Update forgejo.ellis.link/continuwuation/continuwuity Docker tag to v0.5.10

Ketesa v1.3.0 <https://github.com/etkecc/ketesa/releases/tag/v1.3.0 >
Gate Continuwuity ReCAPTCHA config on both keys being configured
2026-06-20 23:33:28 +03:00 · 2026-06-20 21:15:40 +03:00 · 2026-06-19 19:56:25 +01:00 · 2026-06-19 06:24:06 +03:00 · 2026-06-19 05:51:12 +03:00 · 2026-06-18 10:10:27 +03:00
201 changed files with 2550 additions and 3914 deletions
@@ -25,6 +25,13 @@
 				"https://github.com/devture/com.devture.ansible.role{/,}**",
 				"https://github.com/mother-of-all-self-hosting{/,}**"
 			]
 		},
 		{
 			"description": "mautrix images are dual-tagged (v0.YYMM.PATCH and vYY.MM[.PATCH]). Stick to the v0 scheme: it matches the git tags (needed for self-building) and has a consistent number of components (the calver tags do not, which makes Renovate stop offering updates).",
 			"matchPackageNames": [
 				"dock.mau.dev/mautrix/**"
 			],
 			"allowedVersions": "/^v0\\./"
 		}
 	],
 	"pre-commit": {
@@ -26,7 +26,7 @@ jobs:
        run: pacman -Sy --noconfirm git
      - name: Check out
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
      - name: Restore prek cache
        uses: actions/cache@v5
@@ -24,7 +24,7 @@ jobs:
    name: Update translations
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v7
      - uses: actions/setup-python@v6
        with:
@@ -32,7 +32,7 @@ jobs:
      # Setting up recommended prerequisites
      # See: i18n/README.md
-      - uses: astral-sh/setup-uv@v8.1.0
+      - uses: astral-sh/setup-uv@v8.2.0
      - uses: extractions/setup-just@v4
      # TODO: optimize when we start publishing translations and integrate a Weblate instance
@@ -1,3 +1,19 @@
 # 2026-05-24
 ## matrix-ldap-registration-proxy has been removed from the playbook
 The [matrix-ldap-registration-proxy](./docs/configuring-playbook-matrix-ldap-registration-proxy.md) service has been removed from the playbook, as the source code and the container image have become unavailable.
 The playbook will let you know if you're using any `matrix_ldap_registration_proxy_*` variables. You'll need to remove them from `vars.yml` and potentially [uninstall the component manually](./docs/configuring-playbook-matrix-ldap-registration-proxy.md#uninstalling-the-component-manually).
 # 2026-05-23
 ## Go-NEB has been removed from the playbook
 [Go-NEB](./docs/configuring-playbook-bot-go-neb.md) has been removed from the playbook, as it has been discontinued since June 2023.
 The playbook will let you know if you're using any `matrix_bot_go_neb_*` variables. You'll need to remove them from `vars.yml` and potentially [uninstall the bot manually](./docs/configuring-playbook-bot-go-neb.md#uninstalling-go-neb-manually).
 # 2026-05-19
 ## matrix-registration has been removed from the playbook
@@ -65,7 +65,7 @@ Web clients for Matrix that you can host on your own domains.
 | [Element Web](https://github.com/element-hq/element-web) | ✅ | Default Matrix web client, configured to connect to your own Synapse server | [Link](docs/configuring-playbook-client-element-web.md) |
 | [Hydrogen](https://github.com/element-hq/hydrogen-web) | ❌ | Lightweight Matrix client with legacy and mobile browser support | [Link](docs/configuring-playbook-client-hydrogen.md) |
 | [Cinny](https://github.com/ajbura/cinny) |  ❌ | Simple, elegant and secure web client | [Link](docs/configuring-playbook-client-cinny.md) |
-| [Sable](https://github.com/7w1/sable) | ❌ | Simple, elegant and secure web client | [Link](docs/configuring-playbook-client-sable.md) |
+| [Sable](https://github.com/SableClient/Sable) | ❌ | Simple, elegant and secure web client | [Link](docs/configuring-playbook-client-sable.md) |
 | [SchildiChat Web](https://schildi.chat/) | ❌ | Based on Element Web, with a more traditional instant messaging experience | [Link](docs/configuring-playbook-client-schildichat-web.md) |
 | [FluffyChat Web](https://fluffychat.im/) | ❌ | The cutest messenger in Matrix | [Link](docs/configuring-playbook-client-fluffychat-web.md) |
@@ -92,7 +92,6 @@ Extend and modify how users are authenticated on your homeserver.
 | [matrix-synapse-rest-auth](https://github.com/ma1uta/matrix-synapse-rest-password-provider) (advanced) | ❌ | REST authentication password provider module | [Link](docs/configuring-playbook-rest-auth.md) |
 |[matrix-synapse-shared-secret-auth](https://github.com/devture/matrix-synapse-shared-secret-auth) (advanced) | ❌ | Password provider module | [Link](docs/configuring-playbook-shared-secret-auth.md) |
 | [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3) (advanced) | ❌ | LDAP Auth password provider module | [Link](docs/configuring-playbook-ldap-auth.md) |
 | [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) (advanced) | ❌ | Proxy that handles Matrix registration requests and forwards them to LDAP | [Link](docs/configuring-playbook-matrix-ldap-registration-proxy.md) |
 | [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) | ❌ | Service to verify details of a user based on an Open ID token | [Link](docs/configuring-playbook-user-verification-service.md) |
 | [synapse-simple-antispam](https://github.com/t2bot/synapse-simple-antispam) (advanced) | ❌ | Spam checker module | [Link](docs/configuring-playbook-synapse-simple-antispam.md) |
@@ -1,267 +1,26 @@
 <!--
-SPDX-FileCopyrightText: 2021 - 2024 Slavi Pantaleev
+SPDX-FileCopyrightText: 2019-2025 Slavi Pantaleev
 SPDX-FileCopyrightText: 2021 Yannick Goossens
 SPDX-FileCopyrightText: 2022 Dennis Ciba
-SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
+SPDX-FileCopyrightText: 2022 Nikita Chernyi
-SPDX-FileCopyrightText: 2025 MDAD project contributors
+SPDX-FileCopyrightText: 2023-2025 MDAD project contributors
 SPDX-FileCopyrightText: 2024-2026 Suguru Hirahara
 SPDX-License-Identifier: AGPL-3.0-or-later
 -->
-# Setting up Go-NEB (optional, unmaintained)
+# Setting up Go-NEB (optional, removed)
-**Note**: [Go-NEB](https://github.com/matrix-org/go-neb) is now an archived (**unmaintained**) project. We recommend not bothering with installing it. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bridge-hookshot.md). Consider using that bot instead of this one.
+🪦 The playbook used to be able to install and configure [Go-NEB](https://github.com/matrix-org/go-neb), but no longer includes this component as it has been discontinued.
-The playbook can install and configure [Go-NEB](https://github.com/matrix-org/go-neb) for you.
+While not a 1:1 replacement, the bot's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bridge-hookshot.md).
-Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python.
+## Uninstalling Go-NEB manually
-See the project's [documentation](https://github.com/matrix-org/go-neb/blob/master/README.md) to learn what it does and why it might be useful to you.
+If you still have the Go-NEB component installed on your Matrix server, the playbook can no longer help you uninstall it and you will need to do it manually. To uninstall manually, run these commands on the server:
 ## Prerequisites
 ### Register the bot account
 The playbook does not automatically create users for you. You **need to register the bot user manually** before setting up the bot.
 Generate a strong password for the bot. You can create one with a command like `pwgen -s 64 1`.
 You can use the playbook to [register a new user](registering-users.md):
 ```sh
-ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.go-neb password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user
+systemctl disable --now matrix-bot-go-neb.service
 rm -rf /matrix/go-neb
 ```
 ### Obtain an access token
 The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
 > [!WARNING]
 > Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
 ## Adjusting DNS records
 By default, this playbook installs Go-NEB on the `goneb.` subdomain (`goneb.example.com`) and requires you to create a CNAME record for `goneb`, which targets `matrix.example.com`.
 When setting, replace `example.com` with your own.
 ## Adjusting the playbook configuration
 To enable the bot, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file. Make sure to replace `ACCESS_TOKEN_FOR_GONEB_HERE` and `ACCESS_TOKEN_FOR_ANOTHER_GONEB_HERE` with the ones created [above](#obtain-an-access-token).
 ```yaml
 matrix_bot_go_neb_enabled: true
 # You need at least 1 client.
 # Use the access token you obtained in the step above.
 matrix_bot_go_neb_clients:
  - UserID: "@goneb:{{ matrix_domain }}"
    AccessToken: "ACCESS_TOKEN_FOR_GONEB_HERE"
    DeviceID: "DEVICE1"
    HomeserverURL: "{{ matrix_addons_homeserver_client_api_url }}"
    Sync: true
    AutoJoinRooms: true
    DisplayName: "Go-NEB!"
    AcceptVerificationFromUsers: [":{{ matrix_domain }}"]
  - UserID: "@another_goneb:{{ matrix_domain }}"
    AccessToken: "ACCESS_TOKEN_FOR_ANOTHER_GONEB_HERE"
    DeviceID: "DEVICE2"
    HomeserverURL: "{{ matrix_addons_homeserver_client_api_url }}"
    Sync: false
    AutoJoinRooms: false
    DisplayName: "Go-NEB!"
    AcceptVerificationFromUsers: ["^@admin:{{ matrix_domain }}"]
 # Optional, for use with the github_cmd, github_webhooks or jira services
 matrix_bot_go_neb_realms:
  - ID: "github_realm"
    Type: "github"
    Config: {} # No need for client ID or Secret as Go-NEB isn't generating OAuth URLs
 # Optional. The list of *authenticated* sessions which Go-NEB is aware of.
 matrix_bot_go_neb_sessions:
  - SessionID: "your_github_session"
    RealmID: "github_realm"
    UserID: "@alice:{{ matrix_domain }}" # This needs to be the username of the person that's allowed to use the !github commands
    Config:
      # Populate these fields by generating a "Personal Access Token" on github.com
      AccessToken: "YOUR_GITHUB_ACCESS_TOKEN"
      Scopes: "admin:org_hook,admin:repo_hook,repo,user"
 # The list of services which Go-NEB is aware of.
 # Delete or modify this list as appropriate.
 # See the docs for /configureService for the full list of options:
 # https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#ConfigureServiceRequest
 # You need at least 1 service.
 matrix_bot_go_neb_services:
  - ID: "echo_service"
    Type: "echo"
    UserID: "@goneb:{{ matrix_domain }}"
    Config: {}
 # Can be obtained from https://developers.giphy.com/dashboard/
  - ID: "giphy_service"
    Type: "giphy"
    UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client
    Config:
      api_key: "qwg4672vsuyfsfe"
      use_downsized: false
 # This service has been dead for over a year :/
  - ID: "guggy_service"
    Type: "guggy"
    UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client
    Config:
      api_key: "2356saaqfhgfe"
 # API Key via https://developers.google.com/custom-search/v1/introduction
 # CX via http://www.google.com/cse/manage/all
 # https://stackoverflow.com/questions/6562125/getting-a-cx-id-for-custom-search-google-api-python
 # 'Search the entire web' and 'Image search' enabled for best results
  - ID: "google_service"
    Type: "google"
    UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client
    Config:
      api_key: "AIzaSyA4FD39m9"
      cx: "AIASDFWSRRtrtr"
 # Obtain a key via https://api.imgur.com/oauth2/addclient
 # Select "oauth2 without callback url"
  - ID: "imgur_service"
    Type: "imgur"
    UserID: "@imgur:{{ matrix_domain }}" # requires a Syncing client
    Config:
      client_id: "AIzaSyA4FD39m9"
      client_secret: "somesecret"
  - ID: "wikipedia_service"
    Type: "wikipedia"
    UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client
    Config:
  - ID: "rss_service"
    Type: "rssbot"
    UserID: "@another_goneb:{{ matrix_domain }}"
    Config:
      feeds:
        "http://lorem-rss.herokuapp.com/feed?unit=second&interval=60":
          rooms: ["!qporfwt:{{ matrix_domain }}"]
          must_include:
            author:
              - author1
            description:
              - lorem
              - ipsum
          must_not_include:
            title:
              - Lorem
              - Ipsum
  - ID: "github_cmd_service"
    Type: "github"
    UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client
    Config:
      RealmID: "github_realm"
    # Make sure your BASE_URL can be accessed by Github!
  - ID: "github_webhook_service"
    Type: "github-webhook"
    UserID: "@another_goneb:{{ matrix_domain }}"
    Config:
      RealmID: "github_realm"
      ClientUserID: "@alice:{{ matrix_domain }}" # needs to be an authenticated user so Go-NEB can create webhooks. Check the UserID field in the github_realm in matrix_bot_go_neb_sessions.
      Rooms:
        "!qporfwt:example.com":
          Repos:
            "element-hq/synapse":
              Events: ["push", "issues"]
            "matrix-org/dendron":
              Events: ["pull_request"]
        "!aaabaa:example.com":
          Repos:
            "element-hq/synapse":
              Events: ["push", "issues"]
            "matrix-org/dendron":
              Events: ["pull_request"]
  - ID: "slackapi_service"
    Type: "slackapi"
    UserID: "@slackapi:{{ matrix_domain }}"
    Config:
      Hooks:
        "hook1":
          RoomID: "!qporfwt:example.com"
          MessageType: "m.text" # default is m.text
  - ID: "alertmanager_service"
    Type: "alertmanager"
    UserID: "@alertmanager:{{ matrix_domain }}"
    Config:
      # This is for information purposes only. It should point to Go-NEB path as follows:
      # `/services/hooks/<base64 encoded service ID>`
      # Where in this case "service ID" is "alertmanager_service"
      # Make sure your BASE_URL can be accessed by the Alertmanager instance!
      webhook_url: "http://localhost/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2U"
      # Each room will get the notification with the alert rendered with the given template
      rooms:
        "!qporfwt:example.com":
          text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
          html_template: "{% raw %}{{range .Alerts -}}  {{ $severity := index .Labels \"severity\" }}    {{ if eq .Status \"firing\" }}      {{ if eq $severity \"critical\"}}        <font color='red'><b>[FIRING - CRITICAL]</b></font>      {{ else if eq $severity \"warning\"}}        <font color='orange'><b>[FIRING - WARNING]</b></font>      {{ else }}        <b>[FIRING - {{ $severity }}]</b>      {{ end }}    {{ else }}      <font color='green'><b>[RESOLVED]</b></font>    {{ end }}  {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}}   <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
          msg_type: "m.text"  # Must be either `m.text` or `m.notice`
 ```
 ### Adjusting the Go-NEB URL (optional)
 By tweaking the `matrix_bot_go_neb_hostname` and `matrix_bot_go_neb_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one.
