mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2026-07-02 21:42:21 +03:00
Compare commits
8 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| f16c8dfcbf | |||
| eb393b4eb8 | |||
| 92c204394a | |||
| a1015b6df2 | |||
| 2a581cce62 | |||
| c21a80d232 | |||
| baa740fcda | |||
| 66d66f67f8 |
@@ -1,5 +1,29 @@
|
||||
# 2026-02-08
|
||||
|
||||
## Zulip bridge has been removed from the playbook
|
||||
|
||||
Zulip bridge has been removed from the playbook, as it doesn't work, and the maintainer seems to have abandoned it. See [this issue](https://github.com/GearKite/MatrixZulipBridge/issues/23) for more context.
|
||||
|
||||
## Switched to faster secret derivation for service passwords
|
||||
|
||||
We've switched the method used for deriving service passwords (database passwords, appservice tokens, etc.) from the `matrix_homeserver_generic_secret_key` variable.
|
||||
|
||||
The old method used `password_hash('sha512', rounds=655555)` (655,555 rounds of SHA-512 hashing), which was designed for protecting low-entropy human passwords against brute-force attacks. For deriving secrets from an already high-entropy secret key, this many rounds provide no additional security - the secret key's entropy is what protects the derived passwords, not the computational cost of hashing.
|
||||
|
||||
The new method uses a single-round `hash('sha512')` with a unique salt per service. This is equally secure for this use case (SHA-512 remains preimage-resistant; brute-forcing a high-entropy key is infeasible regardless of rounds), while being dramatically faster.
|
||||
|
||||
On a fast mini PC, evaluating `postgres_managed_databases` (which references multiple database passwords) dropped from **~10.7 seconds to ~0.6 seconds**. The Postgres role evaluates this variable multiple times during a run, so the cumulative savings are significant. All other roles that reference derived passwords also benefit.
|
||||
|
||||
**What this means for users**: all derived service passwords (database passwords, appservice tokens, etc.) will change on the next playbook run. The main/superuser database password (`postgres_connection_password`) is not affected, as it is hardcoded in inventory variables rather than derived via hashing. All services will receive their new passwords as part of the same run, so this should be a seamless, non-user-impacting change.
|
||||
|
||||
## (BC Break) Dynamic DNS role has been relocated and variable names need adjustments
|
||||
|
||||
The role for Dynamic DNS has been relocated to the [mother-of-all-self-hosting](https://github.com/mother-of-all-self-hosting) organization.
|
||||
|
||||
Along with the relocation, the `matrix_dynamic_dns_` prefix on its variable names has been renamed to `ddclient_`, so you need to adjust your `vars.yml` configuration.
|
||||
|
||||
As always, the playbook would let you know about this and point out any variables you may have missed.
|
||||
|
||||
## ma1sd has been removed from the playbook
|
||||
|
||||
[ma1sd](./docs/configuring-playbook-ma1sd.md) has been removed from the playbook, as it has been unmaintained for a long time.
|
||||
|
||||
@@ -133,7 +133,6 @@ Bridges can be used to connect your Matrix installation with third-party communi
|
||||
| [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) | ❌ | Bridge to SMS | [Link](docs/configuring-playbook-bridge-matrix-bridge-sms.md) |
|
||||
| [matrix-steam-bridge](https://github.com/jasonlaguidice/matrix-steam-bridge) | ❌ | Bridge to [Steam](https://steampowered.com/) | [Link](docs/configuring-playbook-bridge-steam.md) |
|
||||
| [matrix-wechat](https://github.com/duo/matrix-wechat) | ❌ | Bridge to [WeChat](https://www.wechat.com/) | [Link](docs/configuring-playbook-bridge-wechat.md) |
|
||||
| [MatrixZulipBridge](https://github.com/GearKite/MatrixZulipBridge) | ❌ | Puppeting appservice bridge for [Zulip](https://zulip.com/) | [Link](docs/configuring-playbook-bridge-zulip.md) |
|
||||
| [Heisenbridge](https://github.com/hifi/heisenbridge) | ❌ | Bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-heisenbridge.md) |
|
||||
| [mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) | ❌ | Bridge to [GroupMe](https://groupme.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-groupme.md) |
|
||||
| [mx-puppet-steam](https://codeberg.org/icewind/mx-puppet-steam) | ❌ | Bridge to [Steam](https://steamapp.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-steam.md) |
|
||||
|
||||
@@ -1,83 +0,0 @@
|
||||
<!--
|
||||
SPDX-FileCopyrightText: 2021 - 2024 Slavi Pantaleev
|
||||
SPDX-FileCopyrightText: 2021 Toni Spets
|
||||
SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
|
||||
|
||||
SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
-->
|
||||
|
||||
# Setting up a Zulip bridge (optional)
|
||||
|
||||
The playbook can install and configure [MatrixZulipBridge](https://github.com/GearKite/MatrixZulipBridge) for you.
|
||||
|
||||
See the project's [documentation](https://github.com/GearKite/MatrixZulipBridge/blob/main/README.md) to learn what it does and why it might be useful to you.
|
||||
|
||||
## Adjusting DNS records (optional)
|
||||
|
||||
By default, this playbook installs the Zulip bridge on the `matrix.` subdomain, at the `/zulip` path (https://matrix.example.com/zulip). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section.
|
||||
|
||||
If you wish to adjust it, see the section [below](#adjusting-the-zulip-bridge-url-optional) for details about DNS configuration.
|
||||
|
||||
## Adjusting the playbook configuration
|
||||
|
||||
To enable the Zulip bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
|
||||
|
||||
```yaml
|
||||
matrix_zulip_bridge_enabled: true
|
||||
|
||||
# Uncomment to add one or more admins to this bridge:
|
||||
#
|
||||
# matrix_zulip_bridge_owner:
|
||||
# - '@yourAdminAccount:{{ matrix_domain }}'
|
||||
#
|
||||
# … unless you've made yourself an admin of all bots/bridges like this:
|
||||
#
|
||||
# matrix_admin: '@yourAdminAccount:{{ matrix_domain }}'
|
||||
```
|
||||
|
||||
### Adjusting the Zulip bridge URL (optional)
|
||||
|
||||
By tweaking the `matrix_zulip_bridge_hostname` and `matrix_zulip_bridge_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one.
|
||||
|
||||
Example additional configuration for your `vars.yml` file:
|
||||
|
||||
```yaml
|
||||
# Change the default hostname and path prefix
|
||||
matrix_zulip_bridge_hostname: zulip.example.com
|
||||
matrix_zulip_bridge_path_prefix: /
|
||||
```
|
||||
|
||||
If you've changed the default hostname, you may need to create a CNAME record for the Zulip bridge domain (`zulip.example.com`), which targets `matrix.example.com`.
|
||||
|
||||
When setting, replace `example.com` with your own.
|
||||
|
||||
### Extending the configuration
|
||||
|
||||
There are some additional things you may wish to configure about the bridge.
|
||||
|
||||
Take a look at:
|
||||
|
||||
- `roles/custom/matrix-bridge-zulip/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
|
||||
|
||||
## Installing
|
||||
|
||||
After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the playbook with [playbook tags](playbook-tags.md) as below:
|
||||
|
||||
<!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
|
||||
```sh
|
||||
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
|
||||
```
|
||||
|
||||
The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
|
||||
|
||||
`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
|
||||
|
||||
## Usage
|
||||
|
||||
To use the bridge, you need to start a chat with `@zulipbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). If the bridge ignores you and a DM is not accepted then the owner setting may be wrong.
|
||||
|
||||
If you encounter issues or feel lost you can join the project room at [#matrixzulipbridge:shema.lv](https://matrix.to/#/#matrixzulipbridge:shema.lv) for help.
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-bridge-zulip`.
|
||||
@@ -1,7 +1,20 @@
|
||||
<!--
|
||||
SPDX-FileCopyrightText: 2020 Aaron Raimist
|
||||
SPDX-FileCopyrightText: 2020 Chris van Dijk
|
||||
SPDX-FileCopyrightText: 2020 Dominik Zajac
|
||||
SPDX-FileCopyrightText: 2020 Mickaël Cornière
|
||||
SPDX-FileCopyrightText: 2020 Scott Crossen
|
||||
SPDX-FileCopyrightText: 2020 Slavi Pantaleev
|
||||
SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
|
||||
SPDX-FileCopyrightText: 2020-2024 MDAD project contributors
|
||||
SPDX-FileCopyrightText: 2020-2024 Slavi Pantaleev
|
||||
SPDX-FileCopyrightText: 2022 François Darveau
|
||||
SPDX-FileCopyrightText: 2022 Julian Foad
|
||||
SPDX-FileCopyrightText: 2022 Warren Bailey
|
||||
SPDX-FileCopyrightText: 2023 Antonis Christofides
|
||||
SPDX-FileCopyrightText: 2023 Felix Stupp
|
||||
SPDX-FileCopyrightText: 2023 Julian-Samuel Gebühr
|
||||
SPDX-FileCopyrightText: 2023 Pierre 'McFly' Marty
|
||||
SPDX-FileCopyrightText: 2024 Tiz
|
||||
SPDX-FileCopyrightText: 2024-2026 Suguru Hirahara
|
||||
|
||||
SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
-->
|
||||
@@ -12,6 +25,10 @@ The playbook can configure Dynamic DNS with [ddclient](https://github.com/ddc
|
||||
|
||||
Most cloud providers / ISPs will charge you extra for a static IP address. If you're not hosting a highly reliable homeserver you can workaround this via dynamic DNS.
|
||||
|
||||
For details about configuring the [Ansible role for ddclient](https://github.com/mother-of-all-self-hosting/ansible-role-ddclient), you can check them via:
|
||||
- 🌐 [the role's documentation](https://github.com/mother-of-all-self-hosting/ansible-role-ddclient/blob/main/docs/configuring-ddclient.md) online
|
||||
- 📁 `roles/galaxy/ddclient/docs/configuring-ddclient.md` locally, if you have [fetched the Ansible roles](../installing.md)
|
||||
|
||||
## Prerequisite
|
||||
|
||||
You'll need to authenticate with your DNS provider somehow, in most cases this is simply a username and password but can differ from provider to provider. Please consult with your providers documentation and the upstream [ddclient documentation](https://github.com/ddclient/ddclient/blob/main/ddclient.conf.in) to determine what you'll need to provide to authenticate.
|
||||
@@ -21,17 +38,23 @@ You'll need to authenticate with your DNS provider somehow, in most cases this i
|
||||
To enable dynamic DNS, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
|
||||
|
||||
```yaml
|
||||
matrix_dynamic_dns_enabled: true
|
||||
ddclient_enabled: true
|
||||
|
||||
matrix_dynamic_dns_domain_configurations:
|
||||
ddclient_domain_configurations:
|
||||
- provider: example.net
|
||||
protocol: dyndn2
|
||||
protocol: dyndns2
|
||||
username: YOUR_USERNAME_HERE
|
||||
password: YOUR_PASSWORD_HERE
|
||||
domain: "{{ matrix_domain }}"
|
||||
```
|
||||
|
||||
Keep in mind that certain providers may require a different configuration of the `matrix_dynamic_dns_domain_configurations` variable, for provider specific examples see the [upstream documentation](https://github.com/ddclient/ddclient/blob/main/ddclient.conf.in).
|
||||
Keep in mind that certain providers may require a different configuration of the `ddclient_domain_configurations` variable, for provider specific examples see the [upstream documentation](https://github.com/ddclient/ddclient/blob/main/ddclient.conf.in).
|
||||
|
||||
### Configuring the endpoint to obtain IP address (optional)
|
||||
|
||||
The playbook sets the default endpoint for obtaining the IP address to `https://cloudflare.com/cdn-cgi/trace`. You can replace it by specifying yours to `ddclient_web` and `ddclient_web_skip` if necessary.
|
||||
|
||||
Refer to [this section](https://github.com/mother-of-all-self-hosting/ansible-role-ddclient/blob/main/docs/configuring-ddclient.md#setting-the-endpoint-to-obtain-ip-address-optional) for more information.
|
||||
|
||||
### Extending the configuration
|
||||
|
||||
@@ -39,7 +62,7 @@ There are some additional things you may wish to configure about the component.
|
||||
|
||||
Take a look at:
|
||||
|
||||
- `roles/custom/matrix-dynamic-dns/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
|
||||
- `roles/galaxy/ddclient/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
|
||||
|
||||
## Installing
|
||||
|
||||
@@ -63,4 +86,4 @@ Additional resources:
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-dynamic-dns`. However, due to an [upstream issue](https://github.com/linuxserver/docker-ddclient/issues/54#issuecomment-1153143132) the logging output is not always complete. For advanced debugging purposes running the `ddclient` tool outside of the container is useful via the following: `ddclient -file ./ddclient.conf -daemon=0 -debug -verbose -noquiet`.
|
||||
See [this section](https://github.com/mother-of-all-self-hosting/ansible-role-ddclient/blob/main/docs/configuring-ddclient.md#troubleshooting) on the role's documentation for details.
|
||||
|
||||
@@ -186,8 +186,6 @@ Bridges can be used to connect your Matrix installation with third-party communi
|
||||
|
||||
- [Setting up WeChat bridging](configuring-playbook-bridge-wechat.md)
|
||||
|
||||
- [Setting up Zulip bridging](configuring-playbook-bridge-zulip.md)
|
||||
|
||||
### Bots
|
||||
|
||||
Bots provide various additional functionality to your installation.
