares.matrix-registration-slashless-redirect-root.redirectregex.regex=({{ matrix_registration_path_prefix | quote }}{{ '' if matrix_registration_path_prefix == '/' else '/' }})$
traefik.http.middlewares.matrix-registration-slashless-redirect-root.redirectregex.replacement=${1}register
{% set middlewares = middlewares + ['matrix-registration-slashless-redirect-root'] %}
{% if matrix_registration_path_prefix != '/' %}
traefik.http.middlewares.matrix-registration-strip-prefix.stripprefix.prefixes={{ matrix_registration_path_prefix }}
{% set middlewares = middlewares + ['matrix-registration-strip-prefix'] %}
{% endif %}
traefik.http.routers.matrix-registration-public.rule={{ matrix_registration_container_labels_public_endpoint_traefik_rule }}
{% if middlewares | length > 0 %}
traefik.http.routers.matrix-registration-public.middlewares={{ middlewares | join(',') }}
{% endif %}
{% if matrix_registration_container_labels_public_endpoint_traefik_priority | int > 0 %}
traefik.http.routers.matrix-registration-public.priority={{ matrix_registration_container_labels_public_endpoint_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-registration-public.service=matrix-registration
traefik.http.routers.matrix-registration-public.entrypoints={{ matrix_registration_container_labels_public_endpoint_traefik_entrypoints }}
traefik.http.routers.matrix-registration-public.tls={{ matrix_registration_container_labels_public_endpoint_traefik_tls | to_json }}
{% if matrix_registration_container_labels_public_endpoint_traefik_tls %}
traefik.http.routers.matrix-registration-public.tls.certResolver={{ matrix_registration_container_labels_public_endpoint_traefik_tls_certResolver }}
{% endif %}
############################################################
# #
# /Public (e.g. /matrix-registration) #
# #
############################################################
{% endif %}
{% endif %}
{{ matrix_registration_container_labels_additional_labels }}
roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2
-51
View File
@@ -1,51 +0,0 @@
#jinja2: lstrip_blocks: True
[Unit]
Description=matrix-registration
{% for service in matrix_registration_systemd_required_services_list %}
Requires={{ service }}
After={{ service }}
{% endfor %}
{% for service in matrix_registration_systemd_wanted_services_list %}
Wants={{ service }}
{% endfor %}
DefaultDependencies=no
[Service]
Type=simple
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-registration 2>/dev/null || true'
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true'
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
--rm \
--name=matrix-registration \
--log-driver=none \
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--network={{ matrix_registration_container_network }} \
{% if matrix_registration_container_http_host_bind_port %}
-p {{ matrix_registration_container_http_host_bind_port }}:5000 \
{% endif %}
--mount type=bind,src={{ matrix_registration_config_path }},dst=/config,ro \
--mount type=bind,src={{ matrix_registration_data_path }},dst=/data \
--label-file={{ matrix_registration_base_path }}/labels \
{% for arg in matrix_registration_container_extra_arguments %}
{{ arg }} \
{% endfor %}
{{ matrix_registration_container_image }} \
serve
{% for network in matrix_registration_container_additional_networks %}
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-registration
{% endfor %}
ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-registration
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-registration 2>/dev/null || true'
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-registration
[Install]
WantedBy=multi-user.target
roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2.license
-3
View File
@@ -1,3 +0,0 @@
SPDX-FileCopyrightText: 2020 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-synapse/defaults/main.yml
+3 -3
View File
@@ -16,7 +16,7 @@ matrix_synapse_enabled: true
matrix_synapse_github_org_and_repo: element-hq/synapse
# renovate: datasource=docker depName=ghcr.io/element-hq/synapse
matrix_synapse_version: v1.152.0
matrix_synapse_version: v1.153.0
matrix_synapse_username: ''
matrix_synapse_uid: ''
@@ -1616,7 +1616,7 @@ matrix_synapse_ext_encryption_config_yaml: |
# Enabling this will enable customizations and inject the appropriate Dockerfile clauses for installing synapse-s3-storage-provider.