 Example additional configuration for your `vars.yml` file:
 ```yaml
 # Switch to the domain used for Matrix services (`matrix.example.com`),
 # so we won't need to add additional DNS records for Go-NEB.
 matrix_bot_go_neb_hostname: "{{ matrix_server_fqn_matrix }}"
 # Expose under the /go-neb subpath
 matrix_bot_go_neb_path_prefix: /go-neb
 ```
 After changing the domain, **you may need to adjust your DNS** records to point the Go-NEB domain to the Matrix server.
 If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration.
 ### Extending the configuration
 There are some additional things you may wish to configure about the bot.
 Take a look at:
 - `roles/custom/matrix-bot-go-neb/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
 - `roles/custom/matrix-bot-go-neb/templates/config.yaml.j2` for the bot's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_bot_go_neb_configuration_extension_yaml` variable
 ## Installing
 After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the playbook with [playbook tags](playbook-tags.md) as below:
 <!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
 ```sh
 ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
 ```
 The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
 `just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
 ## Usage
 To use the bot, invite it to any existing Matrix room (`/invite @bot.go-neb:example.com` where `example.com` is your base domain, not the `matrix.` domain). Make sure you are granted with the sufficient permission if you are not the room owner.
 Basic usage is like this: `!echo hi` or `!imgur puppies` or `!giphy matrix`
 If you enabled the github_cmd service, send `!github help` to the bot in the room to see the available commands.
 You can also refer to the upstream [Documentation](https://github.com/matrix-org/go-neb).
 ## Troubleshooting
 As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-bot-go-neb`.
@@ -8,7 +8,7 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 # Setting up Sable (optional)
-The playbook can install and configure the [Sable](https://github.com/7w1/sable) Matrix web client for you.
+The playbook can install and configure the [Sable](https://github.com/SableClient/Sable) Matrix web client for you.
 Sable is a web client focusing primarily on simple, elegant and secure interface. It can be installed alongside or instead of [Element Web](./configuring-playbook-client-element-web.md), [Cinny](./configuring-playbook-client-cinny.md) and others.
@@ -52,9 +52,3 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
 The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
 `just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
 ## Usage
 ### Handling user registration
 If you wish for users to also be able to make new registrations against LDAP, you may **also** wish to [set up the ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md).
@@ -1,69 +1,32 @@
 <!--
-SPDX-FileCopyrightText: 2022 - 2024 Slavi Pantaleev
+SPDX-FileCopyrightText: 2019 Edgars Voroboks
 SPDX-FileCopyrightText: 2019 Eduardo Beltrame
 SPDX-FileCopyrightText: 2019-2025 MDAD project contributors
 SPDX-FileCopyrightText: 2019-2025 Slavi Pantaleev
 SPDX-FileCopyrightText: 2020 Chris van Dijk
 SPDX-FileCopyrightText: 2020 Tulir Asokan
 SPDX-FileCopyrightText: 2020 jens quade
 SPDX-FileCopyrightText: 2022 Dennis Ciba
 SPDX-FileCopyrightText: 2022 Julian-Samuel Gebühr
-SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
+SPDX-FileCopyrightText: 2022 Kim Brose
 SPDX-FileCopyrightText: 2022 Travis Ralston
 SPDX-FileCopyrightText: 2022 Vladimir Panteleev
 SPDX-FileCopyrightText: 2022 Yan Minagawa
 SPDX-FileCopyrightText: 2024-2026 Suguru Hirahara
 SPDX-License-Identifier: AGPL-3.0-or-later
 -->
-# Setting up matrix-ldap-registration-proxy (optional)
+# Setting up matrix-ldap-registration-proxy (optional, removed)
-The playbook can install and configure [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) for you.
+🪦 The playbook used to be able to install and configure [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy), but no longer includes this component, as it has become unavailable.
-This proxy handles Matrix registration requests and forwards them to LDAP.
+## Uninstalling the component manually
-See the project's [documentation](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/-/blob/main/README.md) to learn what it does and why it might be useful to you.
+If you still have matrix-ldap-registration-proxy installed on your Matrix server, the playbook can no longer help you uninstall it and you will need to do it manually. To uninstall manually, run these commands on the server:
 **Note**: This does support the full Matrix specification for registrations. It only provide a very coarse implementation of a basic password registration.
 ## Adjusting the playbook configuration
 To enable the component, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs):
 ```yaml
 matrix_ldap_registration_proxy_enabled: true
 # LDAP credentials
 matrix_ldap_registration_proxy_ldap_uri: YOUR_URI_HERE
 matrix_ldap_registration_proxy_ldap_base_dn: YOUR_DN_HERE
 matrix_ldap_registration_proxy_ldap_user: YOUR_USER_HERE
 matrix_ldap_registration_proxy_ldap_password: YOUR_PASSWORD_HERE
 ```
 If you already use the [synapse external password provider via LDAP](configuring-playbook-ldap-auth.md) (that is, you have `matrix_synapse_ext_password_provider_ldap_enabled: true` and other options in your configuration) you can use the following values as configuration:
 ```yaml
 # Use the LDAP values specified for the synapse role to setup LDAP proxy
 matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}"
 matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}"
 matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}"
 matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}"
 matrix_ldap_registration_proxy_systemd_wanted_services_list_custom:
  - matrix-synapse.service
 ```
 ### Extending the configuration
 There are some additional things you may wish to configure about the component.
 Take a look at:
 - `roles/custom/matrix-ldap-registration-proxy/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
 ## Installing
 After configuring the playbook, run it with [playbook tags](playbook-tags.md) as below:
 <!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
 ```sh
-ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
+systemctl disable --now matrix-ldap-registration-proxy.service
 rm -rf /matrix/matrix_ldap_registration_proxy
 ```
 The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
 `just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
 ## Troubleshooting
 As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-ldap-registration-proxy`.
@@ -89,7 +89,7 @@ Web clients for Matrix that you can host on your own domains.
 - [Setting up Cinny](configuring-playbook-client-cinny.md), if you've enabled [Cinny](https://github.com/ajbura/cinny), a web client focusing primarily on simple, elegant and secure interface
- [Setting up Sable](configuring-playbook-client-sable.md), if you've enabled [Sable](https://github.com/7w1/sable), a web client focusing primarily on simple, elegant and secure interface
+- [Setting up Sable](configuring-playbook-client-sable.md), if you've enabled [Sable](https://github.com/SableClient/Sable), a web client focusing primarily on simple, elegant and secure interface
 - [Setting up SchildiChat Web](configuring-playbook-client-schildichat-web.md), if you've enabled [SchildiChat Web](https://schildi.chat/), a web client based on [Element Web](https://element.io/) with some extras and tweaks
@@ -112,8 +112,6 @@ Extend and modify how users are authenticated on your homeserver.
 - [Setting up the LDAP authentication password provider module](configuring-playbook-ldap-auth.md) (advanced)
 - [Setting up matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) (advanced)
 - [Setting up Synapse Simple Antispam](configuring-playbook-synapse-simple-antispam.md) (advanced)
 - [Setting up Matrix User Verification Service](configuring-playbook-user-verification-service.md) (advanced)
@@ -279,6 +277,8 @@ Various services that don't fit any other categories.
 - [Setting up matrix-bot-chatgpt](configuring-playbook-bot-chatgpt.md) (unmaintained; the bridge's author suggests taking a look at [baibot](https://github.com/etkecc/baibot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bot-baibot.md))
 - [Setting up matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) (removed; the repository of the source code has been removed)
 - [Setting up matrix-registration](configuring-playbook-matrix-registration.md) (removed; this component has been unmaintained)
 - [Setting up Mautrix Facebook bridging](configuring-playbook-bridge-mautrix-facebook.md) (deprecated in favor of the Messenger/Instagram bridge with [mautrix-meta-messenger](configuring-playbook-bridge-mautrix-meta-messenger.md))
@@ -67,7 +67,6 @@ Extend and modify how users are authenticated on your homeserver.
 | [matrix-synapse-rest-auth](configuring-playbook-rest-auth.md) | (N/A) | ❌ | REST authentication password provider module |
 | [matrix-synapse-shared-secret-auth](configuring-playbook-shared-secret-auth.md) | (N/A) | ❌ | Password provider module |
 | [matrix-synapse-ldap3](configuring-playbook-ldap-auth.md) (advanced) | (N/A) | ❌ | LDAP Auth password provider module |
 | [matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) | [activism.international/matrix_ldap_registration_proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/container_registry) | ❌ | Proxy that handles Matrix registration requests and forwards them to LDAP |
 | [Matrix User Verification Service](configuring-playbook-user-verification-service.md) | [matrixdotorg/matrix-user-verification-service](https://hub.docker.com/r/atrixdotorg/matrix-user-verification-service) | ❌ | Service to verify details of a user based on an Open ID token |
 | [synapse-simple-antispam](configuring-playbook-synapse-simple-antispam.md) (advanced) | (N/A) | ❌ | Spam checker module |
@@ -178,6 +177,7 @@ The list of the deprecated or unmaintained services is available [here](configur
 | [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) | [matrixdotorg/matrix-appservice-slack](https://hub.docker.com/r/matrixdotorg/matrix-appservice-slack) | ❌ | Bridge to [Slack](https://slack.com/) |
 | [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md) | [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) | ❌ | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) |
 | [matrix-chatgpt-bot](configuring-playbook-bot-chatgpt.md) | [matrixgpt/matrix-chatgpt-bot](https://ghcr.io/matrixgpt/matrix-chatgpt-bot) | ❌ | Accessing ChatGPT via your favourite Matrix client |
 | [matrix-ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) | [activism.international/matrix_ldap_registration_proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy/container_registry) | ❌ | Proxy that handles Matrix registration requests and forwards them to LDAP |
 | [matrix-registration](configuring-playbook-matrix-registration.md) | [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) | ❌ | Simple python application to have a token based Matrix registration |
 | [mautrix-facebook](configuring-playbook-bridge-mautrix-facebook.md) | [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) | ❌ | Bridge to [Facebook](https://facebook.com/) |
 | [mautrix-instagram](configuring-playbook-bridge-mautrix-instagram.md) | [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) | ❌ | Bridge to [Instagram](https://instagram.com/) |
@@ -23,7 +23,7 @@ Both methods have their place and will continue to do so. You only need to use j
 For simplicity reasons, this playbook recommends you to set up server delegation via a `/.well-known/matrix/server` file. However, that method may have some downsides that are not to your liking. Hence this guide about alternative ways to set up Server Delegation.
-**Note**: as an alternative, it is possible to install the server such that it uses only the `matrix.example.com` domain (instead of identifying as the shorter base domain — `example.com`). This should be helpful if you are not in control of anything on the base domain (`example.com`). In this case, you would not need to configure server delegation, but you would need to add other configuration. For more information, see [How do I install on matrix.example.com without involving the base domain?](faq.md#how-do-i-install-on-matrix-example-com-without-involving-the-base-domain) on our FAQ.
+**Note**: as an alternative, it is possible to install the server such that it uses only the `matrix.example.com` domain (instead of identifying as the shorter base domain — `example.com`). This should be helpful if you are not in control of anything on the base domain (`example.com`). In this case, you would not need to configure server delegation, but you would need to add other configuration. For more information, see [How do I install on matrix.example.com without involving the base domain?](faq.md#how-do-i-install-on-matrixexamplecom-without-involving-the-base-domain) on our FAQ.
 ## Server Delegation via a well-known file
@@ -310,13 +310,6 @@ devture_systemd_service_manager_services_list_auto: |
      'groups': ['matrix', 'bots', 'baibot', 'bot-baibot'],
    }] if matrix_bot_baibot_enabled else [])
    +
    ([{
      'name': 'matrix-bot-go-neb.service',
      'priority': 2200,
      'restart_necessary': (matrix_bot_go_neb_restart_necessary | bool),
      'groups': ['matrix', 'bots', 'go-neb', 'bot-go-neb'],
    }] if matrix_bot_go_neb_enabled else [])
    +
    ([{
      'name': 'matrix-bot-honoroit.service',
      'priority': 2200,
@@ -722,13 +715,6 @@ devture_systemd_service_manager_services_list_auto: |
      'groups': ['matrix', 'jitsi', 'jitsi-jvb'],
    }] if jitsi_enabled else [])
    +
    ([{
      'name': 'matrix-ldap-registration-proxy.service',
      'priority': 2000,
      'restart_necessary': (matrix_ldap_registration_proxy_restart_necessary | bool),
      'groups': ['matrix', 'ldap-registration-proxy'],
    }] if matrix_ldap_registration_proxy_enabled else [])