|
||||
|
||||
@@ -106,7 +106,6 @@ Bridges can be used to connect your Matrix installation with third-party communi
|
||||
| [matrix-hookshot](configuring-playbook-bridge-hookshot.md) | [halfshot/matrix-hookshot](https://hub.docker.com/r/halfshot/matrix-hookshot) | ❌ | Bridge for generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular |
|
||||
| [matrix-sms-bridge](configuring-playbook-bridge-matrix-bridge-sms.md) | [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) | ❌ | Bridge to SMS |
|
||||
| [matrix-wechat](configuring-playbook-bridge-wechat.md) | [lxduo/matrix-wechat](https://hub.docker.com/r/lxduo/matrix-wechat) | ❌ | Bridge to [WeChat](https://www.wechat.com/) |
|
||||
| [MatrixZulipBridge](configuring-playbook-bridge-zulip.md) | [GearKite/MatrixZulipBridge](https://ghcr.io/gearkite/matrixzulipbridge) | ❌ | Puppeting appservice bridge for [Zulip](https://zulip.com/) |
|
||||
| [Heisenbridge](configuring-playbook-bridge-heisenbridge.md) | [hif1/heisenbridge](https://hub.docker.com/r/hif1/heisenbridge) | ❌ | Bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) |
|
||||
| [mx-puppet-groupme](configuring-playbook-bridge-mx-puppet-groupme.md) | [xangelix/mx-puppet-groupme](https://hub.docker.com/r/xangelix/mx-puppet-groupme) | ❌ | Bridge to [GroupMe](https://groupme.com/) |
|
||||
| [matrix-steam-bridge](configuring-playbook-bridge-steam.md) | [jasonlaguidice/matrix-steam-bridge](https://github.com/jasonlaguidice/matrix-steam-bridge/pkgs/container/matrix-steam-bridge) | ❌ | Bridge to [Steam](https://steampowered.com/) |
|
||||
|
||||
+125
-178
@@ -114,8 +114,6 @@ matrix_homeserver_container_extra_arguments_auto: |
|
||||
+
|
||||
(['--mount type=bind,src=' + matrix_hookshot_base_path + '/registration.yml,dst=/hookshot-registration.yml,ro'] if matrix_hookshot_enabled else [])
|
||||
+
|
||||
(['--mount type=bind,src=' + matrix_zulip_bridge_base_path + '/registration.yaml,dst=/matrixzulipbridge-registration.yaml,ro'] if matrix_zulip_bridge_enabled else [])
|
||||
+
|
||||
(['--mount type=bind,src=' + matrix_mautrix_bluesky_config_path + '/registration.yaml,dst=/matrix-mautrix-bluesky-registration.yaml,ro'] if matrix_mautrix_bluesky_enabled else [])
|
||||
+
|
||||
(['--mount type=bind,src=' + matrix_mautrix_discord_config_path + '/registration.yaml,dst=/matrix-mautrix-discord-registration.yaml,ro'] if matrix_mautrix_discord_enabled else [])
|
||||
@@ -175,8 +173,6 @@ matrix_homeserver_app_service_config_files_auto: |
|
||||
+
|
||||
(['/hookshot-registration.yml'] if matrix_hookshot_enabled else [])
|
||||
+
|
||||
(['/matrixzulipbridge-registration.yaml'] if matrix_zulip_bridge_enabled else [])
|
||||
+
|
||||
(['/matrix-mautrix-bluesky-registration.yaml'] if matrix_mautrix_bluesky_enabled else [])
|
||||
+
|
||||
(['/matrix-mautrix-discord-registration.yaml'] if matrix_mautrix_discord_enabled else [])
|
||||
@@ -302,8 +298,6 @@ devture_systemd_service_manager_services_list_auto: |
|
||||
+
|
||||
([{'name': 'matrix-hookshot.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'hookshot', 'bridge-hookshot']}] if matrix_hookshot_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-zulip-bridge.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'zulip']}] if matrix_zulip_bridge_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-mautrix-bluesky.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-bluesky']}] if matrix_mautrix_bluesky_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-mautrix-discord.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-discord']}] if matrix_mautrix_discord_enabled else [])
|
||||
@@ -368,7 +362,7 @@ devture_systemd_service_manager_services_list_auto: |
|
||||
+
|
||||
([{'name': 'matrix-dimension.service', 'priority': 4000, 'groups': ['matrix', 'integration-managers', 'dimension']}] if matrix_dimension_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-dynamic-dns.service', 'priority': 5000, 'groups': ['matrix', 'dynamic-dns']}] if matrix_dynamic_dns_enabled else [])
|
||||
([{'name': (ddclient_identifier + '.service'), 'priority': 5000, 'groups': ['matrix', 'ddclient', 'dynamic-dns']}] if ddclient_enabled else [])
|
||||
+
|
||||
([{'name': (etherpad_identifier + '.service'), 'priority': 4000, 'groups': ['matrix', 'etherpad']}] if etherpad_enabled else [])
|
||||
+
|
||||
@@ -610,10 +604,10 @@ matrix_authentication_service_hostname: "{{ matrix_server_fqn_matrix }}"
|
||||
matrix_authentication_service_path_prefix: /auth
|
||||
|
||||
matrix_authentication_service_config_database_host: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_authentication_service_config_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mas.db', rounds=655555) | to_uuid }}"
|
||||
matrix_authentication_service_config_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mas.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_authentication_service_config_matrix_homeserver: "{{ matrix_domain }}"
|
||||
matrix_authentication_service_config_matrix_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mas.hs.secret', rounds=655555) | to_uuid }}"
|
||||
matrix_authentication_service_config_matrix_secret: "{{ (matrix_homeserver_generic_secret_key + ':mas.hs.secret') | hash('sha512') | to_uuid }}"
|
||||
matrix_authentication_service_config_matrix_endpoint: "{{ matrix_homeserver_container_url }}"
|
||||
|
||||
# We're using a non-default configuration which:
|
||||
@@ -727,15 +721,15 @@ matrix_appservice_discord_container_additional_networks_auto: |-
|
||||
# If the homeserver disables presence, it's likely better (less wasteful) to also disable presence on the bridge side.
|
||||
matrix_appservice_discord_bridge_disablePresence: "{{ (not matrix_synapse_presence_enabled) if matrix_homeserver_implementation == 'synapse' else false }}"
|
||||
|
||||
matrix_appservice_discord_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'discord.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_discord_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':discord.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_appservice_discord_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'discord.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_discord_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':discord.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
# We only make this use Postgres if our own Postgres server is enabled.
|
||||
# It's only then (for now) that we can automatically create the necessary database and user for this service.
|
||||
matrix_appservice_discord_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_appservice_discord_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_appservice_discord_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.discord.db', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_discord_database_password: "{{ (matrix_homeserver_generic_secret_key + ':as.discord.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -785,17 +779,17 @@ matrix_appservice_slack_container_labels_traefik_docker_network: "{{ matrix_play
|
||||
matrix_appservice_slack_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
|
||||
matrix_appservice_slack_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
|
||||
|
||||
matrix_appservice_slack_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'slack.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_slack_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':slack.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_appservice_slack_homeserver_url: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_appservice_slack_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'slack.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_slack_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':slack.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_appservice_slack_id_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'slack.id.token', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_slack_id_token: "{{ (matrix_homeserver_generic_secret_key + ':slack.id.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_appservice_slack_database_engine: "{{ 'postgres' if postgres_enabled else 'nedb' }}"
|
||||
matrix_appservice_slack_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_appservice_slack_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.slack.db', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_slack_database_password: "{{ (matrix_homeserver_generic_secret_key + ':as.slack.db') | hash('sha512') | to_uuid }}"
|
||||
matrix_appservice_slack_database_container_network: "{{ postgres_container_network if postgres_enabled else '' }}"
|
||||
|
||||
######################################################################
|
||||
@@ -843,14 +837,14 @@ matrix_appservice_irc_container_additional_networks_auto: |-
|
||||
# IRC bridge presence, for performance reasons.
|
||||
matrix_appservice_irc_homeserver_enablePresence: "{{ matrix_synapse_presence_enabled if matrix_homeserver_implementation == 'synapse' else true }}"
|
||||
|
||||
matrix_appservice_irc_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'irc.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_irc_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':irc.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_appservice_irc_homeserver_url: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_appservice_irc_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'irc.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_irc_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':irc.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_appservice_irc_database_engine: "{{ 'postgres' if postgres_enabled else 'nedb' }}"
|
||||
matrix_appservice_irc_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_appservice_irc_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.irc.db', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_irc_database_password: "{{ (matrix_homeserver_generic_secret_key + ':as.irc.db') | hash('sha512') | to_uuid }}"
|
||||
matrix_appservice_irc_database_container_network: "{{ postgres_container_network if postgres_enabled else '' }}"
|
||||
|
||||
matrix_appservice_irc_ircService_mediaProxy_publicUrl_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}" # noqa var-naming
|
||||
@@ -897,10 +891,10 @@ matrix_appservice_kakaotalk_container_additional_networks_auto: |-
|
||||
) | unique
|
||||
}}
|
||||
|
||||
matrix_appservice_kakaotalk_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.kakao.hs', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_kakaotalk_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':as.kakao.hs') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_appservice_kakaotalk_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_appservice_kakaotalk_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.kakao.hs', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_kakaotalk_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':as.kakao.hs') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_appservice_kakaotalk_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
@@ -908,7 +902,7 @@ matrix_appservice_kakaotalk_login_shared_secret: "{{ matrix_synapse_ext_password
|
||||
|
||||
matrix_appservice_kakaotalk_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_appservice_kakaotalk_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_appservice_kakaotalk_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.kakao.db', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_kakaotalk_database_password: "{{ (matrix_homeserver_generic_secret_key + ':as.kakao.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -948,10 +942,10 @@ matrix_beeper_linkedin_container_additional_networks_auto: |-
|
||||
) | unique
|
||||
}}
|
||||
|
||||
matrix_beeper_linkedin_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'linked.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_beeper_linkedin_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':linked.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_beeper_linkedin_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_beeper_linkedin_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'linked.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_beeper_linkedin_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':linked.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_beeper_linkedin_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
@@ -971,7 +965,7 @@ matrix_beeper_linkedin_bridge_login_shared_secret_map_auto: |-
|
||||
matrix_beeper_linkedin_bridge_presence: "{{ (matrix_synapse_presence_enabled if matrix_synapse_enabled else true) if matrix_homeserver_implementation == 'synapse' else true }}"
|
||||
|
||||
matrix_beeper_linkedin_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_beeper_linkedin_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maulinkedin.db', rounds=655555) | to_uuid }}"
|
||||
matrix_beeper_linkedin_database_password: "{{ (matrix_homeserver_generic_secret_key + ':maulinkedin.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1020,14 +1014,14 @@ matrix_mautrix_bluesky_container_labels_traefik_tls_certResolver: "{{ traefik_ce
|
||||
matrix_mautrix_bluesky_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
|
||||
matrix_mautrix_bluesky_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
|
||||
|
||||
matrix_mautrix_bluesky_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'bsky.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_bluesky_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':bsky.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_bluesky_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_mautrix_bluesky_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'bsky.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_bluesky_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':bsky.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_bluesky_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
matrix_mautrix_bluesky_provisioning_shared_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.bsky.prov', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_bluesky_provisioning_shared_secret: "{{ (matrix_homeserver_generic_secret_key + ':mau.bsky.prov') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_bluesky_double_puppet_secrets_auto: |-
|
||||
{{
|
||||
@@ -1045,7 +1039,7 @@ matrix_mautrix_bluesky_metrics_proxying_hostname: "{{ matrix_metrics_exposure_ho
|
||||
matrix_mautrix_bluesky_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_path_prefix }}/mautrix-bluesky"
|
||||
|
||||
matrix_mautrix_bluesky_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_mautrix_bluesky_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.twt.db', rounds=655555) | to_uuid if postgres_enabled else '' }}"
|
||||
matrix_mautrix_bluesky_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mau.twt.db') | hash('sha512') | to_uuid if postgres_enabled else '' }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1091,14 +1085,14 @@ matrix_mautrix_discord_systemd_required_services_list_auto: |
|
||||
([postgres_identifier ~ '.service'] if (postgres_enabled and matrix_mautrix_discord_database_hostname == postgres_connection_hostname) else [])
|
||||
}}
|
||||
|
||||
matrix_mautrix_discord_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.as.tok', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_discord_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':maudisc.as.tok') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_discord_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_mautrix_discord_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.hs.tok', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_discord_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':maudisc.hs.tok') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_discord_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
matrix_mautrix_discord_bridge_avatar_proxy_key: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.avatar', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_discord_bridge_avatar_proxy_key: "{{ (matrix_homeserver_generic_secret_key + ':maudisc.avatar') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_discord_hostname: "{{ matrix_server_fqn_matrix }}"
|
||||
matrix_mautrix_discord_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"
|
||||
@@ -1119,7 +1113,7 @@ matrix_mautrix_discord_bridge_login_shared_secret_map_auto: |-
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_mautrix_discord_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_mautrix_discord_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_mautrix_discord_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudiscord.db', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_discord_database_password: "{{ (matrix_homeserver_generic_secret_key + ':maudiscord.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1159,10 +1153,10 @@ matrix_mautrix_slack_container_additional_networks_auto: |-
|
||||
) | unique
|
||||
}}
|
||||
|
||||
matrix_mautrix_slack_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mauslack.as.tok', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_slack_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':mauslack.as.tok') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_slack_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_mautrix_slack_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mauslack.hs.tok', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_slack_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':mauslack.hs.tok') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_slack_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
@@ -1178,10 +1172,10 @@ matrix_mautrix_slack_double_puppet_secrets_auto: |-
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_mautrix_slack_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_mautrix_slack_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_mautrix_slack_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mauslack.db', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_slack_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mauslack.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_slack_provisioning_shared_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.slack.prov', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_slack_public_media_signing_key: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.slack.pmed', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_slack_provisioning_shared_secret: "{{ (matrix_homeserver_generic_secret_key + ':mau.slack.prov') | hash('sha512') | to_uuid }}"
|
||||
matrix_mautrix_slack_public_media_signing_key: "{{ (matrix_homeserver_generic_secret_key + ':mau.slack.pmed') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1234,10 +1228,10 @@ matrix_mautrix_googlechat_container_labels_public_endpoint_hostname: "{{ matrix_
|
||||
matrix_mautrix_googlechat_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
|
||||
matrix_mautrix_googlechat_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
|
||||
|
||||
matrix_mautrix_googlechat_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'gc.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_googlechat_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':gc.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_googlechat_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_mautrix_googlechat_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'gc.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_googlechat_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':gc.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_googlechat_login_shared_secret: |-
|
||||
{{
|
||||
@@ -1259,7 +1253,7 @@ matrix_mautrix_googlechat_metrics_proxying_path_prefix: "{{ matrix_metrics_expos
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_mautrix_googlechat_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_mautrix_googlechat_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_mautrix_googlechat_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.gc.db', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_googlechat_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mau.gc.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1310,11 +1304,11 @@ matrix_mautrix_signal_container_labels_metrics_middleware_basic_auth_users: "{{
|
||||
|
||||
matrix_mautrix_signal_homeserver_domain: '{{ matrix_domain }}'
|
||||
matrix_mautrix_signal_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_mautrix_signal_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'si.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_signal_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':si.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_signal_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
matrix_mautrix_signal_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'si.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_signal_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':si.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_signal_double_puppet_secrets_auto: |-
|
||||
{{
|
||||
@@ -1333,10 +1327,10 @@ matrix_mautrix_signal_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_
|
||||
|
||||
matrix_mautrix_signal_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_mautrix_signal_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_mautrix_signal_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.signal.db', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_signal_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mau.signal.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_signal_provisioning_shared_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.signal.prov', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_signal_public_media_signing_key: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.signal.pmed', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_signal_provisioning_shared_secret: "{{ (matrix_homeserver_generic_secret_key + ':mau.signal.prov') | hash('sha512') | to_uuid }}"
|
||||
matrix_mautrix_signal_public_media_signing_key: "{{ (matrix_homeserver_generic_secret_key + ':mau.signal.pmed') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1386,11 +1380,11 @@ matrix_mautrix_meta_messenger_container_labels_traefik_tls_certResolver: "{{ tra
|
||||
matrix_mautrix_meta_messenger_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
|
||||
matrix_mautrix_meta_messenger_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
|
||||
|
||||
matrix_mautrix_meta_messenger_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.meta.fb.as', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_meta_messenger_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':mau.meta.fb.as') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_meta_messenger_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
|
||||
matrix_mautrix_meta_messenger_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.meta.fb.hs', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_meta_messenger_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':mau.meta.fb.hs') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_meta_messenger_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
@@ -1413,7 +1407,7 @@ matrix_mautrix_meta_messenger_metrics_proxying_path_prefix: "{{ matrix_metrics_e