matrix_synapse_ext_synapse_s3_storage_provider_enabled: false
# renovate: datasource=github-releases depName=matrix-org/synapse-s3-storage-provider
matrix_synapse_ext_synapse_s3_storage_provider_version: 1.6.0
matrix_synapse_ext_synapse_s3_storage_provider_version: 1.6.1
# Controls whether media from this (local) server is stored in s3-storage-provider
matrix_synapse_ext_synapse_s3_storage_provider_store_local: true
# Controls whether media from remote servers is stored in s3-storage-provider
@@ -1844,7 +1844,7 @@ matrix_synapse_register_user_script_matrix_authentication_service_path: ""
matrix_synapse_reverse_proxy_companion_enabled: "{{ matrix_synapse_enabled and matrix_synapse_workers_enabled }}"
# renovate: datasource=docker depName=nginx
matrix_synapse_reverse_proxy_companion_version: 1.30.0-alpine
matrix_synapse_reverse_proxy_companion_version: 1.31.0-alpine
matrix_synapse_reverse_proxy_companion_base_path: "{{ matrix_synapse_base_path }}/reverse-proxy-companion"
matrix_synapse_reverse_proxy_companion_confd_path: "{{ matrix_synapse_reverse_proxy_companion_base_path }}/conf.d"
roles/custom/matrix-tuwunel/defaults/main.yml
+15 -3
View File
@@ -1,5 +1,5 @@
# SPDX-FileCopyrightText: 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2026 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
@@ -13,7 +13,7 @@ matrix_tuwunel_enabled: true
matrix_tuwunel_hostname: ''
# renovate: datasource=docker depName=ghcr.io/matrix-construct/tuwunel
matrix_tuwunel_version: v1.6.1
matrix_tuwunel_version: v1.7.0
matrix_tuwunel_container_image: "{{ matrix_tuwunel_container_image_registry_prefix }}matrix-construct/tuwunel:{{ matrix_tuwunel_container_image_tag }}"
matrix_tuwunel_container_image_tag: "{{ matrix_tuwunel_version }}"
@@ -177,6 +177,18 @@ matrix_tuwunel_config_forbidden_remote_server_names: []
matrix_tuwunel_config_forbidden_remote_room_directory_server_names: []
matrix_tuwunel_config_prevent_media_downloads_from: []
# MSC4284 policy server enforcement.
# When enabled, rooms with a valid `m.room.policy` state event will have
# outgoing events signed by the configured policy server before federation.
# Refusal aborts the local request; transient network or timeout failures
# fail open with a warn log so a policy-server outage does not silently
# take the room offline.
matrix_tuwunel_config_enable_policy_servers: false
# Timeout (in seconds) for outbound `/sign` calls and inbound
# signature-fetches against a room's policy server.
matrix_tuwunel_config_policy_server_request_timeout: 5
# Outgoing presence is heavy on CPU and network and almost no clients use it. Off by default.
matrix_tuwunel_config_allow_outgoing_presence: false
roles/custom/matrix-tuwunel/tasks/install.yml
+2 -2
View File
@@ -1,5 +1,5 @@
# SPDX-FileCopyrightText: 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2026 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-tuwunel/tasks/main.yml
+2 -2
View File
@@ -1,5 +1,5 @@
# SPDX-FileCopyrightText: 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2026 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-tuwunel/tasks/migrate_from_conduwuit.yml
+2 -2
View File
@@ -1,5 +1,5 @@
# SPDX-FileCopyrightText: 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2026 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-tuwunel/tasks/self_check_client_api.yml
+2 -2
View File
@@ -1,5 +1,5 @@
# SPDX-FileCopyrightText: 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2026 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-tuwunel/tasks/self_check_federation_api.yml
+2 -2
View File
@@ -1,5 +1,5 @@
# SPDX-FileCopyrightText: 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2026 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-tuwunel/tasks/setup_install.yml
+2 -2
View File
@@ -1,5 +1,5 @@
# SPDX-FileCopyrightText: 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2026 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-tuwunel/tasks/setup_uninstall.yml
+2 -2
View File
@@ -1,5 +1,5 @@
# SPDX-FileCopyrightText: 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2026 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-tuwunel/tasks/uninstall.yml
+2 -2
View File
@@ -1,5 +1,5 @@
# SPDX-FileCopyrightText: 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2026 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-tuwunel/tasks/validate_config.yml
+2 -2
View File
@@ -1,5 +1,5 @@
# SPDX-FileCopyrightText: 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2026 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-tuwunel/templates/env.j2.license
+2 -2
View File
@@ -1,4 +1,4 @@
SPDX-FileCopyrightText: 2026 MDAD project contributors
SPDX-FileCopyrightText: 2026 Slavi Pantaleev
SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-tuwunel/templates/labels.j2
+2 -2
View File
@@ -1,6 +1,6 @@
{#