    +
    ([{
      'name': (matrix_media_repo_identifier + '.service'),
      'priority': 4000,
@@ -3077,51 +3063,6 @@ matrix_bot_baibot_container_additional_networks_auto: |-
 #
 ######################################################################
 ######################################################################
 #
 # matrix-bot-go-neb
 #
 ######################################################################
 # We don't enable bots by default.
 matrix_bot_go_neb_enabled: false
 matrix_bot_go_neb_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"
 matrix_bot_go_neb_hostname: "{{ matrix_server_fqn_bot_go_neb }}"
 matrix_bot_go_neb_systemd_required_services_list_auto: |
  {{
    matrix_addons_homeserver_systemd_services_list
  }}
 matrix_bot_go_neb_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_bot_go_neb_container_image_registry_prefix_upstream_default }}"
 matrix_bot_go_neb_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '4050') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
 matrix_bot_go_neb_container_network: "{{ matrix_addons_container_network }}"
 matrix_bot_go_neb_container_additional_networks: |
  {{
    (
      ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
      +
      ([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network and matrix_bot_go_neb_container_labels_traefik_enabled else [])
    ) | unique
  }}
 matrix_bot_go_neb_container_labels_traefik_enabled: "{{ matrix_playbook_traefik_labels_enabled }}"
 matrix_bot_go_neb_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
 matrix_bot_go_neb_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
 matrix_bot_go_neb_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
 ######################################################################
 #
 # /matrix-bot-go-neb
 #
 ######################################################################
 ######################################################################
 #
 # matrix-bot-mjolnir
@@ -3817,50 +3758,6 @@ jitsi_disable_gravatar: true
 #
 ######################################################################
 ######################################################################
 #
 # matrix-ldap-registration-proxy
 #
 ######################################################################
 # This is only for users with a specific LDAP setup
 matrix_ldap_registration_proxy_enabled: false
 matrix_ldap_registration_proxy_hostname: "{{ matrix_server_fqn_matrix }}"
 matrix_ldap_registration_proxy_matrix_server_url: "{{ matrix_addons_homeserver_client_api_url }}"
 matrix_ldap_registration_proxy_systemd_required_services_list_auto: |
  {{
    matrix_addons_homeserver_systemd_services_list
  }}
 matrix_ldap_registration_proxy_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_ldap_registration_proxy_container_image_registry_prefix_upstream_default }}"
 matrix_ldap_registration_proxy_container_network: "{{ matrix_addons_container_network }}"
 matrix_ldap_registration_proxy_container_additional_networks_auto: |-
  {{
    (
      ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
      +
      ([matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_playbook_reverse_proxyable_services_additional_network and matrix_ldap_registration_proxy_container_labels_traefik_enabled) else [])
    ) | unique
  }}
 matrix_ldap_registration_proxy_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
 matrix_ldap_registration_proxy_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
 matrix_ldap_registration_proxy_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
 matrix_ldap_registration_proxy_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
 ######################################################################
 #
 # /matrix-ldap-registration-proxy
 #
 ######################################################################
 ########################################################################
 #                                                                      #
 # exim-relay                                                           #
@@ -6338,8 +6235,6 @@ matrix_livekit_jwt_service_environment_variable_livekit_key: "{{ (matrix_homeser
 matrix_livekit_jwt_service_environment_variable_livekit_secret: "{{ (matrix_homeserver_generic_secret_key + ':lk.secret') | hash('sha512') | to_uuid }}"
 matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list: ["{{ matrix_domain }}"]
 ########################################################################
 #                                                                      #
 # /matrix-livekit-jwt-service                                          #
@@ -1,10 +1,10 @@
 alabaster==1.0.0
 babel==2.18.0
-certifi==2026.5.20
+certifi==2026.6.17
 charset-normalizer==3.4.7
-click==8.4.0
+click==8.4.1
-docutils==0.22.4
+docutils==0.23
-idna==3.15
+idna==3.18
 imagesize==2.0.0
 Jinja2==3.1.6
 linkify-it-py==2.1.0
@@ -18,7 +18,7 @@ Pygments==2.20.0
 PyYAML==6.0.3
 requests==2.34.2
 setuptools==82.0.1
-snowballstemmer==3.0.1
+snowballstemmer==3.1.1
 Sphinx==9.1.0
 sphinx-intl==2.3.2
 sphinx-markdown-builder==0.6.10
@@ -257,7 +257,7 @@ msgid "[Link](docs/configuring-playbook-client-cinny.md)"
 msgstr ""
 #: ../../../README.md:0
-msgid "[Sable](https://github.com/7w1/sable)"
+msgid "[Sable](https://github.com/SableClient/Sable)"
 msgstr ""
 #: ../../../README.md:0
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: matrix-docker-ansible-deploy \n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2026-05-19 07:40+0000\n"
+"POT-Creation-Date: 2026-05-23 05:22+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -16,158 +16,22 @@ msgstr ""
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-#: ../../../docs/configuring-playbook-bot-go-neb.md:11
+#: ../../../docs/configuring-playbook-bot-go-neb.md:12
-msgid "Setting up Go-NEB (optional, unmaintained)"
+msgid "Setting up Go-NEB (optional, removed)"
 msgstr ""
-#: ../../../docs/configuring-playbook-bot-go-neb.md:13
+#: ../../../docs/configuring-playbook-bot-go-neb.md:14
-msgid "**Note**: [Go-NEB](https://github.com/matrix-org/go-neb) is now an archived (**unmaintained**) project. We recommend not bothering with installing it. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bridge-hookshot.md). Consider using that bot instead of this one."
+msgid "🪦 The playbook used to be able to install and configure [Go-NEB](https://github.com/matrix-org/go-neb), but no longer includes this component as it has been discontinued."
 msgstr ""
-#: ../../../docs/configuring-playbook-bot-go-neb.md:15
+#: ../../../docs/configuring-playbook-bot-go-neb.md:16
-msgid "The playbook can install and configure [Go-NEB](https://github.com/matrix-org/go-neb) for you."
+msgid "While not a 1:1 replacement, the bot's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bridge-hookshot.md)."
 msgstr ""
-#: ../../../docs/configuring-playbook-bot-go-neb.md:17
+#: ../../../docs/configuring-playbook-bot-go-neb.md:18
-msgid "Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python."
+msgid "Uninstalling Go-NEB manually"
 msgstr ""
-#: ../../../docs/configuring-playbook-bot-go-neb.md:19
+#: ../../../docs/configuring-playbook-bot-go-neb.md:20
-msgid "See the project's [documentation](https://github.com/matrix-org/go-neb/blob/master/README.md) to learn what it does and why it might be useful to you."
+msgid "If you still have the Go-NEB component installed on your Matrix server, the playbook can no longer help you uninstall it and you will need to do it manually. To uninstall manually, run these commands on the server:"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:21
 msgid "Prerequisites"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:23
 msgid "Register the bot account"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:25
 msgid "The playbook does not automatically create users for you. You **need to register the bot user manually** before setting up the bot."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:27
 msgid "Generate a strong password for the bot. You can create one with a command like `pwgen -s 64 1`."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:29
 msgid "You can use the playbook to [register a new user](registering-users.md):"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:35
 msgid "Obtain an access token"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:37
 msgid "The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md)."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:40
 msgid "Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:42
 msgid "Adjusting DNS records"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:44
 msgid "By default, this playbook installs Go-NEB on the `goneb.` subdomain (`goneb.example.com`) and requires you to create a CNAME record for `goneb`, which targets `matrix.example.com`."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:46
 msgid "When setting, replace `example.com` with your own."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:48
 msgid "Adjusting the playbook configuration"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:50
 msgid "To enable the bot, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file. Make sure to replace `ACCESS_TOKEN_FOR_GONEB_HERE` and `ACCESS_TOKEN_FOR_ANOTHER_GONEB_HERE` with the ones created [above](#obtain-an-access-token)."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:214
 msgid "Adjusting the Go-NEB URL (optional)"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:216
 msgid "By tweaking the `matrix_bot_go_neb_hostname` and `matrix_bot_go_neb_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:218
 msgid "Example additional configuration for your `vars.yml` file:"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:229
 msgid "After changing the domain, **you may need to adjust your DNS** records to point the Go-NEB domain to the Matrix server."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:231
 msgid "If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:233
 msgid "Extending the configuration"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:235
 msgid "There are some additional things you may wish to configure about the bot."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:237
 msgid "Take a look at:"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:239
 msgid "`roles/custom/matrix-bot-go-neb/defaults/main.yml` for some variables that you can customize via your `vars.yml` file"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:240
 msgid "`roles/custom/matrix-bot-go-neb/templates/config.yaml.j2` for the bot's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_bot_go_neb_configuration_extension_yaml` variable"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:242
 msgid "Installing"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:244
 msgid "After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the playbook with [playbook tags](playbook-tags.md) as below:"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:251
 msgid "The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:253
 msgid "`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:255
 msgid "Usage"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:257
 msgid "To use the bot, invite it to any existing Matrix room (`/invite @bot.go-neb:example.com` where `example.com` is your base domain, not the `matrix.` domain). Make sure you are granted with the sufficient permission if you are not the room owner."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:259
 msgid "Basic usage is like this: `!echo hi` or `!imgur puppies` or `!giphy matrix`"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:261
 msgid "If you enabled the github_cmd service, send `!github help` to the bot in the room to see the available commands."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:263
 msgid "You can also refer to the upstream [Documentation](https://github.com/matrix-org/go-neb)."
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:265
 msgid "Troubleshooting"
 msgstr ""
 #: ../../../docs/configuring-playbook-bot-go-neb.md:267
 msgid "As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-bot-go-neb`."
 msgstr ""
@@ -21,7 +21,7 @@ msgid "Setting up Sable (optional)"
 msgstr ""
 #: ../../../docs/configuring-playbook-client-sable.md:11
-msgid "The playbook can install and configure the [Sable](https://github.com/7w1/sable) Matrix web client for you."
+msgid "The playbook can install and configure the [Sable](https://github.com/SableClient/Sable) Matrix web client for you."
 msgstr ""
 #: ../../../docs/configuring-playbook-client-sable.md:13
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: matrix-docker-ansible-deploy \n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2026-05-19 07:40+0000\n"
+"POT-Creation-Date: 2026-05-21 19:21+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -161,105 +161,109 @@ msgid "RocksDB and cache tuning"
 msgstr ""
 #: ../../../docs/configuring-playbook-tuwunel.md:143
-msgid "Tuwunel embeds RocksDB. The defaults (`rocksdb_compression_algo: zstd`) suit most deployments. For high-throughput servers you may want to enable direct I/O, raise parallelism, and bump the cache modifier:"
+msgid "Tuwunel embeds RocksDB. The defaults (`rocksdb_compression_algo: zstd`) suit most deployments. For high-throughput servers you may want to enable direct I/O, raise parallelism, and configure a backup path:"
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:152
+#: ../../../docs/configuring-playbook-tuwunel.md:151
 msgid "`matrix_tuwunel_config_cache_capacity_modifier` is left empty by default, so Tuwunel picks a value (`1.0` since v1.7.0, with rebalanced per-cache sizes that already raise memory use). Set it to `2.0` only on small hosts with four or fewer cores; on larger machines the default is recommended."
 msgstr ""
 #: ../../../docs/configuring-playbook-tuwunel.md:153
 msgid "If you run on ZFS, the [Tuwunel maintenance guide](https://matrix-construct.github.io/tuwunel/maintenance.html#zfs) lists the dataset properties (`recordsize`, `primarycache`, `compression`, `atime`, `logbias`) and config flags (`rocksdb_direct_io`, `rocksdb_allow_fallocate`) you need to adjust to avoid severe write amplification."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:154
+#: ../../../docs/configuring-playbook-tuwunel.md:155
 msgid "To enable Sentry crash reporting, set `matrix_tuwunel_config_sentry_enabled: true`."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:156
+#: ../../../docs/configuring-playbook-tuwunel.md:157
 msgid "Federation gating"
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:158
+#: ../../../docs/configuring-playbook-tuwunel.md:159
 msgid "Tuwunel accepts regular-expression patterns at every level of remote-server filtering:"
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:169
+#: ../../../docs/configuring-playbook-tuwunel.md:170
 msgid "Tuwunel additionally implements [MSC4284 policy servers](https://github.com/matrix-org/matrix-spec-proposals/pull/4284) for room-level federation gating. The policy itself lives in room state, but enforcement is opt-in at the server level:"
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:176
+#: ../../../docs/configuring-playbook-tuwunel.md:177
 msgid "When enabled, rooms with a valid `m.room.policy` state event have outgoing events signed by the configured policy server before federation. Transient network or timeout failures fail open (with a warn log), so a policy-server outage will not silently take the room offline."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:178
+#: ../../../docs/configuring-playbook-tuwunel.md:179
 msgid "Default room version"
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:180
+#: ../../../docs/configuring-playbook-tuwunel.md:181
 msgid "The role sets `default_room_version: '12'`, so newly created rooms default to Matrix [room version 12](https://github.com/matrix-org/matrix-spec-proposals/pull/4289) (\"Hydra\"). Override `matrix_tuwunel_config_default_room_version` if you need an earlier version for client compatibility."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:182
+#: ../../../docs/configuring-playbook-tuwunel.md:183
 msgid "Creating the first user account"
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:184
+#: ../../../docs/configuring-playbook-tuwunel.md:185
 msgid "Unlike Synapse and Dendrite, Tuwunel does not register users from the command line or via the playbook. On first startup it logs a one-time-use registration token to its journal:"
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:191
+#: ../../../docs/configuring-playbook-tuwunel.md:192
 msgid "Use the token to create your first account from any client that supports token-gated registration (e.g. [Element Web](configuring-playbook-client-element-web.md)). The account is auto-promoted to admin and invited to the admin room together with the `@conduit:<server_name>` server bot. The bot keeps the legacy `conduit` localpart due to the project's lineage from Conduit."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:193
+#: ../../../docs/configuring-playbook-tuwunel.md:194
 msgid "Configuring bridges and appservices"
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:195
+#: ../../../docs/configuring-playbook-tuwunel.md:196
 msgid "The playbook does not auto-register appservices for Tuwunel. After your bridge has produced its `registration.yaml` (e.g. `/matrix/mautrix-signal/bridge/registration.yaml`), register it manually by sending the contents to the admin room, prefixed with `!admin appservices register` and wrapped in a fenced code block:"
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:216
+#: ../../../docs/configuring-playbook-tuwunel.md:217
 msgid "Registrations stored this way are persisted in the database and survive restarts. Re-running the command with the same `id` replaces the existing entry. See [Application services](https://matrix-construct.github.io/tuwunel/appservices.html) for the full reference and admin commands."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:218
+#: ../../../docs/configuring-playbook-tuwunel.md:219
 msgid "Migrating from conduwuit"
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:220
+#: ../../../docs/configuring-playbook-tuwunel.md:221
 msgid "Tuwunel is a \"binary swap\" for conduwuit; it reads conduwuit's RocksDB layout directly, so migration is a data move, not an export/import."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:222
+#: ../../../docs/configuring-playbook-tuwunel.md:223
 msgid "Set `matrix_homeserver_implementation: tuwunel` on `vars.yml` and remove any `matrix_conduwuit_*` overrides."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:223
+#: ../../../docs/configuring-playbook-tuwunel.md:224
 msgid "Run a full installation so that the new service is created and the old one removed (e.g. `just setup-all`)."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:224
+#: ../../../docs/configuring-playbook-tuwunel.md:225
 msgid "Run `just run-tags tuwunel-migrate-from-conduwuit`."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:226
+#: ../../../docs/configuring-playbook-tuwunel.md:227
 msgid "The migration stops `matrix-conduwuit.service`, copies `/matrix/conduwuit` into `/matrix/tuwunel`, renames the config file, and starts `matrix-tuwunel.service`. The freshly generated tuwunel data directory is preserved alongside as `/matrix/tuwunel_old` until you remove it manually."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:229
+#: ../../../docs/configuring-playbook-tuwunel.md:230
 msgid "Migrating from any other Conduit derivative (Conduit itself, Continuwuity, or any other fork) is **not supported** and will corrupt your database. All Conduit forks share the same linear database version with no awareness of each other; switching between them produces unrecoverable damage. See the [upstream migration table](https://matrix-construct.github.io/tuwunel/#migrating-to-tuwunel)."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:231
+#: ../../../docs/configuring-playbook-tuwunel.md:232
 msgid "Troubleshooting"
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:233
+#: ../../../docs/configuring-playbook-tuwunel.md:234
 msgid "As with all other services, the logs are available via [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html):"
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:239
+#: ../../../docs/configuring-playbook-tuwunel.md:240
 msgid "Logging verbosity is controlled by `matrix_tuwunel_config_log` in [`tracing-subscriber` env-filter syntax](https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct.EnvFilter.html). The default (`info,state_res=warn`) is reasonable for production; for debugging, try `debug` or scope it tighter, e.g. `info,tuwunel_service::sending=debug`."