|
||||
# and point them to a migration path.
|
||||
matrix_mautrix_meta_messenger_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite3-fk-wal' }}"
|
||||
matrix_mautrix_meta_messenger_database_hostname: "{{ postgres_connection_hostname if (postgres_enabled and matrix_mautrix_meta_messenger_database_engine == 'postgres') else '' }}"
|
||||
matrix_mautrix_meta_messenger_database_password: "{{ ('%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.fb.db', rounds=655555) | to_uuid) if (postgres_enabled and matrix_mautrix_meta_messenger_database_engine == 'postgres') else '' }}"
|
||||
matrix_mautrix_meta_messenger_database_password: "{{ ((matrix_homeserver_generic_secret_key + ':mau.fb.db') | hash('sha512') | to_uuid) if (postgres_enabled and matrix_mautrix_meta_messenger_database_engine == 'postgres') else '' }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1464,11 +1458,11 @@ matrix_mautrix_meta_instagram_container_labels_traefik_tls_certResolver: "{{ tra
|
||||
matrix_mautrix_meta_instagram_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
|
||||
matrix_mautrix_meta_instagram_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
|
||||
|
||||
matrix_mautrix_meta_instagram_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.meta.ig.as', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_meta_instagram_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':mau.meta.ig.as') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_meta_instagram_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
|
||||
matrix_mautrix_meta_instagram_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.meta.ig.hs', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_meta_instagram_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':mau.meta.ig.hs') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_meta_instagram_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
@@ -1491,7 +1485,7 @@ matrix_mautrix_meta_instagram_metrics_proxying_path_prefix: "{{ matrix_metrics_e
|
||||
# and point them to a migration path.
|
||||
matrix_mautrix_meta_instagram_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite3-fk-wal' }}"
|
||||
matrix_mautrix_meta_instagram_database_hostname: "{{ postgres_connection_hostname if (postgres_enabled and matrix_mautrix_meta_instagram_database_engine == 'postgres') else '' }}"
|
||||
matrix_mautrix_meta_instagram_database_password: "{{ ('%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.fb.db', rounds=655555) | to_uuid) if (postgres_enabled and matrix_mautrix_meta_instagram_database_engine == 'postgres') else '' }}"
|
||||
matrix_mautrix_meta_instagram_database_password: "{{ ((matrix_homeserver_generic_secret_key + ':mau.fb.db') | hash('sha512') | to_uuid) if (postgres_enabled and matrix_mautrix_meta_instagram_database_engine == 'postgres') else '' }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1510,7 +1504,7 @@ matrix_mautrix_meta_instagram_database_password: "{{ ('%s' | format(matrix_homes
|
||||
matrix_mautrix_telegram_enabled: false
|
||||
|
||||
matrix_mautrix_telegram_hostname: "{{ matrix_server_fqn_matrix }}"
|
||||
matrix_mautrix_telegram_path_prefix: "/{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'telegram', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_telegram_path_prefix: "/{{ (matrix_homeserver_generic_secret_key + ':telegram') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_telegram_systemd_required_services_list_auto: |
|
||||
{{
|
||||
@@ -1551,11 +1545,11 @@ matrix_mautrix_telegram_container_labels_traefik_tls_certResolver: "{{ traefik_c
|
||||
matrix_mautrix_telegram_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
|
||||
matrix_mautrix_telegram_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
|
||||
|
||||
matrix_mautrix_telegram_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'telegr.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_telegram_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':telegr.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_telegram_homeserver_domain: "{{ matrix_domain }}"
|
||||
matrix_mautrix_telegram_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_mautrix_telegram_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'telegr.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_telegram_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':telegr.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_telegram_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
@@ -1581,7 +1575,7 @@ matrix_mautrix_telegram_metrics_proxying_path_prefix: "{{ matrix_metrics_exposur
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_mautrix_telegram_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_mautrix_telegram_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_mautrix_telegram_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.telegram.db', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_telegram_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mau.telegram.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1630,14 +1624,14 @@ matrix_mautrix_twitter_container_labels_traefik_tls_certResolver: "{{ traefik_ce
|
||||
matrix_mautrix_twitter_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
|
||||
matrix_mautrix_twitter_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
|
||||
|
||||
matrix_mautrix_twitter_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'twt.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_twitter_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':twt.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_twitter_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_mautrix_twitter_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'twt.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_twitter_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':twt.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_twitter_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
matrix_mautrix_twitter_provisioning_shared_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.twit.prov', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_twitter_provisioning_shared_secret: "{{ (matrix_homeserver_generic_secret_key + ':mau.twit.prov') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_twitter_double_puppet_secrets_auto: |-
|
||||
{{
|
||||
@@ -1655,7 +1649,7 @@ matrix_mautrix_twitter_metrics_proxying_hostname: "{{ matrix_metrics_exposure_ho
|
||||
matrix_mautrix_twitter_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_path_prefix }}/mautrix-twitter"
|
||||
|
||||
matrix_mautrix_twitter_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_mautrix_twitter_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.twt.db', rounds=655555) | to_uuid if postgres_enabled else '' }}"
|
||||
matrix_mautrix_twitter_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mau.twt.db') | hash('sha512') | to_uuid if postgres_enabled else '' }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1704,10 +1698,10 @@ matrix_mautrix_gmessages_container_labels_traefik_tls_certResolver: "{{ traefik_
|
||||
matrix_mautrix_gmessages_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
|
||||
matrix_mautrix_gmessages_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
|
||||
|
||||
matrix_mautrix_gmessages_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'gmessa.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_gmessages_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':gmessa.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_gmessages_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_mautrix_gmessages_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'gmessa.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_gmessages_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':gmessa.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_gmessages_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
@@ -1729,7 +1723,7 @@ matrix_mautrix_gmessages_metrics_proxying_path_prefix: "{{ matrix_metrics_exposu
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_mautrix_gmessages_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_mautrix_gmessages_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_mautrix_gmessages_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maugmessages.db', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_gmessages_database_password: "{{ (matrix_homeserver_generic_secret_key + ':maugmessages.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1781,7 +1775,7 @@ matrix_mautrix_wsproxy_container_labels_traefik_entrypoints: "{{ traefik_entrypo
|
||||
matrix_mautrix_wsproxy_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
|
||||
|
||||
matrix_mautrix_wsproxy_syncproxy_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_mautrix_wsproxy_syncproxy_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'wsproxy.db', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_wsproxy_syncproxy_database_password: "{{ (matrix_homeserver_generic_secret_key + ':wsproxy.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1824,21 +1818,21 @@ matrix_wechat_container_additional_networks_auto: |-
|
||||
) | unique
|
||||
}}
|
||||
|
||||
matrix_wechat_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'wechat.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_wechat_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':wechat.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_wechat_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_wechat_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'wechat.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_wechat_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':wechat.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_wechat_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
matrix_wechat_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
||||
|
||||
matrix_wechat_bridge_listen_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'wechat.lstn', rounds=655555) | to_uuid }}"
|
||||
matrix_wechat_bridge_listen_secret: "{{ (matrix_homeserver_generic_secret_key + ':wechat.lstn') | hash('sha512') | to_uuid }}"
|
||||
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_wechat_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_wechat_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_wechat_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'gowechat.db', rounds=655555) | to_uuid }}"
|
||||
matrix_wechat_database_password: "{{ (matrix_homeserver_generic_secret_key + ':gowechat.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1887,10 +1881,10 @@ matrix_mautrix_whatsapp_systemd_required_services_list_auto: |
|
||||
([postgres_identifier ~ '.service'] if postgres_enabled and matrix_mautrix_whatsapp_database_hostname == postgres_connection_hostname else [])
|
||||
}}
|
||||
|
||||
matrix_mautrix_whatsapp_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'whats.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_whatsapp_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':wa.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_whatsapp_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_mautrix_whatsapp_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'whats.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_whatsapp_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':wa.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mautrix_whatsapp_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
@@ -1912,7 +1906,7 @@ matrix_mautrix_whatsapp_metrics_proxying_path_prefix: "{{ matrix_metrics_exposur
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_mautrix_whatsapp_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_mautrix_whatsapp_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_mautrix_whatsapp_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mauwhatsapp.db', rounds=655555) | to_uuid }}"
|
||||
matrix_mautrix_whatsapp_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mauwhatsapp.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1943,11 +1937,11 @@ matrix_sms_bridge_container_additional_networks_auto: |-
|
||||
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
|
||||
}}
|
||||
|
||||
matrix_sms_bridge_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'sms.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_sms_bridge_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':sms.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_sms_bridge_homeserver_hostname: "{{ (matrix_homeserver_container_client_api_endpoint | split(':'))[0] }}"
|
||||
matrix_sms_bridge_homeserver_port: "{{ (matrix_homeserver_container_client_api_endpoint | split(':'))[1] }}"
|
||||
matrix_sms_bridge_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'sms.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_sms_bridge_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':sms.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -1989,9 +1983,9 @@ matrix_heisenbridge_container_labels_traefik_docker_network: "{{ matrix_playbook
|
||||
matrix_heisenbridge_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
|
||||
matrix_heisenbridge_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
|
||||
|
||||
matrix_heisenbridge_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'heisen.as.tok', rounds=655555) | to_uuid }}"
|
||||
matrix_heisenbridge_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':heisen.as.tok') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_heisenbridge_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'heisen.hs.tok', rounds=655555) | to_uuid }}"
|
||||
matrix_heisenbridge_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':heisen.hs.tok') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_heisenbridge_homeserver_url: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
|
||||
@@ -2014,9 +2008,9 @@ matrix_hookshot_docker_image_registry_prefix_upstream: "{{ matrix_container_glob
|
||||
|
||||
matrix_hookshot_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}"
|
||||
|
||||
matrix_hookshot_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'hookshot.as.tok', rounds=655555) | to_uuid }}"
|
||||
matrix_hookshot_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':hookshot.as.tok') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_hookshot_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'hookshot.hs.tok', rounds=655555) | to_uuid }}"
|
||||
matrix_hookshot_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':hookshot.hs.tok') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_hookshot_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
|
||||
@@ -2074,55 +2068,6 @@ matrix_hookshot_public_hostname: "{{ matrix_server_fqn_matrix }}"