SPDX-FileCopyrightText: 2026 MDAD project contributors
SPDX-FileCopyrightText: 2026 Slavi Pantaleev
SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later
#}
roles/custom/matrix-tuwunel/templates/systemd/matrix-tuwunel.service.j2.license
+2 -2
View File
@@ -1,4 +1,4 @@
SPDX-FileCopyrightText: 2026 MDAD project contributors
SPDX-FileCopyrightText: 2026 Slavi Pantaleev
SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-tuwunel/templates/tuwunel.toml.j2
+5 -2
View File
@@ -1,6 +1,6 @@
{#
SPDX-FileCopyrightText: 2026 MDAD project contributors
SPDX-FileCopyrightText: 2026 Slavi Pantaleev
SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later
#}
@@ -57,6 +57,9 @@ forbidden_remote_room_directory_server_names = {{ matrix_tuwunel_config_forbidde
prevent_media_downloads_from = {{ matrix_tuwunel_config_prevent_media_downloads_from | to_json }}
{% endif %}
enable_policy_servers = {{ matrix_tuwunel_config_enable_policy_servers | to_json }}
policy_server_request_timeout = {{ matrix_tuwunel_config_policy_server_request_timeout }}
allow_outgoing_presence = {{ matrix_tuwunel_config_allow_outgoing_presence | to_json }}
{% if matrix_tuwunel_config_url_preview_domain_contains_allowlist | length > 0 %}
roles/custom/matrix-tuwunel/vars/main.yml
+2 -2
View File
@@ -1,5 +1,5 @@
# SPDX-FileCopyrightText: 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2026 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
roles/custom/matrix-user-verification-service/defaults/main.yml
+1 -1
View File
@@ -18,7 +18,7 @@ matrix_user_verification_service_enabled: true
matrix_user_verification_service_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_user_verification_service_container_image_self_build_repo: "https://github.com/matrix-org/matrix-user-verification-service"
matrix_user_verification_service_container_image_self_build_branch: "{{ 'master' if matrix_registration_version == 'latest' else matrix_user_verification_service_version }}"
matrix_user_verification_service_container_image_self_build_branch: "{{ matrix_user_verification_service_version }}"
# renovate: datasource=docker depName=matrixdotorg/matrix-user-verification-service
matrix_user_verification_service_version: "v3.0.0"
roles/custom/matrix_playbook_migration/defaults/main.yml
+4 -1
View File
@@ -14,10 +14,13 @@ matrix_playbook_migration_validated_version: ''
# The version that the playbook expects the user to have validated against.
# This is bumped whenever a breaking change is introduced.
# The value configured here needs to exist in `matrix_playbook_migration_breaking_changes` as well.
matrix_playbook_migration_expected_version: "v2026.04.24.0"
matrix_playbook_migration_expected_version: "v2026.05.18.0"
# A list of breaking changes, used to inform users what changed between their validated version and the expected version.
matrix_playbook_migration_breaking_changes:
- version: "v2026.05.18.0"
summary: "LiveKit Server has been upgraded to v1.12.0 — TURN no longer relays to restricted peer CIDRs (loopback, link-local, multicast, private, unspecified) by default; TURN credentials now carry a TTL (300s)"
changelog_url: "https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#2026-05-18"
- version: "v2026.04.24.0"
summary: "(BC Break) mautrix-telegram has been rewritten in Go (bridgev2) — the web-based login endpoint, old-style relaybot and several variables have been removed"
changelog_url: "https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#2026-04-24"
roles/custom/matrix_playbook_migration/tasks/validate_config.yml
+12
View File
@@ -820,6 +820,18 @@
The following variables in your configuration need to be removed: {{ lookup('ansible.builtin.varnames', '^matrix_go_skype_bridge_.+', wantlist=True) | join(', ') }}
when: "lookup('ansible.builtin.varnames', '^matrix_go_skype_bridge_.+', wantlist=True) | length > 0"
- name: (Deprecation) Catch and report matrix-registration variables
ansible.builtin.fail:
msg: |-
The matrix-registration service was completely removed from the playbook in May 2026.
Please remove all `matrix_registration_*` variables from your configuration file (vars.yml).
You may also wish to uninstall the component manually. See `docs/configuring-playbook-matrix-registration.md` for more information.
The following variables in your configuration need to be removed: {{ lookup('ansible.builtin.varnames', '^matrix_registration_.+', wantlist=True) | join(', ') }}
when: "lookup('ansible.builtin.varnames', '^matrix_registration_.+', wantlist=True) | length > 0"
- name: (Deprecation) Catch and report the Sliding Sync proxy variables
ansible.builtin.fail:
msg: |-
setup.yml
-1
View File
@@ -106,7 +106,6 @@
- galaxy/prometheus
- galaxy/grafana
- custom/matrix-prometheus-services-connect
- custom/matrix-registration
- custom/matrix-client-element
- custom/matrix-client-commet
- galaxy/hydrogen