 msgstr ""
-#: ../../../docs/configuring-playbook-tuwunel.md:241
+#: ../../../docs/configuring-playbook-tuwunel.md:242
 msgid "For RocksDB-level issues, online backups, and offline backup procedures, see the [Tuwunel maintenance guide](https://matrix-construct.github.io/tuwunel/maintenance.html). For protocol-compliance state across MSCs, the spec, and Complement, the project's [compliance dashboard](https://matrix-construct.github.io/tuwunel/development/compliance.html) is the authoritative tracker."
 msgstr ""
@@ -173,7 +173,7 @@ msgid "[Setting up Cinny](configuring-playbook-client-cinny.md), if you've enabl
 msgstr ""
 #: ../../../docs/configuring-playbook.md:92
-msgid "[Setting up Sable](configuring-playbook-client-sable.md), if you've enabled [Sable](https://github.com/7w1/sable), a web client focusing primarily on simple, elegant and secure interface"
+msgid "[Setting up Sable](configuring-playbook-client-sable.md), if you've enabled [Sable](https://github.com/SableClient/Sable), a web client focusing primarily on simple, elegant and secure interface"
 msgstr ""
 #: ../../../docs/configuring-playbook.md:94
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later
 [tools]
-prek = "0.4.1"
+prek = "0.4.5"
 [settings]
 yes = true
@@ -7,7 +7,7 @@
  version: v1.4.4-2.1.4-1
  name: backup_borg
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-cinny.git
-  version: v4.12.1-0
+  version: v4.12.2-0
  name: cinny
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-container-socket-proxy.git
  version: v0.4.2-5
@@ -39,13 +39,13 @@
  version: v0.5.1-5
  name: hydrogen
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
-  version: v10978-0
+  version: v11031-0
  name: jitsi
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server.git
-  version: v1.12.0-0
+  version: v1.13.1-0
  name: livekit_server
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-ntfy.git
-  version: v2.22.0-1
+  version: v2.24.0-0
  name: ntfy
 - src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git
  version: ea8c5cc750c4e23d004c9a836dfd9eda82d45ff4
@@ -63,7 +63,7 @@
  version: v18-3
  name: postgres_backup
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git
-  version: v3.11.3-1
+  version: v3.12.0-1
  name: prometheus
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-nginxlog-exporter.git
  version: v1.10.0-3
@@ -75,7 +75,7 @@
  version: v0.19.1-4
  name: prometheus_postgres_exporter
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-sable.git
-  version: v1.16.1-0
+  version: v1.18.3-0
  name: sable
 - src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git
  version: v1.5.0-0
@@ -87,10 +87,10 @@
  version: v1.1.0-1
  name: timesync
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git
-  version: v3.7.1-0
+  version: v3.7.5-0
  name: traefik
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git
-  version: v2.10.0-7
+  version: v2.11.4-0
  name: traefik_certs_dumper
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-valkey.git
  version: v9.1.0-0
@@ -11,7 +11,7 @@
 matrix_alertmanager_receiver_enabled: true
 # renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver
-matrix_alertmanager_receiver_version: 2026.5.20
+matrix_alertmanager_receiver_version: 2026.6.17
 matrix_alertmanager_receiver_scheme: https
@@ -73,6 +73,7 @@
      changed_when: true
 - name: Ensure matrix-alertmanager-receiver container network is created
  when: matrix_alertmanager_receiver_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_alertmanager_receiver_container_network }}"
@@ -33,9 +33,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			--config-path=/config/config.yml {{ matrix_alertmanager_receiver_container_process_extra_arguments | join(' ') }} \
 			--log-level={{ matrix_alertmanager_receiver_container_process_argument_log_level }}
 {% if matrix_alertmanager_receiver_container_network != 'host' %}
 {% for network in matrix_alertmanager_receiver_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-alertmanager-receiver
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-alertmanager-receiver
@@ -88,6 +88,7 @@
  register: matrix_appservice_draupnir_for_all_registration_config_result
 - name: Ensure matrix-appservice-draupnir-for-all container network is created
  when: matrix_appservice_draupnir_for_all_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_appservice_draupnir_for_all_container_network }}"
@@ -32,9 +32,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_appservice_draupnir_for_all_container_image }} \
 			appservice -c /data/config/production-appservice.yaml -f /data/config/draupnir-for-all-registration.yaml -p {{ matrix_appservice_draupnir_for_all_appservice_port }} --draupnir-config /data/config/production-bots.yaml
 {% if matrix_appservice_draupnir_for_all_container_network != 'host' %}
 {% for network in matrix_appservice_draupnir_for_all_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-appservice-draupnir-for-all
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-appservice-draupnir-for-all
@@ -22,7 +22,7 @@ matrix_authentication_service_container_repo_version: "{{ 'main' if matrix_authe
 matrix_authentication_service_container_src_files_path: "{{ matrix_base_data_path }}/matrix-authentication-service/container-src"
 # renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service
-matrix_authentication_service_version: 1.17.0
+matrix_authentication_service_version: 1.19.0
 matrix_authentication_service_container_image_registry_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else matrix_authentication_service_container_image_registry_prefix_upstream }}"
 matrix_authentication_service_container_image_registry_prefix_upstream: "{{ matrix_authentication_service_container_image_registry_prefix_upstream_default }}"
 matrix_authentication_service_container_image_registry_prefix_upstream_default: "ghcr.io/"
@@ -114,6 +114,7 @@
      changed_when: true
 - name: Ensure Matrix Authentication Service container network is created
  when: matrix_authentication_service_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_authentication_service_container_network }}"
@@ -36,9 +36,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{% endfor %}
 			{{ matrix_authentication_service_container_image }}
 {% if matrix_authentication_service_container_network != 'host' %}
 {% for network in matrix_authentication_service_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-authentication-service
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-authentication-service
@@ -131,9 +131,6 @@ matrix_server_fqn_buscarron: "buscarron.{{ matrix_domain }}"
 # This is where you access the Etherpad (if enabled via etherpad_enabled; disabled by default).
 matrix_server_fqn_etherpad: "etherpad.{{ matrix_domain }}"
 # For use with Go-NEB! (github callback url for example)
 matrix_server_fqn_bot_go_neb: "goneb.{{ matrix_domain }}"
 # This is where you access Jitsi.
 matrix_server_fqn_jitsi: "jitsi.{{ matrix_domain }}"
@@ -17,7 +17,7 @@ matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_versio
 matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src"
 # renovate: datasource=docker depName=ghcr.io/etkecc/baibot
-matrix_bot_baibot_version: v1.19.2
+matrix_bot_baibot_version: v1.21.1
 matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_registry_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}"
 matrix_bot_baibot_container_image_registry_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else matrix_bot_baibot_container_image_registry_prefix_upstream }}"
 matrix_bot_baibot_container_image_registry_prefix_upstream: "{{ matrix_bot_baibot_container_image_registry_prefix_upstream_default }}"
@@ -69,6 +69,7 @@
      register: matrix_bot_baibot_container_image_build_result
 - name: Ensure baibot container network is created
  when: matrix_bot_baibot_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_bot_baibot_container_network }}"
@@ -37,9 +37,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{% endfor %}
 			{{ matrix_bot_baibot_container_image }}
 {% if matrix_bot_baibot_container_network != 'host' %}
 {% for network in matrix_bot_baibot_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-baibot
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-baibot
@@ -13,7 +13,7 @@
 matrix_bot_buscarron_enabled: true
 # renovate: datasource=docker depName=ghcr.io/etkecc/buscarron
-matrix_bot_buscarron_version: v1.4.3
+matrix_bot_buscarron_version: v1.5.0
 # The hostname at which Buscarron is served.
 matrix_bot_buscarron_hostname: ''
@@ -110,6 +110,7 @@
      }}
 - name: Ensure Buscarron container network is created
  when: matrix_bot_buscarron_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_bot_buscarron_container_network }}"
@@ -32,9 +32,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{% endfor %}
 			{{ matrix_bot_buscarron_container_image }}
 {% if matrix_bot_buscarron_container_network != 'host' %}
 {% for network in matrix_bot_buscarron_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-buscarron
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-buscarron
@@ -82,6 +82,7 @@
  register: matrix_bot_draupnir_config_result
 - name: Ensure matrix-bot-draupnir container network is created
  when: matrix_bot_draupnir_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_bot_draupnir_container_network }}"
@@ -36,9 +36,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_bot_draupnir_container_image }} \
 			bot --draupnir-config /data/config/production.yaml
 {% if matrix_bot_draupnir_container_network != 'host' %}
 {% for network in matrix_bot_draupnir_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-draupnir
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-draupnir
@@ -1,362 +0,0 @@
 # SPDX-FileCopyrightText: 2021 - 2024 Slavi Pantaleev
 # SPDX-FileCopyrightText: 2021 Yannick Goossens
 # SPDX-FileCopyrightText: 2022 Marko Weltzer
 # SPDX-FileCopyrightText: 2022 Nikita Chernyi
 # SPDX-FileCopyrightText: 2023 Samuel Meenzen
 # SPDX-FileCopyrightText: 2024 Suguru Hirahara
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 ---
 # Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python.
 # Project source code URL: https://github.com/matrix-org/go-neb
 matrix_bot_go_neb_enabled: true
 # renovate: datasource=docker depName=matrixdotorg/go-neb
 matrix_bot_go_neb_version: latest
 matrix_bot_go_neb_scheme: https
 # The hostname at which Go-NEB is served.
 matrix_bot_go_neb_hostname: ''
 # The path at which Go-NEB is exposed.
 # This value must either be `/` or not end with a slash (e.g. `/go-neb`).
 matrix_bot_go_neb_path_prefix: /
 matrix_bot_go_neb_base_url: "{{ matrix_bot_go_neb_scheme }}://{{ matrix_bot_go_neb_hostname }}{{ matrix_bot_go_neb_path_prefix }}{{ '' if matrix_bot_go_neb_path_prefix == '/' else '/' }}"
 matrix_bot_go_neb_base_path: "{{ matrix_base_data_path }}/go-neb"
 matrix_bot_go_neb_config_path: "{{ matrix_bot_go_neb_base_path }}/config"
 matrix_bot_go_neb_config_path_in_container: "/config/config.yaml"
 matrix_bot_go_neb_data_path: "{{ matrix_bot_go_neb_base_path }}/data"
 matrix_bot_go_neb_data_store_path: "{{ matrix_bot_go_neb_data_path }}/store"
 matrix_bot_go_neb_container_image: "{{ matrix_bot_go_neb_container_image_registry_prefix }}matrixdotorg/go-neb:{{ matrix_bot_go_neb_container_image_tag }}"
 matrix_bot_go_neb_container_image_tag: "{{ matrix_bot_go_neb_version }}"
 matrix_bot_go_neb_container_image_registry_prefix: "{{ matrix_bot_go_neb_container_image_registry_prefix_upstream }}"
 matrix_bot_go_neb_container_image_registry_prefix_upstream: "{{ matrix_bot_go_neb_container_image_registry_prefix_upstream_default }}"
 matrix_bot_go_neb_container_image_registry_prefix_upstream_default: "docker.io/"
 # The base container network. It will be auto-created by this role if it doesn't exist already.
 matrix_bot_go_neb_container_network: matrix-bot-go-neb
 # A list of additional container networks that the container would be connected to.
 # The role does not create these networks, so make sure they already exist.
 # Use this to expose this container to another reverse proxy, which runs in a different container network.
 matrix_bot_go_neb_container_additional_networks: []
 # Controls whether the matrix-bot-go-neb container exposes its HTTP port (tcp/4050 in the container).
 #
 # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:4050"), or empty string to not expose.
 matrix_bot_go_neb_container_http_host_bind_port: ''
 # matrix_bot_go_neb_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
 # See `../templates/labels.j2` for details.
 #
 # To inject your own other container labels, see `matrix_bot_go_neb_container_labels_additional_labels`.
 matrix_bot_go_neb_container_labels_traefik_enabled: true
 matrix_bot_go_neb_container_labels_traefik_docker_network: "{{ matrix_bot_go_neb_container_network }}"
 matrix_bot_go_neb_container_labels_traefik_hostname: "{{ matrix_bot_go_neb_hostname }}"
 # The path prefix must either be `/` or not end with a slash (e.g. `/go-neb`).
 matrix_bot_go_neb_container_labels_traefik_path_prefix: "{{ matrix_bot_go_neb_path_prefix }}"
 matrix_bot_go_neb_container_labels_traefik_rule: "Host(`{{ matrix_bot_go_neb_container_labels_traefik_hostname }}`){% if matrix_bot_go_neb_container_labels_traefik_path_prefix != '/' %} && PathPrefix(`{{ matrix_bot_go_neb_container_labels_traefik_path_prefix }}`){% endif %}"
 matrix_bot_go_neb_container_labels_traefik_priority: 0
 matrix_bot_go_neb_container_labels_traefik_entrypoints: web-secure
 matrix_bot_go_neb_container_labels_traefik_tls: "{{ matrix_bot_go_neb_container_labels_traefik_entrypoints != 'web' }}"
 matrix_bot_go_neb_container_labels_traefik_tls_certResolver: default  # noqa var-naming
 # Controls which additional headers to attach to all HTTP responses.
 # To add your own headers, use `matrix_bot_go_neb_container_labels_traefik_additional_response_headers_custom`
 matrix_bot_go_neb_container_labels_traefik_additional_response_headers: "{{ matrix_bot_go_neb_container_labels_traefik_additional_response_headers_auto | combine(matrix_bot_go_neb_container_labels_traefik_additional_response_headers_custom) }}"
 matrix_bot_go_neb_container_labels_traefik_additional_response_headers_auto: |
  {{
    {}
    | combine ({'X-XSS-Protection': matrix_bot_go_neb_http_header_xss_protection} if matrix_bot_go_neb_http_header_xss_protection else {})
    | combine ({'X-Content-Type-Options': matrix_bot_go_neb_http_header_content_type_options} if matrix_bot_go_neb_http_header_content_type_options else {})
    | combine ({'Content-Security-Policy': matrix_bot_go_neb_http_header_content_security_policy} if matrix_bot_go_neb_http_header_content_security_policy else {})
    | combine ({'Permission-Policy': matrix_bot_go_neb_http_header_content_permission_policy} if matrix_bot_go_neb_http_header_content_permission_policy else {})
    | combine ({'Strict-Transport-Security': matrix_bot_go_neb_http_header_strict_transport_security} if matrix_bot_go_neb_http_header_strict_transport_security and matrix_bot_go_neb_container_labels_traefik_tls else {})
  }}
 matrix_bot_go_neb_container_labels_traefik_additional_response_headers_custom: {}
 # matrix_bot_go_neb_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
 # See `../templates/labels.j2` for details.
 #
 # Example:
 # matrix_bot_go_neb_container_labels_additional_labels: |
 #   my.label=1
 #   another.label="here"
 matrix_bot_go_neb_container_labels_additional_labels: ''
 # A list of extra arguments to pass to the container
 matrix_bot_go_neb_container_extra_arguments: []
 # List of systemd services that matrix-bot-go-neb.service depends on
 matrix_bot_go_neb_systemd_required_services_list: "{{ matrix_bot_go_neb_systemd_required_services_list_default + matrix_bot_go_neb_systemd_required_services_list_auto + matrix_bot_go_neb_systemd_required_services_list_custom }}"
 matrix_bot_go_neb_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_bot_go_neb_systemd_required_services_list_auto: []
 matrix_bot_go_neb_systemd_required_services_list_custom: []
 # List of systemd services that matrix-bot-go-neb.service wants
 matrix_bot_go_neb_systemd_wanted_services_list: []
 # Specifies the value of the `X-XSS-Protection` header
 # Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.