|
||||
#
|
||||
######################################################################
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-bridge-zulip
|
||||
#
|
||||
######################################################################
|
||||
|
||||
# We don't enable bridges by default.
|
||||
matrix_zulip_bridge_enabled: false
|
||||
|
||||
matrix_zulip_bridge_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"
|
||||
|
||||
# Set this to your Matrix ID if you want to enforce the owner, otherwise first _local_ user becomes one
|
||||
matrix_zulip_bridge_owner: "{{ matrix_admin if matrix_admin else '' }}"
|
||||
|
||||
matrix_zulip_bridge_systemd_required_services_list_auto: |
|
||||
{{
|
||||
matrix_addons_homeserver_systemd_services_list
|
||||
}}
|
||||
|
||||
matrix_zulip_bridge_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_zulip_bridge_docker_image_registry_prefix_upstream_default }}"
|
||||
|
||||
matrix_zulip_bridge_container_network: "{{ matrix_addons_container_network }}"
|
||||
|
||||
matrix_zulip_bridge_container_additional_networks_auto: |-
|
||||
{{
|
||||
(
|
||||
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
|
||||
+
|
||||
[matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_zulip_bridge_container_labels_traefik_enabled and matrix_playbook_reverse_proxyable_services_additional_network) else []
|
||||
) | unique
|
||||
}}
|
||||
|
||||
matrix_zulip_bridge_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
|
||||
matrix_zulip_bridge_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
|
||||
matrix_zulip_bridge_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
|
||||
matrix_zulip_bridge_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
|
||||
|
||||
matrix_zulip_bridge_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'zulip.as.tok', rounds=655555) | to_uuid }}"
|
||||
|
||||
matrix_zulip_bridge_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'zulip.hs.tok', rounds=655555) | to_uuid }}"
|
||||
|
||||
matrix_zulip_bridge_homeserver_url: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-bridge-zulip
|
||||
#
|
||||
######################################################################
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-bridge-mx-puppet-steam
|
||||
@@ -2154,10 +2099,10 @@ matrix_mx_puppet_steam_container_additional_networks_auto: |-
|
||||
) | unique
|
||||
}}
|
||||
|
||||
matrix_mx_puppet_steam_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mxste.as.tok', rounds=655555) | to_uuid }}"
|
||||
matrix_mx_puppet_steam_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':mxste.as.tok') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mx_puppet_steam_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_mx_puppet_steam_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mxste.hs.tok', rounds=655555) | to_uuid }}"
|
||||
matrix_mx_puppet_steam_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':mxste.hs.tok') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mx_puppet_steam_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
||||
|
||||
@@ -2166,7 +2111,7 @@ matrix_mx_puppet_steam_presence_enabled: "{{ matrix_homeserver_implementation !=
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_mx_puppet_steam_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_mx_puppet_steam_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_mx_puppet_steam_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mxpup.steam.db', rounds=655555) | to_uuid }}"
|
||||
matrix_mx_puppet_steam_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mxpup.steam.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -2206,10 +2151,10 @@ matrix_mx_puppet_groupme_container_additional_networks_auto: |-
|
||||
) | unique
|
||||
}}
|
||||
|
||||
matrix_mx_puppet_groupme_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mxgro.as.tok', rounds=655555) | to_uuid }}"
|
||||
matrix_mx_puppet_groupme_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':mxgro.as.tok') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mx_puppet_groupme_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_mx_puppet_groupme_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mxgro.hs.tok', rounds=655555) | to_uuid }}"
|
||||
matrix_mx_puppet_groupme_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':mxgro.hs.tok') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_mx_puppet_groupme_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
||||
|
||||
@@ -2218,7 +2163,7 @@ matrix_mx_puppet_groupme_presence_enabled: "{{ matrix_homeserver_implementation
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_mx_puppet_groupme_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_mx_puppet_groupme_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_mx_puppet_groupme_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mxpup.groupme.db', rounds=655555) | to_uuid }}"
|
||||
matrix_mx_puppet_groupme_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mxpup.groupme.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -2283,7 +2228,7 @@ matrix_postmoogle_systemd_required_services_list_auto: |
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_postmoogle_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_postmoogle_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_postmoogle_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'postmoogle.db', rounds=655555) | to_uuid }}"
|
||||
matrix_postmoogle_database_password: "{{ (matrix_homeserver_generic_secret_key + ':postmoogle.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_postmoogle_homeserver: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
|
||||
@@ -2345,16 +2290,16 @@ matrix_steam_bridge_container_labels_traefik_tls_certResolver: "{{ traefik_certR
|
||||
matrix_steam_bridge_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
|
||||
matrix_steam_bridge_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
|
||||
|
||||
matrix_steam_bridge_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'steam.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_steam_bridge_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':steam.as.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_steam_bridge_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_steam_bridge_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'steam.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_steam_bridge_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':steam.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_steam_bridge_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
|
||||
|
||||
matrix_steam_bridge_public_media_signing_key: "{{ ('%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'steam.pub.key', rounds=655555) | to_uuid) if matrix_steam_bridge_public_media_enabled else '' }}"
|
||||
matrix_steam_bridge_public_media_signing_key: "{{ ((matrix_homeserver_generic_secret_key + ':steam.pub.key') | hash('sha512') | to_uuid) if matrix_steam_bridge_public_media_enabled else '' }}"
|
||||
|
||||
matrix_steam_bridge_provisioning_shared_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'steam.prov', rounds=655555) | to_uuid }}"
|
||||
matrix_steam_bridge_provisioning_shared_secret: "{{ (matrix_homeserver_generic_secret_key + ':steam.prov') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_steam_bridge_double_puppet_secrets_auto: |-
|
||||
{{
|
||||
@@ -2372,7 +2317,7 @@ matrix_steam_bridge_metrics_proxying_hostname: "{{ matrix_metrics_exposure_hostn
|
||||
matrix_steam_bridge_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_path_prefix }}/matrix-steam-bridge"
|
||||
|
||||
matrix_steam_bridge_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_steam_bridge_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.twt.db', rounds=655555) | to_uuid if postgres_enabled else '' }}"
|
||||
matrix_steam_bridge_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mau.twt.db') | hash('sha512') | to_uuid if postgres_enabled else '' }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -2416,7 +2361,7 @@ matrix_bot_matrix_reminder_bot_matrix_homeserver_url: "{{ matrix_addons_homeserv
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_bot_matrix_reminder_bot_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_bot_matrix_reminder_bot_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_bot_matrix_reminder_bot_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'reminder.bot.db', rounds=655555) | to_uuid }}"
|
||||
matrix_bot_matrix_reminder_bot_database_password: "{{ (matrix_homeserver_generic_secret_key + ':reminder.bot.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_bot_matrix_reminder_bot_allowlist_enabled: true
|
||||
matrix_bot_matrix_reminder_bot_allowlist_regexes_auto:
|
||||
@@ -2521,7 +2466,7 @@ matrix_bot_maubot_container_labels_management_hostname: "{{ matrix_server_fqn_ma
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_bot_maubot_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_bot_maubot_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_bot_maubot_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mxpup.dsc.db', rounds=655555) | to_uuid }}"
|
||||
matrix_bot_maubot_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mxpup.dsc.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -2579,7 +2524,7 @@ matrix_bot_honoroit_homeserver: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_bot_honoroit_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_bot_honoroit_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_bot_honoroit_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'honoroit.bot.db', rounds=655555) | to_uuid }}"
|
||||
matrix_bot_honoroit_database_password: "{{ (matrix_homeserver_generic_secret_key + ':honoroit.bot.db') | hash('sha512') | to_uuid }}"
|
||||
matrix_bot_honoroit_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
|
||||
|
||||
######################################################################
|
||||
@@ -2633,7 +2578,7 @@ matrix_bot_buscarron_homeserver: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_bot_buscarron_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_bot_buscarron_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_bot_buscarron_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'buscarron.bot.db', rounds=655555) | to_uuid }}"
|
||||
matrix_bot_buscarron_database_password: "{{ (matrix_homeserver_generic_secret_key + ':buscarron.bot.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -2804,7 +2749,7 @@ matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_entrypoints: "{{
|
||||
matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
|
||||
|
||||
#The salt is size restricted here as a maximum salt size of 16 characters exists due to the functions used.
|
||||
matrix_bot_draupnir_config_web_synapseHTTPAntispam_authorization: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'draupnir.httpmod', rounds=655555) | to_uuid }}" # noqa var-naming
|
||||
matrix_bot_draupnir_config_web_synapseHTTPAntispam_authorization: "{{ (matrix_homeserver_generic_secret_key + ':draupnir.httpmod') | hash('sha512') | to_uuid }}" # noqa var-naming
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -2844,11 +2789,11 @@ matrix_appservice_draupnir_for_all_container_additional_networks_auto: |-
|
||||
) | unique
|
||||
}}
|
||||
|
||||
matrix_appservice_draupnir_for_all_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'd4a.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_draupnir_for_all_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'd4a.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_draupnir_for_all_appservice_token: "{{ (matrix_homeserver_generic_secret_key + ':d4a.as.token') | hash('sha512') | to_uuid }}"
|
||||
matrix_appservice_draupnir_for_all_homeserver_token: "{{ (matrix_homeserver_generic_secret_key + ':d4a.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_appservice_draupnir_for_all_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_appservice_draupnir_for_all_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.d4a.db', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_draupnir_for_all_database_password: "{{ (matrix_homeserver_generic_secret_key + ':as.d4a.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -2865,8 +2810,8 @@ matrix_appservice_draupnir_for_all_database_password: "{{ '%s' | format(matrix_h
|
||||
|
||||
matrix_appservice_double_puppet_enabled: false
|
||||
|
||||
matrix_appservice_double_puppet_registration_as_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.doub.pup', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_double_puppet_registration_hs_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'hs.doub.pup', rounds=655555) | to_uuid }}"
|
||||
matrix_appservice_double_puppet_registration_as_token: "{{ (matrix_homeserver_generic_secret_key + ':as.doub.pup') | hash('sha512') | to_uuid }}"
|
||||
matrix_appservice_double_puppet_registration_hs_token: "{{ (matrix_homeserver_generic_secret_key + ':hs.doub.pup') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -2983,8 +2928,8 @@ matrix_cactus_comments_container_additional_networks_auto: |-
|
||||
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
|
||||
}}
|
||||
|
||||
matrix_cactus_comments_as_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'cactus.as.token', rounds=655555) | to_uuid }}"
|
||||
matrix_cactus_comments_hs_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'cactus.hs.token', rounds=655555) | to_uuid }}"
|
||||
matrix_cactus_comments_as_token: "{{ (matrix_homeserver_generic_secret_key + ':cactus.as.token') | hash('sha512') | to_uuid }}"
|
||||
matrix_cactus_comments_hs_token: "{{ (matrix_homeserver_generic_secret_key + ':cactus.hs.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_cactus_comments_homeserver_url: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
|
||||
@@ -3163,10 +3108,10 @@ matrix_coturn_container_image_self_build: "{{ matrix_architecture not in ['amd64
|
||||
# to allow auto-detection (via an EchoIP service) to happen at runtime.
|
||||
matrix_coturn_turn_external_ip_address: "{{ ansible_host }}"
|
||||
|
||||
matrix_coturn_turn_static_auth_secret: "{{ ('%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'coturn.sas', rounds=655555) | to_uuid) if matrix_coturn_authentication_method == 'auth-secret' else '' }}"
|
||||
matrix_coturn_turn_static_auth_secret: "{{ ((matrix_homeserver_generic_secret_key + ':coturn.sas') | hash('sha512') | to_uuid) if matrix_coturn_authentication_method == 'auth-secret' else '' }}"
|
||||
|
||||
matrix_coturn_lt_cred_mech_username: "{{ ('%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'coturn.user', rounds=655555) | to_uuid) if matrix_coturn_authentication_method == 'lt-cred-mech' else '' }}"
|
||||
matrix_coturn_lt_cred_mech_password: "{{ ('%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'coturn.pass', rounds=655555) | to_uuid) if matrix_coturn_authentication_method == 'lt-cred-mech' else '' }}"
|
||||
matrix_coturn_lt_cred_mech_username: "{{ ((matrix_homeserver_generic_secret_key + ':coturn.user') | hash('sha512') | to_uuid) if matrix_coturn_authentication_method == 'lt-cred-mech' else '' }}"
|
||||
matrix_coturn_lt_cred_mech_password: "{{ ((matrix_homeserver_generic_secret_key + ':coturn.pass') | hash('sha512') | to_uuid) if matrix_coturn_authentication_method == 'lt-cred-mech' else '' }}"
|
||||
|
||||
matrix_coturn_tls_enabled: "{{ matrix_playbook_ssl_enabled }}"
|
||||
|
||||
@@ -3278,7 +3223,7 @@ matrix_dimension_systemd_required_services_list_auto: |
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_dimension_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_dimension_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_dimension_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'dimension.db', rounds=655555) | to_uuid }}"
|
||||
matrix_dimension_database_password: "{{ (matrix_homeserver_generic_secret_key + ':dimension.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -3334,7 +3279,7 @@ etherpad_systemd_required_services_list_auto: |
|
||||
etherpad_database_postgres_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
etherpad_database_name: matrix_etherpad
|
||||
etherpad_database_postgres_username: matrix_etherpad
|
||||
etherpad_database_postgres_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'etherpad.db', rounds=655555) | to_uuid }}"
|
||||
etherpad_database_postgres_password: "{{ (matrix_homeserver_generic_secret_key + ':etherpad.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -3344,19 +3289,26 @@ etherpad_database_postgres_password: "{{ '%s' | format(matrix_homeserver_generic
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-dynamic-dns
|
||||
# ddclient
|
||||
#
|
||||
######################################################################
|
||||
|
||||
matrix_dynamic_dns_enabled: false
|
||||
ddclient_enabled: false
|
||||
|
||||
matrix_dynamic_dns_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_dynamic_dns_docker_image_registry_prefix_upstream_default }}"
|
||||
ddclient_identifier: matrix-dynamic-dns
|
||||
|
||||
matrix_dynamic_dns_container_network: matrix-dynamic-dns
|
||||
ddclient_base_path: "{{ matrix_base_data_path }}/dynamic-dns"
|
||||
|
||||
ddclient_container_image_registry_prefix: "{{ 'localhost/' if ddclient_container_image_self_build else ddclient_container_image_registry_prefix_upstream }}"
|
||||
ddclient_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else ddclient_docker_image_registry_prefix_upstream_default }}"
|
||||
|
||||
ddclient_web: "https://cloudflare.com/cdn-cgi/trace"
|
||||
|
||||
ddclient_web_skip: "ip="
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-dynamic-dns
|
||||
# /ddclient
|
||||
#
|
||||
######################################################################
|
||||
|
||||
@@ -3415,9 +3367,9 @@ jitsi_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxy
|
||||
jitsi_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
|
||||
jitsi_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
|
||||
|
||||
jitsi_jibri_xmpp_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'jibri', rounds=655555) | to_uuid }}"
|
||||
jitsi_jicofo_auth_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'jicofo', rounds=655555) | to_uuid }}"
|
||||
jitsi_jvb_auth_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'jvb', rounds=655555) | to_uuid }}"
|
||||
jitsi_jibri_xmpp_password: "{{ (matrix_homeserver_generic_secret_key + ':jibri') | hash('sha512') | to_uuid }}"
|
||||
jitsi_jicofo_auth_password: "{{ (matrix_homeserver_generic_secret_key + ':jicofo') | hash('sha512') | to_uuid }}"
|
||||
jitsi_jvb_auth_password: "{{ (matrix_homeserver_generic_secret_key + ':jvb') | hash('sha512') | to_uuid }}"
|
||||
|
||||
jitsi_web_stun_servers: |
|
||||
{{
|
||||
@@ -3583,7 +3535,7 @@ matrix_media_repo_container_labels_traefik_metrics_middleware_basic_auth_users:
|
||||
|
||||
matrix_media_repo_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_media_repo_database_username: matrix_media_repo
|
||||
matrix_media_repo_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mediarepo.db', rounds=655555) | to_uuid }}"
|
||||
matrix_media_repo_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mediarepo.db') | hash('sha512') | to_uuid }}"
|
||||
matrix_media_repo_database_name: matrix_media_repo
|
||||
|
||||
matrix_media_repo_systemd_required_services_list_auto: |
|
||||
@@ -4396,9 +4348,9 @@ matrix_synapse_container_labels_internal_client_api_traefik_entrypoints: "{{ mat
|
||||
matrix_synapse_workers_container_host_bind_address: "{{ matrix_playbook_service_host_bind_interface_prefix[0:-1] if (matrix_synapse_workers_enabled and matrix_playbook_service_host_bind_interface_prefix) else '' }}"
|
||||
|
||||
matrix_synapse_database_host: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_synapse_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'synapse.db', rounds=655555) | to_uuid }}"
|
||||
matrix_synapse_database_password: "{{ (matrix_homeserver_generic_secret_key + ':synapse.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_synapse_macaroon_secret_key: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'synapse.mac', rounds=655555) | to_uuid }}"
|
||||
matrix_synapse_macaroon_secret_key: "{{ (matrix_homeserver_generic_secret_key + ':synapse.mac') | hash('sha512') | to_uuid }}"
|
||||
|
||||
# We do not enable TLS in Synapse by default, since it's handled by Traefik.
|
||||
matrix_synapse_tls_federation_listener_enabled: false
|
||||
@@ -4695,11 +4647,6 @@ matrix_synapse_admin_config_asManagedUsers_auto: |
|
||||
'^@hbirc_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
|
||||
] if matrix_heisenbridge_enabled else [])
|
||||
+
|
||||
([
|
||||
'^@zulipbot:'+(matrix_domain | regex_escape)+'$',
|
||||
'^@zulip_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
|
||||
] if matrix_zulip_bridge_enabled else [])
|
||||
+
|
||||
([
|
||||
'^@hookshot:'+(matrix_domain | regex_escape)+'$',
|
||||
'^@_github_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
|
||||
@@ -4899,7 +4846,7 @@ prometheus_postgres_exporter_container_labels_metrics_middleware_basic_auth_user
|
||||
|
||||
prometheus_postgres_exporter_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
prometheus_postgres_exporter_database_username: matrix_prometheus_postgres_exporter
|
||||
prometheus_postgres_exporter_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'prometheus.pg.db', rounds=655555) | to_uuid }}"
|
||||
prometheus_postgres_exporter_database_password: "{{ (matrix_homeserver_generic_secret_key + ':prometheus.pg.db') | hash('sha512') | to_uuid }}"
|
||||
prometheus_postgres_exporter_database_name: matrix_prometheus_postgres_exporter
|
||||
|
||||
prometheus_postgres_exporter_systemd_required_services_list_auto: |
|
||||
@@ -5216,7 +5163,7 @@ matrix_registration_api_validate_certs: "{{ matrix_playbook_ssl_enabled }}"
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_registration_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
|
||||
matrix_registration_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
matrix_registration_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mx.registr.db', rounds=655555) | to_uuid }}"
|
||||
matrix_registration_database_password: "{{ (matrix_homeserver_generic_secret_key + ':mx.registr.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -5275,11 +5222,11 @@ matrix_dendrite_metrics_proxying_enabled: "{{ matrix_dendrite_metrics_enabled an
|
||||
matrix_dendrite_metrics_proxying_hostname: "{{ matrix_metrics_exposure_hostname }}"
|
||||
matrix_dendrite_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_path_prefix }}/dendrite"
|
||||
|
||||
matrix_dendrite_client_api_registration_shared_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'dendrite.rss', rounds=655555) | to_uuid }}"
|
||||
matrix_dendrite_client_api_registration_shared_secret: "{{ (matrix_homeserver_generic_secret_key + ':dendrite.rss') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_dendrite_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
|
||||
|
||||
matrix_dendrite_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'dendrite.db', rounds=655555) | to_uuid }}"
|
||||
matrix_dendrite_database_password: "{{ (matrix_homeserver_generic_secret_key + ':dendrite.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_dendrite_client_api_turn_uris: "{{ matrix_coturn_turn_uris if matrix_coturn_enabled else [] }}"
|
||||
matrix_dendrite_client_api_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if (matrix_coturn_enabled and matrix_coturn_authentication_method == 'auth-secret') else '' }}"
|
||||
@@ -5574,7 +5521,7 @@ matrix_user_verification_service_uvs_homeserver_url: "{{ matrix_addons_homeserve
|
||||
# We connect via the container network (private IPs), so we need to disable IP checks
|
||||
matrix_user_verification_service_uvs_disable_ip_blacklist: "{{ matrix_synapse_enabled }}"
|
||||
|
||||
matrix_user_verification_service_uvs_auth_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'uvs.auth.token', rounds=655555) | to_uuid }}"
|
||||
matrix_user_verification_service_uvs_auth_token: "{{ (matrix_homeserver_generic_secret_key + ':uvs.auth.token') | hash('sha512') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
@@ -5970,9 +5917,9 @@ matrix_livekit_jwt_service_container_labels_traefik_tls_certResolver: "{{ traefi
|
||||
|
||||
matrix_livekit_jwt_service_environment_variable_livekit_url: "{{ livekit_server_websocket_public_url }}"
|
||||
|
||||
matrix_livekit_jwt_service_environment_variable_livekit_key: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'lk.key', rounds=655555) | to_uuid }}"
|
||||
matrix_livekit_jwt_service_environment_variable_livekit_key: "{{ (matrix_homeserver_generic_secret_key + ':lk.key') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_livekit_jwt_service_environment_variable_livekit_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'lk.secret', rounds=655555) | to_uuid }}"
|
||||
matrix_livekit_jwt_service_environment_variable_livekit_secret: "{{ (matrix_homeserver_generic_secret_key + ':lk.secret') | hash('sha512') | to_uuid }}"
|
||||
|
||||
matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list: ["{{ matrix_domain }}"]
|
||||
|
||||
|
||||
@@ -17,7 +17,7 @@ packaging==26.0
|
||||
Pygments==2.19.2
|
||||
PyYAML==6.0.3
|
||||
requests==2.32.5
|
||||
setuptools==81.0.0
|
||||
setuptools==82.0.0
|
||||
snowballstemmer==3.0.1
|
||||
Sphinx==9.1.0
|
||||
sphinx-intl==2.3.2
|
||||
|
||||
@@ -45,7 +45,7 @@ msgid "To enable dynamic DNS, add the following configuration to your `inventory
|
||||
msgstr ""
|
||||
|
||||
#: ../../../docs/configuring-playbook-dynamic-dns.md:34
|
||||
msgid "Keep in mind that certain providers may require a different configuration of the `matrix_dynamic_dns_domain_configurations` variable, for provider specific examples see the [upstream documentation](https://github.com/ddclient/ddclient/blob/main/ddclient.conf.in)."
|
||||
msgid "Keep in mind that certain providers may require a different configuration of the `ddclient_domain_configurations` variable, for provider specific examples see the [upstream documentation](https://github.com/ddclient/ddclient/blob/main/ddclient.conf.in)."
|
||||
msgstr ""
|
||||
|
||||
#: ../../../docs/configuring-playbook-dynamic-dns.md:36
|
||||
|
||||
+5
-1
@@ -12,6 +12,10 @@
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-container-socket-proxy.git
|
||||
version: v0.4.2-1
|
||||
name: container_socket_proxy
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-ddclient.git
|
||||
version: v4.0.0-0
|
||||
name: ddclient
|
||||
activation_prefix: ddclient_
|
||||
- src: git+https://github.com/geerlingguy/ansible-role-docker
|
||||
version: 8.0.0
|
||||
name: docker
|
||||
@@ -46,7 +50,7 @@
|
||||
version: dd6e15246b7a9a2d921e0b3f9cd8a4a917a1bb2f
|
||||
name: playbook_state_preserver
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres.git
|
||||
version: v18.1-3
|
||||
version: v18.1-4
|
||||
name: postgres
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres-backup.git
|
||||
version: v18-0
|
||||
|
||||
@@ -76,7 +76,6 @@ matrix_bot_go_neb_container_labels_traefik_additional_response_headers_auto: |
|
||||
{{
|
||||
{}
|
||||
| combine ({'X-XSS-Protection': matrix_bot_go_neb_http_header_xss_protection} if matrix_bot_go_neb_http_header_xss_protection else {})
|
||||
| combine ({'X-Frame-Options': matrix_bot_go_neb_http_header_frame_options} if matrix_bot_go_neb_http_header_frame_options else {})
|
||||
| combine ({'X-Content-Type-Options': matrix_bot_go_neb_http_header_content_type_options} if matrix_bot_go_neb_http_header_content_type_options else {})
|
||||
| combine ({'Content-Security-Policy': matrix_bot_go_neb_http_header_content_security_policy} if matrix_bot_go_neb_http_header_content_security_policy else {})
|
||||
| combine ({'Permission-Policy': matrix_bot_go_neb_http_header_content_permission_policy} if matrix_bot_go_neb_http_header_content_permission_policy else {})
|
||||
@@ -113,10 +112,6 @@ matrix_bot_go_neb_systemd_wanted_services_list: []
|
||||
# - https://portswigger.net/web-security/cross-site-scripting/reflected
|
||||
matrix_bot_go_neb_http_header_xss_protection: "1; mode=block"
|
||||
|
||||
# Specifies the value of the `X-Frame-Options` header which controls whether framing can happen.
|
||||
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
|
||||
matrix_bot_go_neb_http_header_frame_options: SAMEORIGIN
|
||||
|
||||
# Specifies the value of the `X-Content-Type-Options` header.
|
||||
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
|
||||
matrix_bot_go_neb_http_header_content_type_options: nosniff
|
||||
|
||||
@@ -1,122 +0,0 @@
|
||||
# SPDX-FileCopyrightText: 2021 - 2022 Toni Spets
|
||||
# SPDX-FileCopyrightText: 2022 - 2023 Nikita Chernyi
|
||||
# SPDX-FileCopyrightText: 2022 - 2025 Slavi Pantaleev
|
||||
# SPDX-FileCopyrightText: 2022 MDAD project contributors
|
||||
# SPDX-FileCopyrightText: 2022 Marko Weltzer
|
||||
# SPDX-FileCopyrightText: 2023 Samuel Meenzen
|
||||
# SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
---
|
||||
# MatrixZulipBridge is a puppeting appservice bridge for Zulip
|
||||
# Project source code URL: https://github.com/GearKite/MatrixZulipBridge
|
||||
|
||||
matrix_zulip_bridge_enabled: true
|
||||
|
||||
matrix_zulip_bridge_scheme: https
|
||||
matrix_zulip_bridge_hostname: "{{ matrix_server_fqn_matrix }}"
|
||||
matrix_zulip_bridge_path_prefix: "/zulip"
|
||||
|
||||
# renovate: datasource=docker depName=ghcr.io/gearkite/matrixzulipbridge
|
||||
matrix_zulip_bridge_version: v0.4.1
|
||||
matrix_zulip_bridge_docker_image: "{{ matrix_zulip_bridge_docker_image_registry_prefix }}gearkite/matrixzulipbridge:{{ matrix_zulip_bridge_version }}"
|
||||
matrix_zulip_bridge_docker_image_registry_prefix: "{{ matrix_zulip_bridge_docker_image_registry_prefix_upstream }}"
|
||||
matrix_zulip_bridge_docker_image_registry_prefix_upstream: "{{ matrix_zulip_bridge_docker_image_registry_prefix_upstream_default }}"
|
||||
matrix_zulip_bridge_docker_image_registry_prefix_upstream_default: ghcr.io/
|
||||
matrix_zulip_bridge_docker_image_force_pull: "{{ matrix_zulip_bridge_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_zulip_bridge_base_path: "{{ matrix_base_data_path }}/zulip"
|
||||
|
||||
matrix_zulip_bridge_container_network: ""
|
||||
|
||||
# The port number in the container
|
||||
matrix_zulip_bridge_container_http_port: 9898
|
||||
|
||||
matrix_zulip_bridge_container_additional_networks: "{{ matrix_zulip_bridge_container_additional_networks_auto + matrix_zulip_bridge_container_additional_networks_custom }}"
|
||||
matrix_zulip_bridge_container_additional_networks_auto: []
|
||||
matrix_zulip_bridge_container_additional_networks_custom: []