 #
 # Learn more about it is here:
 # - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
 # - https://portswigger.net/web-security/cross-site-scripting/reflected
 matrix_bot_go_neb_http_header_xss_protection: "1; mode=block"
 # Specifies the value of the `X-Content-Type-Options` header.
 # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
 matrix_bot_go_neb_http_header_content_type_options: nosniff
 # Specifies the value of the `Content-Security-Policy` header.
 # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
 matrix_bot_go_neb_http_header_content_security_policy: frame-ancestors 'self'
 # Specifies the value of the `Permission-Policy` header.
 # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permission-Policy
 matrix_bot_go_neb_http_header_content_permission_policy: "{{ 'interest-cohort=()' if matrix_bot_go_neb_floc_optout_enabled else '' }}"
 # Specifies the value of the `Strict-Transport-Security` header.
 # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
 matrix_bot_go_neb_http_header_strict_transport_security: "max-age=31536000; includeSubDomains{{ '; preload' if matrix_bot_go_neb_hsts_preload_enabled else '' }}"
 # Controls whether to send a "Permissions-Policy interest-cohort=();" header along with all responses
 #
 # Learn more about what it is here:
 # - https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea
 # - https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
 # - https://amifloced.org/
 #
 # Of course, a better solution is to just stop using browsers (like Chrome), which participate in such tracking practices.
 # See: `matrix_bot_go_neb_content_permission_policy`
 matrix_bot_go_neb_floc_optout_enabled: true
 # Controls if HSTS preloading is enabled
 #
 # In its strongest and recommended form, the [HSTS policy](https://www.chromium.org/hsts) includes all subdomains, and
 # indicates a willingness to be "preloaded" into browsers:
 # `Strict-Transport-Security: max-age=31536000; includeSubDomains; preload`
 # For more information visit:
 # - https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
 # - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
 # - https://hstspreload.org/#opt-in
 # See: `matrix_bot_go_neb_http_header_strict_transport_security`
 matrix_bot_go_neb_hsts_preload_enabled: false
 # Database-related configuration fields.
 #
 # MUST be "sqlite3". No other type is supported.
 matrix_bot_go_neb_database_engine: 'sqlite3'
 matrix_bot_go_neb_sqlite_database_path_local: "{{ matrix_bot_go_neb_data_path }}/bot.db"
 matrix_bot_go_neb_sqlite_database_path_in_container: "/data/bot.db"
 matrix_bot_go_neb_storage_database: "{{ {
    'sqlite3': (matrix_bot_go_neb_sqlite_database_path_in_container + '?_busy_timeout=5000'),
 }[matrix_bot_go_neb_database_engine] }}"
 # The bot's username(s). These users need to be created manually beforehand.
 # The access tokens that the bot uses to authenticate.
 # Generate one as described in
 # https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook-dimension.md#access-token
 # via curl. With the Element method, you might run into decryption problems (see https://github.com/matrix-org/go-neb#quick-start)
 matrix_bot_go_neb_clients: []
 #  - UserID: "@goneb:{{ matrix_domain }}"
 #    AccessToken: "MDASDASJDIASDJASDAFGFRGER"
 #    DeviceID: "DEVICE1"
 #    HomeserverURL: "{{ matrix_addons_homeserver_client_api_url }}"
 #    Sync: true
 #    AutoJoinRooms: true
 #    DisplayName: "Go-NEB!"
 #    AcceptVerificationFromUsers: [":{{ matrix_domain }}"]
 #
 #  - UserID: "@another_goneb:{{ matrix_domain }}"
 #    AccessToken: "MDASDASJDIASDJASDAFGFRGER"
 #    DeviceID: "DEVICE2"
 #    HomeserverURL: "{{ matrix_addons_homeserver_client_api_url }}"
 #    Sync: false
 #    AutoJoinRooms: false
 #    DisplayName: "Go-NEB!"
 #    AcceptVerificationFromUsers: ["^@admin:{{ matrix_domain }}"]
 # The list of realms which Go-NEB is aware of.
 # Delete or modify this list as appropriate.
 # See the docs for /configureAuthRealm for the full list of options:
 # https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#ConfigureAuthRealmRequest
 matrix_bot_go_neb_realms: []
 #  - ID: "github_realm"
 #    Type: "github"
 #    Config: {} # No need for client ID or Secret as Go-NEB isn't generating OAuth URLs
 # The list of *authenticated* sessions which Go-NEB is aware of.
 # Delete or modify this list as appropriate.
 # The full list of options are shown below: there is no single HTTP endpoint
 # which maps to this section.
 # https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#Session
 matrix_bot_go_neb_sessions: []
 #  - SessionID: "your_github_session"
 #    RealmID: "github_realm"
 #    UserID: "@alice:{{ matrix_domain }}" # This needs to be the username of the person that's allowed to use the !github commands
 #    Config:
 #      # Populate these fields by generating a "Personal Access Token" on github.com
 #      AccessToken: "YOUR_GITHUB_ACCESS_TOKEN"
 #      Scopes: "admin:org_hook,admin:repo_hook,repo,user"
 # The list of services which Go-NEB is aware of.
 # Delete or modify this list as appropriate.
 # See the docs for /configureService for the full list of options:
 # https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#ConfigureServiceRequest
 matrix_bot_go_neb_services: []
 #  - ID: "echo_service"
 #    Type: "echo"
 #    UserID: "@goneb:{{ matrix_domain }}"
 #    Config: {}
 ## Can be obtained from https://developers.giphy.com/dashboard/
 #  - ID: "giphy_service"
 #    Type: "giphy"
 #    UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client
 #    Config:
 #      api_key: "qwg4672vsuyfsfe"
 #      use_downsized: false
 #
 ## This service has been dead for over a year :/
 #  - ID: "guggy_service"
 #    Type: "guggy"
 #    UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client
 #    Config:
 #      api_key: "2356saaqfhgfe"
 #
 ## API Key via https://developers.google.com/custom-search/v1/introduction
 ## CX via http://www.google.com/cse/manage/all
 ## https://stackoverflow.com/questions/6562125/getting-a-cx-id-for-custom-search-google-api-python
 ## 'Search the entire web' and 'Image search' enabled for best results
 #  - ID: "google_service"
 #    Type: "google"
 #    UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client
 #    Config:
 #      api_key: "AIzaSyA4FD39m9"
 #      cx: "AIASDFWSRRtrtr"
 #
 ## Get a key via https://api.imgur.com/oauth2/addclient
 ## Select "oauth2 without callback url"
 #  - ID: "imgur_service"
 #    Type: "imgur"
 #    UserID: "@imgur:{{ matrix_domain }}" # requires a Syncing client
 #    Config:
 #      client_id: "AIzaSyA4FD39m9"
 #      client_secret: "somesecret"
 #
 #  - ID: "wikipedia_service"
 #    Type: "wikipedia"
 #    UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client
 #    Config:
 #
 #  - ID: "rss_service"
 #    Type: "rssbot"
 #    UserID: "@another_goneb:{{ matrix_domain }}"
 #    Config:
 #      feeds:
 #        "http://lorem-rss.herokuapp.com/feed?unit=second&interval=60":
 #          rooms: ["!qporfwt:localhost"]
 #          must_include:
 #            author:
 #              - author1
 #            description:
 #              - lorem
 #              - ipsum
 #          must_not_include:
 #            title:
 #              - Lorem
 #              - Ipsum
 #
 #  - ID: "github_cmd_service"
 #    Type: "github"
 #    UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client
 #    Config:
 #      RealmID: "github_realm"
 #
 #    # Make sure your BASE_URL can be accessed by Github!
 #  - ID: "github_webhook_service"
 #    Type: "github-webhook"
 #    UserID: "@another_goneb:{{ matrix_domain }}"
 #    Config:
 #      RealmID: "github_realm"
 #      ClientUserID: "@alice:{{ matrix_domain }}" # needs to be an authenticated user so Go-NEB can create webhooks. Check the UserID field in the github_realm in matrix_bot_go_neb_sessions.
 #      Rooms:
 #        "!qporfwt:example.com":
 #          Repos:
 #            "element-hq/synapse":
 #              Events: ["push", "issues"]
 #            "matrix-org/dendron":
 #              Events: ["pull_request"]
 #        "!aaabaa:example.com":
 #          Repos:
 #            "element-hq/synapse":
 #              Events: ["push", "issues"]
 #            "matrix-org/dendron":
 #              Events: ["pull_request"]
 #
 #  - ID: "slackapi_service"
 #    Type: "slackapi"
 #    UserID: "@slackapi:{{ matrix_domain }}"
 #    Config:
 #      Hooks:
 #        "hook1":
 #          RoomID: "!qporfwt:example.com"
 #          MessageType: "m.text" # default is m.text
 #
 #  - ID: "alertmanager_service"
 #    Type: "alertmanager"
 #    UserID: "@alertmanager:{{ matrix_domain }}"
 #    Config:
 #      # This is for information purposes only. It should point to Go-NEB path as follows:
 #      # `/services/hooks/<base64 encoded service ID>`
 #      # Where in this case "service ID" is "alertmanager_service"
 #      # Make sure your BASE_URL can be accessed by the Alertmanager instance!
 #      webhook_url: "http://localhost/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2U"
 #      # Each room will get the notification with the alert rendered with the given template
 #      rooms:
 #        "!qporfwt:example.com":
 #          text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
 #          html_template: "{% raw %}{{range .Alerts -}}  {{ $severity := index .Labels \"severity\"}}    {{ if eq .Status \"firing\"}}      {{ if eq $severity \"critical\"}}        <font color='red'><b>[FIRING - CRITICAL]</b></font>      {{ else if eq $severity \"warning\"}}        <font color='orange'><b>[FIRING - WARNING]</b></font>      {{ else }}        <b>[FIRING - {{ $severity }}]</b>      {{ end }}    {{ else }}      <font color='green'><b>[RESOLVED]</b></font>    {{ end }}  {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}}   <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
 #          msg_type: "m.text"  # Must be either `m.text` or `m.notice`
 # Default configuration template which covers the generic use case.
 # You can customize it by controlling the various variables inside it.
 #
 # For a more advanced customization, you can extend the default (see `matrix_bot_go_neb_configuration_extension_yaml`)
 # or completely replace this variable with your own template.
 matrix_bot_go_neb_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
 matrix_bot_go_neb_configuration_extension_yaml: |
  # Your custom YAML configuration goes here.
  # This configuration extends the default starting configuration (`matrix_bot_go_neb_configuration_yaml`).
  #
  # You can override individual variables from the default configuration, or introduce new ones.
  #
  # If you need something more special, you can take full control by
  # completely redefining `matrix_bot_go_neb_configuration_yaml`.
 matrix_bot_go_neb_configuration_extension: "{{ matrix_bot_go_neb_configuration_extension_yaml | from_yaml if matrix_bot_go_neb_configuration_extension_yaml | from_yaml is mapping else {} }}"
 # Holds the final configuration (a combination of the default and its extension).
 # You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`.
 matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml | from_yaml | combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}"
 # matrix_bot_go_neb_restart_necessary controls whether the service
 # will be restarted (when true) or merely started (when false) by the
 # systemd service manager role (when conditional restart is enabled).
 #
 # This value is automatically computed during installation based on whether
 # any configuration files, the systemd service file, or the container image changed.
 # The default of `false` means "no restart needed" — appropriate when the role's
 # installation tasks haven't run (e.g., due to --tags skipping them).
 matrix_bot_go_neb_restart_necessary: false
@@ -1,78 +0,0 @@
 # SPDX-FileCopyrightText: 2021 Yannick Goossens
 # SPDX-FileCopyrightText: 2022 - 2024 Slavi Pantaleev
 # SPDX-FileCopyrightText: 2022 Jim Myhrberg
 # SPDX-FileCopyrightText: 2022 Marko Weltzer
 # SPDX-FileCopyrightText: 2022 Nikita Chernyi
 # SPDX-FileCopyrightText: 2022 Sebastian Gumprich
 # SPDX-FileCopyrightText: 2024 David Mehren
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 ---
 - name: Ensure go-neb paths exist
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: directory
    mode: '0750'
    owner: "{{ matrix_user_name }}"
    group: "{{ matrix_group_name }}"
  with_items:
    - {path: "{{ matrix_bot_go_neb_config_path }}", when: true}
    - {path: "{{ matrix_bot_go_neb_data_path }}", when: true}
    - {path: "{{ matrix_bot_go_neb_data_store_path }}", when: true}
  when: "item.when | bool"
 - name: Ensure go-neb config installed
  ansible.builtin.copy:
    content: "{{ matrix_bot_go_neb_configuration | to_nice_yaml(indent=2, width=999999) }}"
    dest: "{{ matrix_bot_go_neb_config_path }}/config.yaml"
    mode: '0644'
    owner: "{{ matrix_user_name }}"
    group: "{{ matrix_group_name }}"
  register: matrix_bot_go_neb_config_result
 - name: Ensure go-neb support files installed
  ansible.builtin.template:
    src: "{{ role_path }}/templates/{{ item }}.j2"
    dest: "{{ matrix_bot_go_neb_base_path }}/{{ item }}"
    mode: '0640'
    owner: "{{ matrix_user_name }}"
    group: "{{ matrix_group_name }}"
  with_items:
    - env
    - labels
  register: matrix_bot_go_neb_support_files_result
 - name: Ensure go-neb container image is pulled
  community.docker.docker_image_pull:
    name: "{{ matrix_bot_go_neb_container_image }}"
    pull: always
  register: matrix_bot_go_neb_container_image_pull_result
  retries: "{{ devture_playbook_help_container_retries_count }}"
  delay: "{{ devture_playbook_help_container_retries_delay }}"
  until: matrix_bot_go_neb_container_image_pull_result is not failed
 - name: Ensure go-neb container network is created
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_bot_go_neb_container_network }}"
    driver: bridge
    driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
 - name: Ensure matrix-bot-go-neb.service installed
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-bot-go-neb.service.j2"
    dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-go-neb.service"
    mode: '0644'
  register: matrix_bot_go_neb_systemd_service_result
 - name: Determine whether go-neb needs a restart
  ansible.builtin.set_fact:
    matrix_bot_go_neb_restart_necessary: >-
      {{
        matrix_bot_go_neb_config_result.changed | default(false)
        or matrix_bot_go_neb_support_files_result.changed | default(false)
        or matrix_bot_go_neb_systemd_service_result.changed | default(false)
        or matrix_bot_go_neb_container_image_pull_result.changed | default(false)
      }}
@@ -1,26 +0,0 @@
 # SPDX-FileCopyrightText: 2021 Yannick Goossens
 # SPDX-FileCopyrightText: 2022 - 2023 Slavi Pantaleev
 # SPDX-FileCopyrightText: 2022 Marko Weltzer
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 ---
 - tags:
    - setup-all
    - setup-bot-go-neb
    - install-all
    - install-bot-go-neb
  block:
    - ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
      when: "run_setup | bool and matrix_bot_go_neb_enabled | bool"
    - ansible.builtin.include_tasks: "{{ role_path }}/tasks/install.yml"
      when: "run_setup | bool and matrix_bot_go_neb_enabled | bool"
 - tags:
    - setup-all
    - setup-bot-go-neb
  block:
    - ansible.builtin.include_tasks: "{{ role_path }}/tasks/uninstall.yml"
      when: "run_setup | bool and not matrix_bot_go_neb_enabled | bool"
@@ -1,32 +0,0 @@
 # SPDX-FileCopyrightText: 2021 - 2023 Slavi Pantaleev
 # SPDX-FileCopyrightText: 2021 Yannick Goossens
 # SPDX-FileCopyrightText: 2022 Marko Weltzer
 # SPDX-FileCopyrightText: 2022 Sebastian Gumprich
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 ---
 - name: Check existence of matrix-go-neb service
  ansible.builtin.stat:
    path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-go-neb.service"
  register: matrix_bot_go_neb_service_stat
 - when: matrix_bot_go_neb_service_stat.stat.exists | bool
  block:
    - name: Ensure matrix-go-neb is stopped
      ansible.builtin.service:
        name: matrix-bot-go-neb
        state: stopped
        enabled: false
        daemon_reload: true
    - name: Ensure matrix-bot-go-neb.service doesn't exist
      ansible.builtin.file:
        path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-go-neb.service"
        state: absent
    - name: Ensure Matrix go-neb paths don't exist
      ansible.builtin.file:
        path: "{{ matrix_bot_go_neb_base_path }}"
        state: absent
@@ -1,26 +0,0 @@
 # SPDX-FileCopyrightText: 2021 Yannick Goossens
 # SPDX-FileCopyrightText: 2022 Slavi Pantaleev
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 ---
 - name: Fail if there's not at least 1 client
  ansible.builtin.fail:
    msg: >-
      You need at least 1 client in the matrix_bot_go_neb_clients block.
  when: matrix_bot_go_neb_clients is not defined or matrix_bot_go_neb_clients[0] is not defined
 - name: Fail if there's not at least 1 service
  ansible.builtin.fail:
    msg: >-
      You need at least 1 service in the matrix_bot_go_neb_services block.
  when: matrix_bot_go_neb_services is not defined or matrix_bot_go_neb_services[0] is not defined
 - name: (Deprecation) Catch and report renamed matrix-bot-go-neb variables
  ansible.builtin.fail:
    msg: >-
      The variable `{{ item.old }}` is deprecated. Please use `{{ item.new }}` instead.
  when: "lookup('ansible.builtin.varnames', ('^' + item.old + '$'), wantlist=True) | length > 0"
  with_items:
    - {'old': 'matrix_bot_go_neb_container_image_force_pull', 'new': '<removed> (the new community.docker.docker_image_pull module handles this natively)'}
@@ -1,44 +0,0 @@
 # Go-NEB Configuration File
 #
 # This file provides an alternative way to configure Go-NEB which does not involve HTTP APIs.
 #
 # This file can be supplied to go-neb by the environment variable `CONFIG_FILE=config.yaml`.
 # It will force Go-NEB to operate in "config" mode. This means:
 #   - Go-NEB will ONLY use the data contained inside this file.
 #   - All of Go-NEB's /admin HTTP listeners will be disabled. You will be unable to add new services at runtime.
 #   - The environment variable `DATABASE_URL` will be ignored and an in-memory database will be used instead.
 #
 # This file is broken down into 4 sections which matches the following HTTP APIs:
 #   - /configureClient
 #   - /configureAuthRealm
 #   - /configureService
 #   - /requestAuthSession (redirects not supported)
 # The list of clients which Go-NEB is aware of.
 # Delete or modify this list as appropriate.
 # See the docs for /configureClient for the full list of options:
 # https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#ClientConfig
 clients:
  {{ matrix_bot_go_neb_clients|to_json }}
 # The list of realms which Go-NEB is aware of.
 # Delete or modify this list as appropriate.
 # See the docs for /configureAuthRealm for the full list of options:
 # https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#ConfigureAuthRealmRequest
 realms:
  {{ matrix_bot_go_neb_realms|to_json }}
 # The list of *authenticated* sessions which Go-NEB is aware of.
 # Delete or modify this list as appropriate.
 # The full list of options are shown below: there is no single HTTP endpoint
 # which maps to this section.
 # https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#Session
 sessions:
  {{ matrix_bot_go_neb_sessions|to_json }}
 # The list of services which Go-NEB is aware of.
 # Delete or modify this list as appropriate.
 # See the docs for /configureService for the full list of options:
 # https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#ConfigureServiceRequest
 services:
  {{ matrix_bot_go_neb_services|to_json }}
@@ -1,4 +0,0 @@
 SPDX-FileCopyrightText: 2021 Yannick Goossens
 SPDX-FileCopyrightText: 2022 Slavi Pantaleev
 SPDX-License-Identifier: AGPL-3.0-or-later
@@ -1,14 +0,0 @@
 {#
 SPDX-FileCopyrightText: 2023 Slavi Pantaleev
 SPDX-License-Identifier: AGPL-3.0-or-later
 #}
 BIND_ADDRESS=:4050
 DATABASE_TYPE={{ matrix_bot_go_neb_database_engine }}
 DATABASE_URL={{ matrix_bot_go_neb_storage_database }}
 BASE_URL={{ matrix_bot_go_neb_base_url }}
 CONFIG_FILE={{ matrix_bot_go_neb_config_path_in_container }}
@@ -1,52 +0,0 @@
 {#
 SPDX-FileCopyrightText: 2023 - 2024 Slavi Pantaleev
 SPDX-License-Identifier: AGPL-3.0-or-later
 #}
 {% if matrix_bot_go_neb_container_labels_traefik_enabled %}
 traefik.enable=true
 {% if matrix_bot_go_neb_container_labels_traefik_docker_network %}
 traefik.docker.network={{ matrix_bot_go_neb_container_labels_traefik_docker_network }}
 {% endif %}
 traefik.http.services.matrix-bot-go-neb.loadbalancer.server.port=4050
 {% set middlewares = [] %}
 {% if matrix_bot_go_neb_container_labels_traefik_path_prefix != '/' %}
 traefik.http.middlewares.matrix-bot-go-neb-slashless-redirect.redirectregex.regex=({{ matrix_bot_go_neb_container_labels_traefik_path_prefix | quote }})$
 traefik.http.middlewares.matrix-bot-go-neb-slashless-redirect.redirectregex.replacement=${1}/
 {% set middlewares = middlewares + ['matrix-bot-go-neb-slashless-redirect'] %}
 {% endif %}
 {% if matrix_bot_go_neb_container_labels_traefik_path_prefix != '/' %}
 traefik.http.middlewares.matrix-bot-go-neb-strip-prefix.stripprefix.prefixes={{ matrix_bot_go_neb_container_labels_traefik_path_prefix }}
 {% set middlewares = middlewares + ['matrix-bot-go-neb-strip-prefix'] %}
 {% endif %}
 {% if matrix_bot_go_neb_container_labels_traefik_additional_response_headers.keys() | length > 0 %}
 {% for name, value in matrix_bot_go_neb_container_labels_traefik_additional_response_headers.items() %}
 traefik.http.middlewares.matrix-bot-go-neb-add-headers.headers.customresponseheaders.{{ name }}={{ value }}
 {% endfor %}
 {% set middlewares = middlewares + ['matrix-bot-go-neb-add-headers'] %}
 {% endif %}
 traefik.http.routers.matrix-bot-go-neb.rule={{ matrix_bot_go_neb_container_labels_traefik_rule }}
 {% if matrix_bot_go_neb_container_labels_traefik_priority | int > 0 %}
 traefik.http.routers.matrix-bot-go-neb.priority={{ matrix_bot_go_neb_container_labels_traefik_priority }}
 {% endif %}
 traefik.http.routers.matrix-bot-go-neb.service=matrix-bot-go-neb
 {% if middlewares | length > 0 %}
 traefik.http.routers.matrix-bot-go-neb.middlewares={{ middlewares | join(',') }}
 {% endif %}
 traefik.http.routers.matrix-bot-go-neb.entrypoints={{ matrix_bot_go_neb_container_labels_traefik_entrypoints }}
 traefik.http.routers.matrix-bot-go-neb.tls={{ matrix_bot_go_neb_container_labels_traefik_tls | to_json }}
 {% if matrix_bot_go_neb_container_labels_traefik_tls %}
 traefik.http.routers.matrix-bot-go-neb.tls.certResolver={{ matrix_bot_go_neb_container_labels_traefik_tls_certResolver }}
 {% endif %}
 {% endif %}
 {{ matrix_bot_go_neb_container_labels_additional_labels }}
@@ -1,55 +0,0 @@
 #jinja2: lstrip_blocks: True
 [Unit]
 Description=Matrix Go-NEB bot
 {% for service in matrix_bot_go_neb_systemd_required_services_list %}
 Requires={{ service }}
 After={{ service }}
 {% endfor %}
 {% for service in matrix_bot_go_neb_systemd_wanted_services_list %}
 Wants={{ service }}
 {% endfor %}
 DefaultDependencies=no
 [Service]
 Type=simple
 Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
 ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-bot-go-neb 2>/dev/null || true'
 ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true'
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			--rm \
 			--name=matrix-bot-go-neb \
 			--log-driver=none \
 			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
 			--cap-drop=ALL \
 			--read-only \
 			--network={{ matrix_bot_go_neb_container_network }} \
 			{% if matrix_bot_go_neb_container_http_host_bind_port %}
 			-p {{ matrix_bot_go_neb_container_http_host_bind_port }}:4050 \
 			{% endif %}
 			--env-file={{ matrix_bot_go_neb_base_path }}/env \
 			--label-file={{ matrix_bot_go_neb_base_path }}/labels \
 			--mount type=bind,src={{ matrix_bot_go_neb_config_path }},dst=/config,ro \
 			--mount type=bind,src={{ matrix_bot_go_neb_data_path }},dst=/data \
 			--entrypoint=/bin/sh \
 			{% for arg in matrix_bot_go_neb_container_extra_arguments %}
 			{{ arg }} \
 			{% endfor %}
 			{{ matrix_bot_go_neb_container_image }} \
 			-c "go-neb /config/config.yaml"
 {% for network in matrix_bot_go_neb_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-go-neb
 {% endfor %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-go-neb
 ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-bot-go-neb 2>/dev/null || true'
 ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true'
 Restart=always
 RestartSec=30
 SyslogIdentifier=matrix-bot-go-neb
 [Install]
 WantedBy=multi-user.target
@@ -1,4 +0,0 @@
 SPDX-FileCopyrightText: 2021 Yannick Goossens
 SPDX-FileCopyrightText: 2022 - 2025 Slavi Pantaleev
 SPDX-License-Identifier: AGPL-3.0-or-later
@@ -94,6 +94,7 @@
  register: matrix_bot_honoroit_container_image_build_result
 - name: Ensure Honoroit container network is created
  when: matrix_bot_honoroit_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_bot_honoroit_container_network }}"
@@ -32,9 +32,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{% endfor %}
 			{{ matrix_bot_honoroit_container_image }}
 {% if matrix_bot_honoroit_container_network != 'host' %}
 {% for network in matrix_bot_honoroit_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-honoroit
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-honoroit
@@ -62,6 +62,7 @@
      register: matrix_bot_matrix_registration_bot_container_image_build_result
 - name: Ensure matrix-registration-bot container network is created
  when: matrix_bot_matrix_registration_bot_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_bot_matrix_registration_bot_container_network }}"
@@ -29,9 +29,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			--network={{ matrix_bot_matrix_registration_bot_container_network }} \
 			{{ matrix_bot_matrix_registration_bot_container_image }}
 {% if matrix_bot_matrix_registration_bot_container_network != 'host' %}
 {% for network in matrix_bot_matrix_registration_bot_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-matrix-registration-bot
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-matrix-registration-bot
@@ -93,6 +93,7 @@
  register: matrix_bot_matrix_reminder_bot_config_result
 - name: Ensure matrix-reminder-bot container network is created
  when: matrix_bot_matrix_reminder_bot_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_bot_matrix_reminder_bot_container_network }}"