|
||||
|
||||
# Controls how long to wait for the container to stop gracefully before killing it.
|
||||
# We use a small value here, because this container does not seem to handle the SIGTERM signal.
|
||||
matrix_zulip_bridge_container_stop_grace_time_seconds: 1
|
||||
|
||||
# matrix_zulip_bridge_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
|
||||
# See `../templates/labels.j2` for details.
|
||||
#
|
||||
# To inject your own other container labels, see `matrix_zulip_bridge_container_labels_additional_labels`.
|
||||
matrix_zulip_bridge_container_labels_traefik_enabled: true
|
||||
matrix_zulip_bridge_container_labels_traefik_docker_network: "{{ matrix_zulip_bridge_container_network }}"
|
||||
matrix_zulip_bridge_container_labels_traefik_hostname: "{{ matrix_zulip_bridge_hostname }}"
|
||||
matrix_zulip_bridge_container_labels_traefik_path_prefix: "{{ matrix_zulip_bridge_path_prefix }}"
|
||||
matrix_zulip_bridge_container_labels_traefik_entrypoints: web-secure
|
||||
matrix_zulip_bridge_container_labels_traefik_tls_certResolver: default # noqa var-naming
|
||||
|
||||
# Controls if the media router is enabled
|
||||
matrix_zulip_bridge_container_labels_traefik_media_enabled: true
|
||||
matrix_zulip_bridge_container_labels_traefik_media_hostname: "{{ matrix_zulip_bridge_container_labels_traefik_hostname }}"
|
||||
# The path prefix must either be `/` or not end with a slash (e.g. `/zulip`).
|
||||
matrix_zulip_bridge_container_labels_traefik_media_path_prefix: "{{ '' if matrix_zulip_bridge_container_labels_traefik_path_prefix == '/' else (matrix_zulip_bridge_container_labels_traefik_path_prefix) }}/_bridge_zulip/media"
|
||||
matrix_zulip_bridge_container_labels_traefik_media_rule: "Host(`{{ matrix_zulip_bridge_container_labels_traefik_media_hostname }}`){% if matrix_zulip_bridge_container_labels_traefik_media_path_prefix != '/' %} && PathPrefix(`{{ matrix_zulip_bridge_container_labels_traefik_media_path_prefix }}`){% endif %}"
|
||||
matrix_zulip_bridge_container_labels_traefik_media_priority: 0
|
||||
matrix_zulip_bridge_container_labels_traefik_media_entrypoints: "{{ matrix_zulip_bridge_container_labels_traefik_entrypoints }}"
|
||||
matrix_zulip_bridge_container_labels_traefik_media_tls: "{{ matrix_zulip_bridge_container_labels_traefik_media_entrypoints != 'web' }}"
|
||||
matrix_zulip_bridge_container_labels_traefik_media_tls_certResolver: "{{ matrix_zulip_bridge_container_labels_traefik_tls_certResolver }}" # noqa var-naming
|
||||
|
||||
# matrix_zulip_bridge_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
|
||||
# See `../templates/labels.j2` for details.
|
||||
#
|
||||
# Example:
|
||||
# matrix_zulip_bridge_container_labels_additional_labels: |
|
||||
# my.label=1
|
||||
# another.label="here"
|
||||
matrix_zulip_bridge_container_labels_additional_labels: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_zulip_bridge_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that service depends on.
|
||||
matrix_zulip_bridge_systemd_required_services_list: "{{ matrix_zulip_bridge_systemd_required_services_list_default + matrix_zulip_bridge_systemd_required_services_list_auto + matrix_zulip_bridge_systemd_required_services_list_custom }}"
|
||||
matrix_zulip_bridge_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
|
||||
matrix_zulip_bridge_systemd_required_services_list_auto: []
|
||||
matrix_zulip_bridge_systemd_required_services_list_custom: []
|
||||
|
||||
# List of systemd services that service wants
|
||||
matrix_zulip_bridge_systemd_wanted_services_list: []
|
||||
|
||||
matrix_zulip_bridge_homeserver_url: ""
|
||||
|
||||
matrix_zulip_bridge_appservice_token: ''
|
||||
matrix_zulip_bridge_homeserver_token: ''
|
||||
|
||||
matrix_zulip_bridge_config_media_url: "{{ matrix_zulip_bridge_scheme }}://{{ matrix_zulip_bridge_hostname }}"
|
||||
# This matches the hardcoded `DEFAULT_MEDIA_PATH` in MatrixZulipBridge, but uses `matrix_zulip_bridge_path_prefix` as the path prefix.
|
||||
# See: https://github.com/GearKite/MatrixZulipBridge/blob/2ba51f3da2ad8bd33460c953ef91a9cfc585a2d4/matrixzulipbridge/__main__.py#L87
|
||||
matrix_zulip_bridge_config_media_path: "{{ matrix_zulip_bridge_container_labels_traefik_media_path_prefix }}/v3/download/{netloc}{path}{filename}"
|
||||
matrix_zulip_bridge_config_media_key: "{{ matrix_zulip_bridge_homeserver_token }}"
|
||||
matrix_zulip_bridge_config_displayname: "Zulip bridge bot"
|
||||
|
||||
matrix_zulip_bridge_registration_yaml_bridge_zulip:
|
||||
media_url: "{{ matrix_zulip_bridge_config_media_url }}"
|
||||
media_path: "{{ matrix_zulip_bridge_config_media_path }}"
|
||||
media_key: "{{ matrix_zulip_bridge_config_media_key }}"
|
||||
displayname: "{{ matrix_zulip_bridge_config_displayname }}"
|
||||
|
||||
# Default registration file consumed by both the homeserver and MatrixZulipBridge.
|
||||
# Besides registration information, it contains configuration (see the Zulip bridge key).
|
||||
matrix_zulip_bridge_registration_yaml:
|
||||
id: zulip
|
||||
url: http://matrix-zulip-bridge:{{ matrix_zulip_bridge_container_http_port }}
|
||||
as_token: "{{ matrix_zulip_bridge_appservice_token }}"
|
||||
hs_token: "{{ matrix_zulip_bridge_homeserver_token }}"
|
||||
rate_limited: false
|
||||
sender_localpart: zulipbot
|
||||
namespaces:
|
||||
users:
|
||||
- regex: '@zulip_.*'
|
||||
exclusive: true
|
||||
aliases: []
|
||||
rooms: []
|
||||
zulipbridge: "{{ matrix_zulip_bridge_registration_yaml_bridge_zulip }}"
|
||||
|
||||
matrix_zulip_bridge_registration: "{{ matrix_zulip_bridge_registration_yaml | from_yaml }}"
|
||||
@@ -1,29 +0,0 @@
|
||||
# SPDX-FileCopyrightText: 2021 Toni Spets
|
||||
# SPDX-FileCopyrightText: 2022 - 2024 Slavi Pantaleev
|
||||
# SPDX-FileCopyrightText: 2022 Marko Weltzer
|
||||
# SPDX-FileCopyrightText: 2025 Suguru Hirahara
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
---
|
||||
- name: Perform the Zulip bridge installation tasks
|
||||
when: matrix_zulip_bridge_enabled | bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-bridge-zulip
|
||||
- install-all
|
||||
- install-bridge-zulip
|
||||
block:
|
||||
- name: Validate the Zulip bridge configuration
|
||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
- name: Install the Zulip bridge
|
||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
|
||||
- name: Perform the Zulip bridge uninstallation tasks
|
||||
when: not matrix_zulip_bridge_enabled | bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-bridge-zulip
|
||||
block:
|
||||
- name: Uninstall the Zulip bridge
|
||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
@@ -1,62 +0,0 @@
|
||||
# SPDX-FileCopyrightText: 2021 Toni Spets
|
||||
# SPDX-FileCopyrightText: 2022 - 2024 Slavi Pantaleev
|
||||
# SPDX-FileCopyrightText: 2022 Jim Myhrberg
|
||||
# SPDX-FileCopyrightText: 2022 Marko Weltzer
|
||||
# SPDX-FileCopyrightText: 2022 Nikita Chernyi
|
||||
# SPDX-FileCopyrightText: 2022 Sebastian Gumprich
|
||||
# SPDX-FileCopyrightText: 2024 David Mehren
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
---
|
||||
- name: Ensure the Zulip bridge image is pulled
|
||||
community.docker.docker_image:
|
||||
name: "{{ matrix_zulip_bridge_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_zulip_bridge_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_zulip_bridge_docker_image_force_pull }}"
|
||||
register: result
|
||||
retries: "{{ devture_playbook_help_container_retries_count }}"
|
||||
delay: "{{ devture_playbook_help_container_retries_delay }}"
|
||||
until: result is not failed
|
||||
|
||||
- name: Ensure the Zulip bridge paths exist
|
||||
ansible.builtin.file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
mode: "0750"
|
||||
owner: "{{ matrix_user_name }}"
|
||||
group: "{{ matrix_group_name }}"
|
||||
with_items:
|
||||
- "{{ matrix_zulip_bridge_base_path }}"
|
||||
|
||||
- name: Ensure the Zulip bridge registration.yaml installed if provided
|
||||
ansible.builtin.copy:
|
||||
content: "{{ matrix_zulip_bridge_registration | to_nice_yaml(indent=2, width=999999) }}"
|
||||
dest: "{{ matrix_zulip_bridge_base_path }}/registration.yaml"
|
||||
mode: "0644"
|
||||
owner: "{{ matrix_user_name }}"
|
||||
group: "{{ matrix_group_name }}"
|
||||
|
||||
- name: Ensure the Zulip bridge support files installed
|
||||
ansible.builtin.template:
|
||||
src: "{{ role_path }}/templates/{{ item }}.j2"
|
||||
dest: "{{ matrix_zulip_bridge_base_path }}/{{ item }}"
|
||||
mode: "0640"
|
||||
owner: "{{ matrix_user_name }}"
|
||||
group: "{{ matrix_group_name }}"
|
||||
with_items:
|
||||
- labels
|
||||
|
||||
- name: Ensure the Zulip bridge container network is created
|
||||
community.general.docker_network:
|
||||
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
|
||||
name: "{{ matrix_zulip_bridge_container_network }}"
|
||||
driver: bridge
|
||||
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
|
||||
|
||||
- name: Ensure matrix-zulip-bridge.service installed
|
||||
ansible.builtin.template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-zulip-bridge.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-zulip-bridge.service"
|
||||
mode: "0644"
|
||||
@@ -1,26 +0,0 @@
|
||||
# SPDX-FileCopyrightText: 2021 - 2022 Slavi Pantaleev
|
||||
# SPDX-FileCopyrightText: 2021 Michael Sasser
|
||||
# SPDX-FileCopyrightText: 2021 Toni Spets
|
||||
# SPDX-FileCopyrightText: 2022 Marko Weltzer
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
---
|
||||
- name: Check existence of matrix-bridge-zulip service
|
||||
ansible.builtin.stat:
|
||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-zulip-bridge.service"
|
||||
register: matrix_zulip_bridge_service_stat
|
||||
|
||||
- when: matrix_zulip_bridge_service_stat.stat.exists | bool
|
||||
block:
|
||||
- name: Ensure matrix-bridge-zulip is stopped
|
||||
ansible.builtin.service:
|
||||
name: matrix-zulip-bridge
|
||||
state: stopped
|
||||
enabled: false
|
||||
daemon_reload: true
|
||||
|
||||
- name: Ensure matrix-zulip-bridge.service doesn't exist
|
||||
ansible.builtin.file:
|
||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-zulip-bridge.service"
|
||||
state: absent
|
||||
@@ -1,14 +0,0 @@
|
||||
# SPDX-FileCopyrightText: 2024 Slavi Pantaleev
|
||||
# SPDX-FileCopyrightText: 2024 Suguru Hirahara
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
---
|
||||
- name: Fail if required the Zulip bridge settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
|
||||
with_items:
|
||||
- {"name": "matrix_zulip_bridge_container_network", when: true}
|
||||
- {"name": "matrix_zulip_bridge_homeserver_url", when: true}
|
||||
@@ -1,58 +0,0 @@
|
||||
{#
|
||||
SPDX-FileCopyrightText: 2024 Slavi Pantaleev
|
||||
|
||||
SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
#}
|
||||
|
||||
{% if matrix_zulip_bridge_container_labels_traefik_enabled %}
|
||||
traefik.enable=true
|
||||
|
||||
{% if matrix_zulip_bridge_container_labels_traefik_docker_network %}
|
||||
traefik.docker.network={{ matrix_zulip_bridge_container_labels_traefik_docker_network }}
|
||||
{% endif %}
|
||||
|
||||
traefik.http.services.matrix-zulip-bridge.loadbalancer.server.port={{ matrix_zulip_bridge_container_http_port }}
|
||||
|
||||
{% set middlewares = [] %}
|
||||
|
||||
{% if matrix_zulip_bridge_container_labels_traefik_path_prefix != '/' %}
|
||||
traefik.http.middlewares.matrix-bridge-zulip-strip-prefix.stripprefix.prefixes={{ matrix_zulip_bridge_container_labels_traefik_path_prefix }}
|
||||
{% set middlewares = middlewares + ['matrix-bridge-zulip-strip-prefix'] %}
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_zulip_bridge_container_labels_traefik_media_enabled %}
|
||||
##########################################################################
|
||||
# #
|
||||
# Media #
|
||||
# #
|
||||
##########################################################################
|
||||
|
||||
traefik.http.routers.matrix-bridge-zulip-media.rule={{ matrix_zulip_bridge_container_labels_traefik_media_rule }}
|
||||
|
||||
{% if matrix_zulip_bridge_container_labels_traefik_media_priority | int > 0 %}
|
||||
traefik.http.routers.matrix-bridge-zulip-media.priority={{ matrix_zulip_bridge_container_labels_traefik_media_priority }}
|
||||
{% endif %}
|
||||
|
||||
{% if middlewares | length > 0 %}
|
||||
traefik.http.routers.matrix-bridge-zulip-media.middlewares={{ middlewares | join(',') }}
|
||||
{% endif %}
|
||||
|
||||
traefik.http.routers.matrix-bridge-zulip-media.service=matrix-bridge-zulip
|
||||
traefik.http.routers.matrix-bridge-zulip-media.entrypoints={{ matrix_zulip_bridge_container_labels_traefik_entrypoints }}
|
||||
|
||||
traefik.http.routers.matrix-bridge-zulip-media.tls={{ matrix_zulip_bridge_container_labels_traefik_media_tls | to_json }}
|
||||
{% if matrix_zulip_bridge_container_labels_traefik_media_entrypoints %}
|
||||
traefik.http.routers.matrix-bridge-zulip-media.tls.certResolver={{ matrix_zulip_bridge_container_labels_traefik_media_tls_certResolver }}
|
||||
{% endif %}
|
||||
|
||||
##########################################################################
|
||||
# #
|
||||
# /Media #
|
||||
# #
|
||||
##########################################################################
|
||||
{% endif %}
|
||||
|
||||
|
||||
{% endif %}
|
||||
|
||||
{{ matrix_zulip_bridge_container_labels_additional_labels }}
|
||||
@@ -1,60 +0,0 @@
|
||||
{#
|
||||
SPDX-FileCopyrightText: 2021 Toni Spets
|
||||
SPDX-FileCopyrightText: 2022 - 2025 Slavi Pantaleev
|
||||
SPDX-FileCopyrightText: 2025 Suguru Hirahara
|
||||
|
||||
SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
#}
|
||||
|
||||
[Unit]
|
||||
Description=a puppeting appservice bridge for Zulip
|
||||
{% for service in matrix_zulip_bridge_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_zulip_bridge_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
DefaultDependencies=no
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ matrix_zulip_bridge_container_stop_grace_time_seconds }} matrix-bridge-zulip
|
||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bridge-zulip
|
||||
|
||||
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
|
||||
--rm \
|
||||
--name=matrix-bridge-zulip \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_zulip_bridge_container_network }} \
|
||||
--mount type=bind,src={{ matrix_zulip_bridge_base_path }},dst=/config \
|
||||
--label-file={{ matrix_zulip_bridge_base_path }}/labels \
|
||||
{% for arg in matrix_zulip_bridge_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_zulip_bridge_docker_image }} \
|
||||
{% if matrix_zulip_bridge_owner %}
|
||||
-o {{ matrix_zulip_bridge_owner }} \
|
||||
{% endif %}
|
||||
--config /config/registration.yaml \
|
||||
--listen-address 0.0.0.0 \
|
||||
--listen-port {{ matrix_zulip_bridge_container_http_port }} \
|
||||
{{ matrix_zulip_bridge_homeserver_url }}
|
||||
|
||||
{% for network in matrix_zulip_bridge_container_additional_networks %}
|
||||
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bridge-zulip
|
||||
{% endfor %}
|
||||
|
||||
ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bridge-zulip
|
||||
|
||||
ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ matrix_zulip_bridge_container_stop_grace_time_seconds }} matrix-bridge-zulip
|
||||
ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bridge-zulip
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-bridge-zulip
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
@@ -87,7 +87,6 @@ matrix_client_element_container_labels_traefik_additional_response_headers_auto:
|
||||
{{
|
||||
{}
|
||||
| combine ({'X-XSS-Protection': matrix_client_element_http_header_xss_protection} if matrix_client_element_http_header_xss_protection else {})
|
||||
| combine ({'X-Frame-Options': matrix_client_element_http_header_frame_options} if matrix_client_element_http_header_frame_options else {})
|
||||
| combine ({'X-Content-Type-Options': matrix_client_element_http_header_content_type_options} if matrix_client_element_http_header_content_type_options else {})
|
||||
| combine ({'Content-Security-Policy': matrix_client_element_http_header_content_security_policy} if matrix_client_element_http_header_content_security_policy else {})
|
||||
| combine ({'Permission-Policy': matrix_client_element_http_header_content_permission_policy} if matrix_client_element_http_header_content_permission_policy else {})
|
||||
@@ -123,10 +122,6 @@ matrix_client_element_container_healthcheck_cmd: ""
|
||||
# - https://portswigger.net/web-security/cross-site-scripting/reflected
|
||||
matrix_client_element_http_header_xss_protection: "1; mode=block"
|
||||
|
||||
# Specifies the value of the `X-Frame-Options` header which controls whether framing can happen.
|
||||
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
|
||||
matrix_client_element_http_header_frame_options: SAMEORIGIN
|
||||
|
||||
# Specifies the value of the `X-Content-Type-Options` header.
|
||||
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
|
||||
matrix_client_element_http_header_content_type_options: nosniff
|
||||
|
||||
@@ -66,7 +66,6 @@ matrix_client_fluffychat_container_labels_traefik_additional_response_headers_au
|
||||
{{
|
||||
{}
|
||||
| combine ({'X-XSS-Protection': matrix_client_fluffychat_http_header_xss_protection} if matrix_client_fluffychat_http_header_xss_protection else {})
|
||||
| combine ({'X-Frame-Options': matrix_client_fluffychat_http_header_frame_options} if matrix_client_fluffychat_http_header_frame_options else {})
|
||||
| combine ({'X-Content-Type-Options': matrix_client_fluffychat_http_header_content_type_options} if matrix_client_fluffychat_http_header_content_type_options else {})
|
||||
| combine ({'Content-Security-Policy': matrix_client_fluffychat_http_header_content_security_policy} if matrix_client_fluffychat_http_header_content_security_policy else {})
|
||||
| combine ({'Permission-Policy': matrix_client_fluffychat_http_header_content_permission_policy} if matrix_client_fluffychat_http_header_content_permission_policy else {})
|
||||
@@ -100,10 +99,6 @@ matrix_client_fluffychat_systemd_required_services_list_custom: []
|
||||
# - https://portswigger.net/web-security/cross-site-scripting/reflected
|
||||
matrix_client_fluffychat_http_header_xss_protection: "1; mode=block"
|
||||
|
||||
# Specifies the value of the `X-Frame-Options` header which controls whether framing can happen.
|
||||
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
|
||||
matrix_client_fluffychat_http_header_frame_options: SAMEORIGIN
|
||||
|
||||
# Specifies the value of the `X-Content-Type-Options` header.
|
||||
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
|
||||
matrix_client_fluffychat_http_header_content_type_options: nosniff
|
||||
|
||||
@@ -68,7 +68,6 @@ matrix_client_hydrogen_container_labels_traefik_additional_response_headers_auto
|
||||
{{
|
||||
{}
|
||||
| combine ({'X-XSS-Protection': matrix_client_hydrogen_http_header_xss_protection} if matrix_client_hydrogen_http_header_xss_protection else {})
|
||||
| combine ({'X-Frame-Options': matrix_client_hydrogen_http_header_frame_options} if matrix_client_hydrogen_http_header_frame_options else {})
|
||||
| combine ({'X-Content-Type-Options': matrix_client_hydrogen_http_header_content_type_options} if matrix_client_hydrogen_http_header_content_type_options else {})
|
||||
| combine ({'Content-Security-Policy': matrix_client_hydrogen_http_header_content_security_policy} if matrix_client_hydrogen_http_header_content_security_policy else {})
|
||||
| combine ({'Permission-Policy': matrix_client_hydrogen_http_header_content_permission_policy} if matrix_client_hydrogen_http_header_content_permission_policy else {})
|
||||
@@ -99,10 +98,6 @@ matrix_client_hydrogen_systemd_required_services_list: "{{ [devture_systemd_dock
|
||||
# - https://portswigger.net/web-security/cross-site-scripting/reflected
|
||||
matrix_client_hydrogen_http_header_xss_protection: "1; mode=block"
|
||||
|
||||
# Specifies the value of the `X-Frame-Options` header which controls whether framing can happen.
|
||||
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
|
||||
matrix_client_hydrogen_http_header_frame_options: SAMEORIGIN
|
||||
|
||||
# Specifies the value of the `X-Content-Type-Options` header.
|
||||
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
|
||||
matrix_client_hydrogen_http_header_content_type_options: nosniff
|
||||
|
||||
@@ -64,7 +64,6 @@ matrix_client_schildichat_container_labels_traefik_additional_response_headers_a
|
||||
{{
|
||||
{}
|
||||
| combine ({'X-XSS-Protection': matrix_client_schildichat_http_header_xss_protection} if matrix_client_schildichat_http_header_xss_protection else {})
|
||||
| combine ({'X-Frame-Options': matrix_client_schildichat_http_header_frame_options} if matrix_client_schildichat_http_header_frame_options else {})
|
||||
| combine ({'X-Content-Type-Options': matrix_client_schildichat_http_header_content_type_options} if matrix_client_schildichat_http_header_content_type_options else {})
|
||||
| combine ({'Content-Security-Policy': matrix_client_schildichat_http_header_content_security_policy} if matrix_client_schildichat_http_header_content_security_policy else {})
|
||||
| combine ({'Permission-Policy': matrix_client_schildichat_http_header_content_permission_policy} if matrix_client_schildichat_http_header_content_permission_policy else {})
|
||||
@@ -95,10 +94,6 @@ matrix_client_schildichat_systemd_required_services_list: "{{ [devture_systemd_d
|
||||
# - https://portswigger.net/web-security/cross-site-scripting/reflected
|
||||
matrix_client_schildichat_http_header_xss_protection: "1; mode=block"
|
||||
|
||||
# Specifies the value of the `X-Frame-Options` header which controls whether framing can happen.
|
||||
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
|
||||
matrix_client_schildichat_http_header_frame_options: SAMEORIGIN
|
||||
|
||||
# Specifies the value of the `X-Content-Type-Options` header.
|
||||
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
|
||||
matrix_client_schildichat_http_header_content_type_options: nosniff
|
||||
|
||||
@@ -1,79 +0,0 @@
|
||||
# SPDX-FileCopyrightText: 2020 - 2025 Slavi Pantaleev
|
||||
# SPDX-FileCopyrightText: 2020 Scott Crossen
|
||||
# SPDX-FileCopyrightText: 2021 - 2022 MDAD project contributors
|
||||
# SPDX-FileCopyrightText: 2021 Ahmad Haghighi
|
||||
# SPDX-FileCopyrightText: 2022 Marko Weltzer
|
||||
# SPDX-FileCopyrightText: 2022 Nikita Chernyi
|
||||
# SPDX-FileCopyrightText: 2023 Samuel Meenzen
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
---
|
||||
# Project source code URL: https://github.com/linuxserver/docker-ddclient
|
||||
|
||||
# Whether dynamic dns is enabled
|
||||
matrix_dynamic_dns_enabled: true
|
||||
|
||||
# The dynamic dns daemon interval
|
||||
matrix_dynamic_dns_daemon_interval: '300'
|
||||
|
||||
# renovate: datasource=docker depName=linuxserver/ddclient versioning=semver
|
||||
matrix_dynamic_dns_version: 4.0.0
|
||||
|
||||
# The docker container to use when in mode
|
||||
matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_registry_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}"
|
||||
|
||||
matrix_dynamic_dns_docker_image_registry_prefix: "{{ 'localhost/' if matrix_dynamic_dns_container_image_self_build else matrix_dynamic_dns_docker_image_registry_prefix_upstream }}"
|
||||
matrix_dynamic_dns_docker_image_registry_prefix_upstream: "{{ matrix_dynamic_dns_docker_image_registry_prefix_upstream_default }}"
|
||||
matrix_dynamic_dns_docker_image_registry_prefix_upstream_default: docker.io/
|
||||
|
||||
# The image to force pull
|
||||
matrix_dynamic_dns_docker_image_force_pull: "{{ matrix_dynamic_dns_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_dynamic_dns_container_network: ''
|
||||
|
||||
matrix_dynamic_dns_container_additional_networks: "{{ matrix_dynamic_dns_container_additional_networks_auto + matrix_dynamic_dns_container_additional_networks_custom }}"
|
||||
matrix_dynamic_dns_container_additional_networks_auto: []
|
||||
matrix_dynamic_dns_container_additional_networks_custom: []
|
||||
|
||||
# List of extra arguments to pass to the container mode
|
||||
matrix_dynamic_dns_container_extra_arguments: []
|
||||
|
||||
# List of wanted services when running in mode
|
||||
matrix_dynamic_dns_systemd_wanted_services_list: []
|
||||
|
||||
# List of required services when running in mode
|
||||
matrix_dynamic_dns_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
|
||||
|
||||
# Build the container from source when running in mode
|
||||
matrix_dynamic_dns_container_image_self_build: false
|
||||
matrix_dynamic_dns_container_image_self_build_repo: "https://github.com/linuxserver/docker-ddclient.git"
|
||||
matrix_dynamic_dns_container_image_self_build_repo_branch: "{{ matrix_dynamic_dns_version }}"
|
||||
|
||||
# Config paths
|
||||
matrix_dynamic_dns_base_path: "{{ matrix_base_data_path }}/dynamic-dns"
|
||||
matrix_dynamic_dns_config_path: "{{ matrix_dynamic_dns_base_path }}/config"
|
||||
matrix_dynamic_dns_docker_src_files_path: "{{ matrix_dynamic_dns_base_path }}/docker-src"
|
||||
|
||||
# Config options
|
||||
matrix_dynamic_dns_use: "web"
|
||||
|
||||
# The endpoint to use to determine your external IP
|
||||
matrix_dynamic_dns_web: "https://cloudflare.com/cdn-cgi/trace"
|
||||
|
||||
# The field to extract the IP from
|
||||
# If your endpoint defined in `matrix_dynamic_dns_web` doesn't need this, just set it to ""
|
||||
matrix_dynamic_dns_web_skip: "ip="
|
||||
|
||||
matrix_dynamic_dns_additional_configuration_blocks: []