@@ -34,9 +34,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_bot_matrix_reminder_bot_container_image }} \
 			-c "matrix-reminder-bot /config/config.yaml"
 {% if matrix_bot_matrix_reminder_bot_container_network != 'host' %}
 {% for network in matrix_bot_matrix_reminder_bot_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-matrix-reminder-bot
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-matrix-reminder-bot
@@ -98,6 +98,7 @@
  register: matrix_bot_maubot_support_files_result
 - name: Ensure maubot container network is created
  when: matrix_bot_maubot_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_bot_maubot_container_network }}"
@@ -41,9 +41,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_bot_maubot_container_image_final }} \
 			python3 -m maubot -c /config/config.yaml --no-update
 {% if matrix_bot_maubot_container_network != 'host' %}
 {% for network in matrix_bot_maubot_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-maubot
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-maubot
@@ -68,6 +68,7 @@
  register: matrix_bot_mjolnir_config_result
 - name: Ensure matrix-bot-mjolnir container network is created
  when: matrix_bot_mjolnir_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_bot_mjolnir_container_network }}"
@@ -32,9 +32,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_bot_mjolnir_container_image }} \
 			bot --mjolnir-config /data/config/production.yaml
 {% if matrix_bot_mjolnir_container_network != 'host' %}
 {% for network in matrix_bot_mjolnir_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-mjolnir
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-mjolnir
@@ -118,6 +118,7 @@
  changed_when: false
 - name: Ensure matrix-appservice-discord container network is created
  when: matrix_appservice_discord_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_appservice_discord_container_network }}"
@@ -34,9 +34,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_appservice_discord_container_image }} \
 			node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml
 {% if matrix_appservice_discord_container_network != 'host' %}
 {% for network in matrix_appservice_discord_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-appservice-discord
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-appservice-discord
@@ -245,6 +245,7 @@
  register: matrix_appservice_irc_registration_result
 - name: Ensure matrix-appservice-irc container network is created
  when: matrix_appservice_irc_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_appservice_irc_container_network }}"
@@ -39,9 +39,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_appservice_irc_container_image }} \
 			-c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999'
 {% if matrix_appservice_irc_container_network != 'host' %}
 {% for network in matrix_appservice_irc_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-appservice-irc
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-appservice-irc
@@ -99,6 +99,7 @@
  register: matrix_appservice_kakaotalk_registration_result
 - name: Ensure matrix-appservice-kakaotalk container network is created
  when: matrix_appservice_kakaotalk_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_appservice_kakaotalk_container_network }}"
@@ -30,9 +30,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_appservice_kakaotalk_node_container_image }} \
 			node src/main.js --config /config.json
 {% if matrix_appservice_kakaotalk_container_network != 'host' %}
 {% for network in matrix_appservice_kakaotalk_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-appservice-kakaotalk-node
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-appservice-kakaotalk-node
@@ -31,9 +31,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_appservice_kakaotalk_container_image }} \
 			python3 -m matrix_appservice_kakaotalk -c /config/config.yaml --no-update
-{% for network in matrix_appservice_discord_container_additional_networks %}
+{% if matrix_appservice_kakaotalk_container_network != 'host' %}
 {% for network in matrix_appservice_kakaotalk_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-appservice-kakaotalk
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-appservice-kakaotalk
@@ -92,6 +92,7 @@
      register: matrix_beeper_linkedin_container_image_build_result
 - name: Ensure beeper-linkedin container network is created
  when: matrix_beeper_linkedin_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_beeper_linkedin_container_network }}"
@@ -31,9 +31,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_beeper_linkedin_container_image }} \
 			python3 -m linkedin_matrix -c /config/config.yaml -r /config/registration.yaml --no-update
 {% if matrix_beeper_linkedin_container_network != 'host' %}
 {% for network in matrix_beeper_linkedin_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-beeper-linkedin
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-beeper-linkedin
@@ -50,6 +50,7 @@
  register: matrix_heisenbridge_support_files_result
 - name: Ensure Heisenbridge container network is created
  when: matrix_heisenbridge_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_heisenbridge_container_network }}"
@@ -44,9 +44,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			--listen-port 9898 \
 			{{ matrix_heisenbridge_homeserver_url }}
 {% if matrix_heisenbridge_container_network != 'host' %}
 {% for network in matrix_heisenbridge_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-heisenbridge
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-heisenbridge
@@ -133,6 +133,7 @@
  register: matrix_hookshot_github_key_result
 - name: Ensure matrix-hookshot container network is created
  when: matrix_hookshot_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_hookshot_container_network }}"
@@ -30,9 +30,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create --rm -
          {% endfor %}
          {{ matrix_hookshot_container_image }}
 {% if matrix_hookshot_container_network != 'host' %}
 {% for network in matrix_hookshot_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} {{ matrix_hookshot_identifier }}
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach {{ matrix_hookshot_identifier }}
@@ -82,6 +82,7 @@
  register: matrix_mautrix_bluesky_support_files_result
 - name: Ensure matrix-mautrix-bluesky container network is created
  when: matrix_mautrix_bluesky_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_mautrix_bluesky_container_network }}"
@@ -32,9 +32,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_mautrix_bluesky_container_image }} \
 			/usr/bin/mautrix-bluesky -c /config/config.yaml -r /config/registration.yaml --no-update
 {% if matrix_mautrix_bluesky_container_network != 'host' %}
 {% for network in matrix_mautrix_bluesky_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-mautrix-bluesky
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-mautrix-bluesky
@@ -110,6 +110,7 @@
  register: matrix_mautrix_discord_support_files_result
 - name: Ensure mautrix-discord container network is created
  when: matrix_mautrix_discord_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_mautrix_discord_container_network }}"
@@ -33,9 +33,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_mautrix_discord_container_image }} \
 			/usr/bin/mautrix-discord -c /config/config.yaml -r /config/registration.yaml --no-update
 {% if matrix_mautrix_discord_container_network != 'host' %}
 {% for network in matrix_mautrix_discord_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-mautrix-discord
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-mautrix-discord
@@ -150,6 +150,7 @@
  register: matrix_mautrix_gmessages_support_files_result
 - name: Ensure matrix-mautrix-gmessages container network is created
  when: matrix_mautrix_gmessages_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_mautrix_gmessages_container_network }}"
@@ -33,9 +33,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_mautrix_gmessages_container_image }} \
 			/usr/bin/mautrix-gmessages -c /config/config.yaml -r /config/registration.yaml --no-update
 {% if matrix_mautrix_gmessages_container_network != 'host' %}
 {% for network in matrix_mautrix_gmessages_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-mautrix-gmessages
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-mautrix-gmessages
@@ -133,6 +133,7 @@
  register: matrix_mautrix_googlechat_support_files_result
 - name: Ensure matrix-mautrix-googlechat container network is created
  when: matrix_mautrix_googlechat_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_mautrix_googlechat_container_network }}"
@@ -35,9 +35,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_mautrix_googlechat_container_image }} \
 			python3 -m mautrix_googlechat -c /config/config.yaml --no-update
 {% if matrix_mautrix_googlechat_container_network != 'host' %}
 {% for network in matrix_mautrix_googlechat_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-mautrix-googlechat
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-mautrix-googlechat
@@ -20,7 +20,7 @@ matrix_mautrix_meta_instagram_enabled: true
 matrix_mautrix_meta_instagram_identifier: matrix-mautrix-meta-instagram
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
-matrix_mautrix_meta_instagram_version: v0.2605.0
+matrix_mautrix_meta_instagram_version: v0.2606.0
 matrix_mautrix_meta_instagram_base_path: "{{ matrix_base_data_path }}/mautrix-meta-instagram"
 matrix_mautrix_meta_instagram_config_path: "{{ matrix_mautrix_meta_instagram_base_path }}/config"
@@ -107,6 +107,7 @@
  register: matrix_mautrix_meta_instagram_support_files_result
 - name: Ensure mautrix-meta-instagram container network is created
  when: matrix_mautrix_meta_instagram_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_mautrix_meta_instagram_container_network }}"
@@ -35,9 +35,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_mautrix_meta_instagram_container_image }} \
 			/usr/bin/mautrix-meta -c /config/config.yaml -r /config/registration.yaml --no-update
 {% if matrix_mautrix_meta_instagram_container_network != 'host' %}
 {% for network in matrix_mautrix_meta_instagram_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} {{ matrix_mautrix_meta_instagram_identifier }}
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach {{ matrix_mautrix_meta_instagram_identifier }}
@@ -20,7 +20,7 @@ matrix_mautrix_meta_messenger_enabled: true
 matrix_mautrix_meta_messenger_identifier: matrix-mautrix-meta-messenger
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
-matrix_mautrix_meta_messenger_version: v0.2605.0
+matrix_mautrix_meta_messenger_version: v0.2606.0
 matrix_mautrix_meta_messenger_base_path: "{{ matrix_base_data_path }}/mautrix-meta-messenger"
 matrix_mautrix_meta_messenger_config_path: "{{ matrix_mautrix_meta_messenger_base_path }}/config"
@@ -107,6 +107,7 @@
  register: matrix_mautrix_meta_messenger_support_files_result
 - name: Ensure mautrix-meta-messenger container network is created
  when: matrix_mautrix_meta_messenger_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_mautrix_meta_messenger_container_network }}"
@@ -35,9 +35,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_mautrix_meta_messenger_container_image }} \
 			/usr/bin/mautrix-meta -c /config/config.yaml -r /config/registration.yaml --no-update
 {% if matrix_mautrix_meta_messenger_container_network != 'host' %}
 {% for network in matrix_mautrix_meta_messenger_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} {{ matrix_mautrix_meta_messenger_identifier }}
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach {{ matrix_mautrix_meta_messenger_identifier }}
@@ -25,7 +25,7 @@ matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/
 matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}"
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/signal
-matrix_mautrix_signal_version: v26.02.2
+matrix_mautrix_signal_version: v0.2606.0
 # See: https://mau.dev/mautrix/signal/container_registry
 matrix_mautrix_signal_container_image: "{{ matrix_mautrix_signal_container_image_registry_prefix }}mautrix/signal:{{ matrix_mautrix_signal_container_image_tag }}"
@@ -148,6 +148,7 @@
  register: matrix_mautrix_signal_support_files_result
 - name: Ensure matrix-mautrix-signal container network is created
  when: matrix_mautrix_signal_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_mautrix_signal_container_network }}"
@@ -33,9 +33,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_mautrix_signal_container_image }} \
 			/usr/bin/mautrix-signal -c /config/config.yaml -r /config/registration.yaml --no-update
 {% if matrix_mautrix_signal_container_network != 'host' %}
 {% for network in matrix_mautrix_signal_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-mautrix-signal
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-mautrix-signal
@@ -17,7 +17,7 @@ matrix_mautrix_slack_container_image_self_build_repo: "https://mau.dev/mautrix/s
 matrix_mautrix_slack_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_slack_version == 'latest' else matrix_mautrix_slack_version }}"
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/slack
-matrix_mautrix_slack_version: v0.2605.0
+matrix_mautrix_slack_version: v0.2606.0
 # See: https://mau.dev/mautrix/slack/container_registry
 matrix_mautrix_slack_container_image: "{{ matrix_mautrix_slack_container_image_registry_prefix }}mautrix/slack:{{ matrix_mautrix_slack_version }}"
 matrix_mautrix_slack_container_image_registry_prefix: "{{ 'localhost/' if matrix_mautrix_slack_container_image_self_build else matrix_mautrix_slack_container_image_registry_prefix_upstream }}"
@@ -98,6 +98,7 @@
  register: matrix_mautrix_slack_registration_result
 - name: Ensure matrix-mautrix-slack container network is created
  when: matrix_mautrix_slack_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_mautrix_slack_container_network }}"
@@ -32,9 +32,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_mautrix_slack_container_image }} \
 			/usr/bin/mautrix-slack -c /config/config.yaml -r /config/registration.yaml --no-update
 {% if matrix_mautrix_slack_container_network != 'host' %}
 {% for network in matrix_mautrix_slack_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-mautrix-slack
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-mautrix-slack
@@ -26,7 +26,7 @@ matrix_mautrix_telegram_container_image_self_build_repo: "https://mau.dev/mautri
 matrix_mautrix_telegram_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_telegram_version == 'latest' else matrix_mautrix_telegram_version }}"
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/telegram
-matrix_mautrix_telegram_version: v0.2605.0
+matrix_mautrix_telegram_version: v0.2606.0
 # See: https://mau.dev/mautrix/telegram/container_registry
 matrix_mautrix_telegram_container_image: "{{ matrix_mautrix_telegram_container_image_registry_prefix }}mautrix/telegram:{{ matrix_mautrix_telegram_version }}"
@@ -154,6 +154,7 @@
  register: matrix_mautrix_telegram_support_files_result
 - name: Ensure matrix-mautrix-telegram container network is created
  when: matrix_mautrix_telegram_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_mautrix_telegram_container_network }}"
@@ -2,7 +2,7 @@
 # Network-specific config options
 network:
    # Get your own API keys at https://my.telegram.org/apps
-    api_id: {{ matrix_mautrix_telegram_api_id | to_json }}
+    api_id: {{ matrix_mautrix_telegram_api_id | int | to_json }}
    api_hash: {{ matrix_mautrix_telegram_api_hash | to_json }}
    # Device info shown in the Telegram device list.
@@ -33,9 +33,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_mautrix_telegram_container_image }} \
 			/usr/bin/mautrix-telegram -c /config/config.yaml -r /config/registration.yaml --no-update
 {% if matrix_mautrix_telegram_container_network != 'host' %}
 {% for network in matrix_mautrix_telegram_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-mautrix-telegram
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-mautrix-telegram
@@ -22,7 +22,7 @@ matrix_mautrix_twitter_container_image_self_build_repo: "https://github.com/maut
 matrix_mautrix_twitter_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_twitter_version == 'latest' else matrix_mautrix_twitter_version }}"
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/twitter
-matrix_mautrix_twitter_version: v0.2604.0
+matrix_mautrix_twitter_version: v0.2606.0
 # See: https://mau.dev/tulir/mautrix-twitter/container_registry
 matrix_mautrix_twitter_container_image: "{{ matrix_mautrix_twitter_container_image_registry_prefix }}mautrix/twitter:{{ matrix_mautrix_twitter_version }}"
 matrix_mautrix_twitter_container_image_registry_prefix: "{{ 'localhost/' if matrix_mautrix_twitter_container_image_self_build else matrix_mautrix_twitter_container_image_registry_prefix_upstream }}"
@@ -88,6 +88,7 @@
  register: matrix_mautrix_twitter_support_files_result
 - name: Ensure matrix-mautrix-twitter container network is created
  when: matrix_mautrix_twitter_container_network != 'host'
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_mautrix_twitter_container_network }}"
@@ -32,9 +32,11 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{{ matrix_mautrix_twitter_container_image }} \
 			/usr/bin/mautrix-twitter -c /config/config.yaml -r /config/registration.yaml --no-update
 {% if matrix_mautrix_twitter_container_network != 'host' %}
 {% for network in matrix_mautrix_twitter_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-mautrix-twitter
 {% endfor %}
 {% endif %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-mautrix-twitter
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
renovate[bot]	e0f37e3912	Update forgejo.ellis.link/continuwuation/continuwuity Docker tag to v0.5.10	2026-06-20 21:15:40 +03:00
Aine	4ff28586f4	Ketesa v1.3.0 <https://github.com/etkecc/ketesa/releases/tag/v1.3.0 >	2026-06-19 19:56:25 +01:00
Catalan Lover	19bcdc78fd	Gate Continuwuity ReCAPTCHA config on both keys being configured Continuwuity has no native enable-captcha toggle; it enables the ReCAPTCHA registration flow based on the presence of a private site key. The playbook previously always rendered empty `recaptcha_site_key`/`recaptcha_private_site_key` values, which made Continuwuity enable a broken captcha flow and break registration in some clients. The keys are now only rendered when both are configured, gated by a derived `matrix_continuwuity_recaptcha_enabled` flag in the role's `vars/main.yml`. A consistency check fails the play when exactly one of the two keys is set. Fixes #5329 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-19 06:24:06 +03:00
renovate[bot]	914dd3ed62	Update actions/checkout action to v7	2026-06-19 05:51:12 +03:00
renovate[bot]	3250de7842	Update dependency sable to v1.18.3-0	2026-06-18 10:10:27 +03:00
renovate[bot]	af4d379573	Update dependency certifi to v2026.6.17	2026-06-18 09:58:58 +03:00
renovate[bot]	12e63739b9	Update ghcr.io/element-hq/matrix-authentication-service Docker tag to v1.19.0	2026-06-18 09:58:41 +03:00
renovate[bot]	6b76368a9c	Update nginx Docker tag to v1.31.2	2026-06-18 09:56:48 +03:00
renovate[bot]	b87fcc4674	Update ghcr.io/etkecc/buscarron Docker tag to v1.5.0	2026-06-18 09:56:34 +03:00
renovate[bot]	00e5aed0eb	Update dependency sable to v1.18.2-0	2026-06-17 21:09:47 +03:00
renovate[bot]	6926a04e07	Update docker.io/metio/matrix-alertmanager-receiver Docker tag to v2026.6.17	2026-06-17 21:09:15 +03:00
renovate[bot]	50408d699f	Update dock.mau.dev/mautrix/meta Docker tag to v0.2606.0	2026-06-17 06:20:14 +03:00
renovate[bot]	4bf6093a5d	Update ghcr.io/element-hq/synapse Docker tag to v1.155.0	2026-06-17 06:20:05 +03:00
renovate[bot]	f0fb23dfa9	Update dock.mau.dev/mautrix/signal Docker tag to v0.2606.0	2026-06-17 06:18:38 +03:00
renovate[bot]	8e41f04368	Update dock.mau.dev/mautrix/slack Docker tag to v0.2606.0	2026-06-17 06:18:29 +03:00
renovate[bot]	b863de00e8	Update dock.mau.dev/mautrix/telegram Docker tag to v0.2606.0	2026-06-17 06:18:21 +03:00
renovate[bot]	4f5904db0a	Update dock.mau.dev/mautrix/whatsapp Docker tag to v0.2606.0	2026-06-17 06:18:13 +03:00
renovate[bot]	802f687513	Update dock.mau.dev/mautrix/twitter Docker tag to v0.2606.0	2026-06-17 06:18:02 +03:00
renovate[bot]	b7b5dbf9c7	Update dependency traefik_certs_dumper to v2.11.4-0	2026-06-16 12:34:02 +03:00
renovate[bot]	a79b8034e6	Update dependency prek to v0.4.5	2026-06-15 17:36:58 +03:00
renovate[bot]	9acdc445a8	Update dependency sable to v1.18.1-0	2026-06-15 09:22:05 +03:00
Slavi Pantaleev	731804ba32	Update LiveKit Server (v1.12.0-0 → v1.13.1-0) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-15 08:50:34 +03:00
renovate[bot]	b7969138dd	Update dependency sable to v1.18.0-0	2026-06-14 12:31:50 +03:00
Slavi Pantaleev	ec6e006b42	Update Prometheus (v3.12.0-0 → v3.12.0-1) Adds validation that catches old-style prometheus_process_extra_arguments overrides which lose the --config.file default. See https://github.com/mother-of-all-self-hosting/ansible-role-prometheus/issues/35 Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>	2026-06-12 08:47:26 +03:00
Bart van der Braak	36f3d4c4a5	Fix Dockerfile path when self building Element Web container image	2026-06-11 14:21:09 +03:00
renovate[bot]	fda7664a40	Update dependency traefik to v3.7.5-0	2026-06-11 09:06:38 +03:00
renovate[bot]	9d143f8865	Update joseluisq/static-web-server Docker tag to v2.43.0	2026-06-11 09:03:57 +03:00
Slavi Pantaleev	67663be7a9	Restrict Renovate to the v0 tag scheme for mautrix images Prevents Renovate from proposing "major" updates to the registry-only calver tags (vYY.MM[.PATCH]), which break further updates and self-building. See the previous commit for details. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>	2026-06-10 23:59:09 +03:00
Slavi Pantaleev	45c3b751d9	Switch mautrix-signal back to the v0 versioning scheme (v0.2605.0) mautrix publishes each release under two tag schemes: v0.YYMM.PATCH (also used for git tags, due to Go's module path requirements for major versions >= 2) and a calver vYY.MM[.PATCH] scheme that exists only on the Docker registry. We switched mautrix-signal to the calver scheme in `3564155a7`, which left it silently stuck at v26.02.2: the calver tags have an inconsistent number of components (v26.02.2 vs v26.05), and Renovate's docker versioning only offers updates between tags with the same number of dot-separated parts. It also broke self-building, which uses the version as a git ref, and calver tags do not exist in git. Going back to the v0 scheme (used by all other mautrix bridges) fixes both problems and upgrades signal from the February release to the current May one. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>	2026-06-10 23:58:30 +03:00
Slavi Pantaleev	ce8beb5e9d	Fix matrix-appservice-kakaotalk referencing appservice-discord network variables The additional-networks connect loop in the kakaotalk systemd unit template iterated over matrix_appservice_discord_container_additional_networks, a copy-paste leftover from the discord bridge role. The host-network guard added in #5310 mirrored the same wrong variable. This means the kakaotalk container was being connected to the networks computed for the discord bridge instead of its own, potentially leaving it without access to its homeserver/database networks depending on the discord bridge's configuration. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>	2026-06-10 23:50:11 +03:00
Kevin Veen-Birkenbach	bd6e08a93e	Allow host network mode for MDAD-managed containers (#5310 ) * feat: support container_network=host across all roles + systemd templates Mirror the pattern Slavi introduced for matrix-coturn (`aafa8f0`) across the fork: every 'Ensure X container network is created' task gets a 'when: <var> not in ["", "host"]' guard so MDAD does not try to docker_network create a network literally named 'host' (returns 403, since host is a pre-defined Docker network). Mirror the same guard in every systemd unit template that does 'ExecStartPre=docker network connect <addnet> <container>' loops over matrix_<role>_container_additional_networks: skip the connects when the container is on host networking (where additional --network attaches are invalid). Unblocks DiD setups where MDAD-managed containers share their host's network namespace (matrix-mdad outer compose service joined to central postgres/openldap networks) to reach external services on the outer Docker daemon. * Simplify container network guards (!= 'host') and fix duplicate when Guarding on the empty string ('') as well was misleading: systemd unit templates still render an unconditional --network= flag, so an empty network value produces a broken docker create command. Only 'host' is actually supported, so only guard on that. This also matches the existing convention in the Traefik role (when: traefik_container_network != 'host'). Also fix a duplicate when key in the meshtastic-relay role, where the network-creation task already had a when condition - the two are now combined into a list. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> --------- Co-authored-by: Slavi Pantaleev <slavi@devture.com> Co-authored-by: Claude Fable 5 <noreply@anthropic.com>	2026-06-10 23:48:03 +03:00
renovate[bot]	550fc03d60	Update docker.io/metio/matrix-alertmanager-receiver Docker tag to v2026.6.10	2026-06-10 16:42:25 +03:00
renovate[bot]	e1db9c7876	Update ghcr.io/element-hq/element-web Docker tag to v1.12.21	2026-06-10 09:18:37 +03:00
renovate[bot]	906de0a1a4	Update dependency jitsi to v11031	2026-06-09 08:12:34 +03:00
renovate[bot]	9342507f8a	Update ghcr.io/element-hq/element-call Docker tag to v0.20.1	2026-06-08 14:53:02 +03:00
renovate[bot]	4fd6183273	Update jeremiah-k/mmrelay Docker tag to v1.3.8	2026-06-07 23:43:04 +03:00
renovate[bot]	0ce46bae94	Update dependency traefik to v3.7.4-0	2026-06-06 08:09:03 +03:00
renovate[bot]	af37ca09cc	Update ghcr.io/matrix-construct/tuwunel Docker tag to v1.7.1	2026-06-06 07:16:06 +03:00
renovate[bot]	28165b5892	Update ghcr.io/etkecc/baibot Docker tag to v1.21.1	2026-06-05 13:16:27 +03:00
renovate[bot]	700976c47c	Update dependency ntfy to v2.24.0-0	2026-06-05 12:56:39 +03:00
renovate[bot]	66eabbb0ea	Update dependency traefik to v3.7.3-0	2026-06-05 12:56:21 +03:00
Suguru Hirahara	61a29cf718	Update links to the Sable repository Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>	2026-06-04 23:57:39 -04:00
renovate[bot]	47a4037ea2	Update ghcr.io/element-hq/synapse Docker tag to v1.154.0	2026-06-04 22:12:03 +03:00
renovate[bot]	93ec9095d5	Update ghcr.io/element-hq/matrix-authentication-service Docker tag to v1.18.0	2026-06-04 18:50:49 +03:00
renovate[bot]	92b7fed717	Update dependency prek to v0.4.4	2026-06-04 13:00:46 +03:00
Slavi Pantaleev	a7be5a2088	Fix self-build git ref for LiveKit JWT Service matrix_livekit_jwt_service_container_repo_version interpolated livekit_server_version (the LiveKit Server role's version) instead of this role's own matrix_livekit_jwt_service_version, so self-builds checked out the wrong git tag. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-04 10:17:07 +03:00
Slavi Pantaleev	738bff7a00	Upgrade LiveKit JWT Service (lk-jwt-service) to v0.5.0 v0.5.0 makes LIVEKIT_FULL_ACCESS_HOMESERVERS a required setting and drops the implicit `*` wildcard default upstream. Split the full-access-homeservers list into _default/_auto/_custom parts (following the convention used for other variables in this role), with a sane _default of the homeserver's own domain. This also lets group_vars/matrix_servers drop its now-redundant override. Add a validate_config.yml check requiring the setting to be defined. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-04 10:08:26 +03:00
renovate[bot]	6b36fd5a03	Update docker.io/metio/matrix-alertmanager-receiver Docker tag to v2026.6.3	2026-06-04 07:10:26 +03:00
renovate[bot]	a9faa9e306	Update astral-sh/setup-uv action to v8.2.0	2026-06-04 07:10:05 +03:00
renovate[bot]	9634cc3f79	Update dependency snowballstemmer to v3.1.1	2026-06-03 07:41:47 +03:00
renovate[bot]	551c802122	Update ghcr.io/etkecc/baibot Docker tag to v1.20.0	2026-06-03 00:06:29 +03:00
renovate[bot]	3c7e67c7fc	Update dependency idna to v3.18	2026-06-02 23:52:17 +03:00
c-bg	612fac5bce	fixed typo in link to chapter	2026-06-01 20:00:22 +03:00
renovate[bot]	f3151efa08	Update dock.mau.dev/mautrix/meta Docker tag to v0.2605.1	2026-05-30 08:34:21 +03:00
Norman Ziegner	971c5b954c	Add Synapse support for MSC4429 Introduces the `matrix_synapse_experimental_features_msc4429_enabled` variable (disabled by default), allowing Synapse to notify clients using the legacy /sync endpoint of profile changes for other users. See <https://github.com/matrix-org/matrix-spec-proposals/pull/4429> Signed-off-by: Norman Ziegner <n.ziegner@hzdr.de>	2026-05-29 13:41:11 +03:00
renovate[bot]	079169809f	Update dependency prometheus to v3.12.0-0	2026-05-29 08:55:36 +03:00
renovate[bot]	60eb52d791	Update dependency idna to v3.17	2026-05-29 08:33:43 +03:00
renovate[bot]	ee0e74f1cf	Update dependency docutils to v0.23	2026-05-28 07:30:58 +03:00
renovate[bot]	f92c5fee18	Update ghcr.io/element-hq/element-web Docker tag to v1.12.20	2026-05-28 07:28:24 +03:00
renovate[bot]	a5ebb77eeb	Update ghcr.io/element-hq/element-web Docker tag to v1.12.19	2026-05-27 15:22:04 +03:00
renovate[bot]	27826e69ca	Update ghcr.io/etkecc/baibot Docker tag to v1.19.3	2026-05-27 10:37:41 +03:00
renovate[bot]	5125cb219c	Update ghcr.io/jasonlaguidice/matrix-steam-bridge Docker tag to v1.2.0	2026-05-27 10:18:39 +03:00
renovate[bot]	8afcb2ee2c	Update dependency prek to v0.4.3	2026-05-27 10:18:29 +03:00
renovate[bot]	c93bdba01c	Update ghcr.io/element-hq/element-call Docker tag to v0.20.0	2026-05-26 15:14:05 +03:00
renovate[bot]	123d1f4399	Update dependency prek to v0.4.2	2026-05-26 15:13:46 +03:00
renovate[bot]	c124322b12	Update dependency snowballstemmer to v3.1.0	2026-05-25 00:45:15 +03:00
renovate[bot]	7af6d13b61	Update dependency cinny to v4.12.2-0	2026-05-24 15:45:41 +03:00
Suguru Hirahara	192c722a4c	Update CHANGELOG.md Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>	2026-05-23 21:24:46 +03:00
Suguru Hirahara	1df14f5177	Update validate_config.yml Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>	2026-05-23 21:24:46 +03:00
Suguru Hirahara	554ad4ec67	Update docs Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>	2026-05-23 21:24:46 +03:00
Suguru Hirahara	5085313a3b	Remove mentions to matrix-ldap-registration-proxy Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>	2026-05-23 21:24:46 +03:00
Suguru Hirahara	d2070bd6d8	Remove roles/custom/matrix-ldap-registration-proxy Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>	2026-05-23 21:24:46 +03:00
github-actions[bot]	d923e46b27	Automatic translations update	2026-05-23 08:52:32 +03:00
Suguru Hirahara	73f6ba7569	Remove Go-NEB Reuse https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/096b85bd966931c6ddca8196829c4b99f2fb664f/docs/configuring-playbook-email2matrix.md Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>	2026-05-23 08:22:12 +03:00
renovate[bot]	b5e1fb8e30	Update nginx Docker tag to v1.31.1	2026-05-23 08:20:02 +03:00
Slavi Pantaleev	05ac6d7a3b	Make sure network.api_id is provided as an integer to mautrix-telegram Otherwise "login phone" results in: "Failed to submit input: send code: rpc error code 400: API_ID_INVALID"	2026-05-22 22:55:15 +03:00
renovate[bot]	45fad3bd64	Update dependency sable to v1.17.0-0	2026-05-22 12:38:56 +03:00
renovate[bot]	94f3291a6c	Update dependency click to v8.4.1	2026-05-22 09:30:57 +03:00
renovate[bot]	29ca637f81	Update dependency idna to v3.16	2026-05-22 08:18:50 +03:00
github-actions[bot]	797f155f52	Automatic translations update	2026-05-21 22:56:41 +03:00