|
||||
|
||||
# Holds the configurations (the domains to update DNS for, the providers they use, etc.)
|
||||
#
|
||||
# Example:
|
||||
# matrix_dynamic_dns_domain_configurations:
|
||||
# - provider: domains.google.com
|
||||
# protocol: dyndn2
|
||||
# username: XXXXXXXXXXXXXXXX
|
||||
# password: XXXXXXXXXXXXXXXX
|
||||
# domain: "{{ matrix_domain }}"
|
||||
matrix_dynamic_dns_domain_configurations: []
|
||||
@@ -1,26 +0,0 @@
|
||||
# SPDX-FileCopyrightText: 2020 Scott Crossen
|
||||
# SPDX-FileCopyrightText: 2022 - 2023 Slavi Pantaleev
|
||||
# SPDX-FileCopyrightText: 2022 Marko Weltzer
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
---
|
||||
|
||||
- tags:
|
||||
- setup-all
|
||||
- setup-dynamic-dns
|
||||
- install-all
|
||||
- install-dynamic-dns
|
||||
block:
|
||||
- when: matrix_dynamic_dns_enabled | bool
|
||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
|
||||
- when: matrix_dynamic_dns_enabled | bool
|
||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
|
||||
- tags:
|
||||
- setup-all
|
||||
- setup-dynamic-dns
|
||||
block:
|
||||
- when: not matrix_dynamic_dns_enabled | bool
|
||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
@@ -1,79 +0,0 @@
|
||||
# SPDX-FileCopyrightText: 2020 - 2024 Slavi Pantaleev
|
||||
# SPDX-FileCopyrightText: 2020 Scott Crossen
|
||||
# SPDX-FileCopyrightText: 2022 Marko Weltzer
|
||||
# SPDX-FileCopyrightText: 2022 Nikita Chernyi
|
||||
# SPDX-FileCopyrightText: 2022 Sebastian Gumprich
|
||||
# SPDX-FileCopyrightText: 2024 David Mehren
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
---
|
||||
|
||||
- name: Ensure Dynamic DNS image is pulled
|
||||
community.docker.docker_image:
|
||||
name: "{{ matrix_dynamic_dns_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_dynamic_dns_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dynamic_dns_docker_image_force_pull }}"
|
||||
when: matrix_dynamic_dns_enabled | bool and not matrix_dynamic_dns_container_image_self_build
|
||||
register: result
|
||||
retries: "{{ devture_playbook_help_container_retries_count }}"
|
||||
delay: "{{ devture_playbook_help_container_retries_delay }}"
|
||||
until: result is not failed
|
||||
|
||||
- name: Ensure Dynamic DNS paths exist
|
||||
ansible.builtin.file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0751
|
||||
owner: "{{ matrix_user_name }}"
|
||||
group: "{{ matrix_group_name }}"
|
||||
with_items:
|
||||
- {path: "{{ matrix_dynamic_dns_base_path }}", when: true}
|
||||
- {path: "{{ matrix_dynamic_dns_config_path }}", when: true}
|
||||
- {path: "{{ matrix_dynamic_dns_docker_src_files_path }}", when: "{{ matrix_dynamic_dns_container_image_self_build }}"}
|
||||
when: matrix_dynamic_dns_enabled | bool and item.when | bool
|
||||
|
||||
- name: Ensure Dynamic DNS repository is present on self build
|
||||
ansible.builtin.git:
|
||||
repo: "{{ matrix_dynamic_dns_container_image_self_build_repo }}"
|
||||
version: "{{ matrix_dynamic_dns_container_image_self_build_repo_branch }}"
|
||||
dest: "{{ matrix_dynamic_dns_docker_src_files_path }}"
|
||||
force: "yes"
|
||||
become: true
|
||||
become_user: "{{ matrix_user_name }}"
|
||||
register: matrix_dynamic_dns_git_pull_results
|
||||
when: "matrix_dynamic_dns_enabled | bool and matrix_dynamic_dns_container_image_self_build | bool"
|
||||
|
||||
- name: Ensure Dynamic DNS Docker image is built
|
||||
community.docker.docker_image:
|
||||
name: "{{ matrix_dynamic_dns_docker_image }}"
|
||||
source: build
|
||||
force_source: "{{ matrix_dynamic_dns_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dynamic_dns_git_pull_results.changed }}"
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_dynamic_dns_docker_src_files_path }}"
|
||||
pull: true
|
||||
when: "matrix_dynamic_dns_enabled | bool and matrix_dynamic_dns_container_image_self_build | bool"
|
||||
|
||||
- name: Ensure Dynamic DNS ddclient.conf installed
|
||||
ansible.builtin.template:
|
||||
src: "{{ role_path }}/templates/ddclient.conf.j2"
|
||||
dest: "{{ matrix_dynamic_dns_config_path }}/ddclient.conf"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_name }}"
|
||||
group: "{{ matrix_group_name }}"
|
||||
|
||||
- name: Ensure matrix-dynamic-dns container network is created
|
||||
community.general.docker_network:
|
||||
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
|
||||
name: "{{ matrix_dynamic_dns_container_network }}"
|
||||
driver: bridge
|
||||
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
|
||||
|
||||
- name: Ensure matrix-dynamic-dns.service installed
|
||||
ansible.builtin.template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-dynamic-dns.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-dynamic-dns.service"
|
||||
mode: 0644
|
||||
@@ -1,26 +0,0 @@
|
||||
# SPDX-FileCopyrightText: 2020 - 2022 Slavi Pantaleev
|
||||
# SPDX-FileCopyrightText: 2020 Scott Crossen
|
||||
# SPDX-FileCopyrightText: 2022 Marko Weltzer
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-dynamic-dns service
|
||||
ansible.builtin.stat:
|
||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dynamic-dns.service"
|
||||
register: matrix_dynamic_dns_service_stat
|
||||
|
||||
- when: matrix_dynamic_dns_service_stat.stat.exists | bool
|
||||
block:
|
||||
- name: Ensure matrix-dynamic-dns is stopped
|
||||
ansible.builtin.service:
|
||||
name: matrix-dynamic-dns
|
||||
state: stopped
|
||||
enabled: false
|
||||
daemon_reload: true
|
||||
|
||||
- name: Ensure matrix-dynamic-dns.service doesn't exist
|
||||
ansible.builtin.file:
|
||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dynamic-dns.service"
|
||||
state: absent
|
||||
@@ -1,37 +0,0 @@
|
||||
# SPDX-FileCopyrightText: 2020 - 2025 Slavi Pantaleev
|
||||
# SPDX-FileCopyrightText: 2020 Scott Crossen
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
---
|
||||
|
||||
- name: Fail if no matrix-dynamic-dns configurations specified
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define at least one configuration in `matrix_dynamic_dns_domain_configurations` for using matrix-dynamic-dns.
|
||||
when: "matrix_dynamic_dns_domain_configurations | length == 0"
|
||||
|
||||
- name: Fail if required matrix-dynamic-dns settings not defined in configuration blocks
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
One of the configurations in matrix_dynamic_dns_domain_configurations is missing a required key (domain, protocol).
|
||||
when: "'domain' not in configuration or 'protocol' not in configuration"
|
||||
with_items: "{{ matrix_dynamic_dns_domain_configurations }}"
|
||||
loop_control:
|
||||
loop_var: configuration
|
||||
|
||||
- name: Fail if required matrix-dynamic-dns settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
|
||||
with_items:
|
||||
- {'name': 'matrix_dynamic_dns_container_network', when: true}
|
||||
|
||||
- name: (Deprecation) Catch and report renamed matrix-dynamic-dns variables
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
The variable `{{ item.old }}` is deprecated. Please use `{{ item.new }}` instead.
|
||||
when: "lookup('ansible.builtin.varnames', ('^' + item.old + '$'), wantlist=True) | length > 0"
|
||||
with_items:
|
||||
- {'old': 'matrix_dynamic_dns_container_image_name_prefix', 'new': 'matrix_dynamic_dns_docker_image_registry_prefix'}
|
||||
@@ -1,78 +0,0 @@
|
||||
{#
|
||||
SPDX-FileCopyrightText: 2020 Scott Crossen
|
||||
SPDX-FileCopyrightText: 2022 Slavi Pantaleev
|
||||
|
||||
SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
#}
|
||||
|
||||
daemon={{ matrix_dynamic_dns_daemon_interval }}
|
||||
syslog=no
|
||||
pid=/var/run/ddclient/ddclient.pid
|
||||
ssl=yes
|
||||
use={{ matrix_dynamic_dns_use }}
|
||||
web='{{ matrix_dynamic_dns_web }}'
|
||||
{% if matrix_dynamic_dns_web_skip %}
|
||||
web-skip='{{ matrix_dynamic_dns_web_skip }}'
|
||||
{% endif %}
|
||||
|
||||
{% for matrix_dynamic_dns_additional_configuration in matrix_dynamic_dns_additional_configuration_blocks %}
|
||||
{{ matrix_dynamic_dns_additional_configuration }}
|
||||
{% endfor %}
|
||||
|
||||
{% for dynamic_dns_domain_configuration in matrix_dynamic_dns_domain_configurations %}
|
||||
protocol={{ dynamic_dns_domain_configuration.protocol }}
|
||||
|
||||
{% if 'apikey' in dynamic_dns_domain_configuration %}
|
||||
apikey={{ dynamic_dns_domain_configuration.apikey }}
|
||||
{% endif %}
|
||||
|
||||
{% if 'secretapikey' in dynamic_dns_domain_configuration %}
|
||||
secretapikey={{ dynamic_dns_domain_configuration.secretapikey }}
|
||||
{% endif %}
|
||||
|
||||
{% if 'rootdomain' in dynamic_dns_domain_configuration %}
|
||||
root-domain={{ dynamic_dns_domain_configuration.rootdomain }}
|
||||
{% endif %}
|
||||
|
||||
{% if 'provider' in dynamic_dns_domain_configuration %}
|
||||
server={{ dynamic_dns_domain_configuration.provider }}
|
||||
{% endif %}
|
||||
|
||||
{% if 'username' in dynamic_dns_domain_configuration %}
|
||||
login='{{ dynamic_dns_domain_configuration.username }}'
|
||||
{% endif %}
|
||||
|
||||
{% if 'password' in dynamic_dns_domain_configuration %}
|
||||
password='{{ dynamic_dns_domain_configuration.password }}'
|
||||
{% endif %}
|
||||
|
||||
{% if 'static' in dynamic_dns_domain_configuration %}
|
||||
static=yes
|
||||
{% endif %}
|
||||
|
||||
{% if 'custom' in dynamic_dns_domain_configuration %}
|
||||
custom=yes
|
||||
{% endif %}
|
||||
|
||||
{% if 'zone' in dynamic_dns_domain_configuration %}
|
||||
zone={{ dynamic_dns_domain_configuration.zone }}
|
||||
{% endif %}
|
||||
|
||||
{% if 'ttl' in dynamic_dns_domain_configuration %}
|
||||
ttl={{ dynamic_dns_domain_configuration.ttl }}
|
||||
{% endif %}
|
||||
|
||||
{% if 'mx' in dynamic_dns_domain_configuration %}
|
||||
mx={{ dynamic_dns_domain_configuration.mx }}
|
||||
{% endif %}
|
||||
|
||||
{% if 'wildcard' in dynamic_dns_domain_configuration %}
|
||||
wildcard=yes
|
||||
{% endif %}
|
||||
|
||||
{% if 'script' in dynamic_dns_domain_configuration %}
|
||||
script={{ dynamic_dns_domain_configuration.script }}
|
||||
{% endif %}
|
||||
|
||||
{{ dynamic_dns_domain_configuration.domain }}
|
||||
{% endfor %}
|
||||
@@ -1,46 +0,0 @@
|
||||
#jinja2: lstrip_blocks: True
|
||||
[Unit]
|
||||
Description=Matrix Dynamic DNS
|
||||
{% for service in matrix_dynamic_dns_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_dynamic_dns_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
DefaultDependencies=no
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-dynamic-dns 2>/dev/null || true'
|
||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true'
|
||||
|
||||
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
|
||||
--rm \
|
||||
--name=matrix-dynamic-dns \
|
||||
--log-driver=none \
|
||||
--network={{ matrix_dynamic_dns_container_network }} \
|
||||
-e PUID={{ matrix_user_uid }} \
|
||||
-e PGID={{ matrix_user_gid }} \
|
||||
--mount type=bind,src={{ matrix_dynamic_dns_config_path }},dst=/config \
|
||||
{% for arg in matrix_dynamic_dns_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_dynamic_dns_docker_image }}
|
||||
|
||||
|
||||
{% for network in matrix_dynamic_dns_container_additional_networks %}
|
||||
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-dynamic-dns
|
||||
{% endfor %}
|
||||
|
||||
ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-dynamic-dns
|
||||
|
||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-dynamic-dns 2>/dev/null || true'
|
||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-dynamic-dns
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
-4
@@ -1,4 +0,0 @@
|
||||
SPDX-FileCopyrightText: 2020 - 2025 Slavi Pantaleev
|
||||
SPDX-FileCopyrightText: 2020 Scott Crossen
|
||||
|
||||
SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
@@ -78,7 +78,6 @@ matrix_synapse_admin_container_labels_traefik_additional_response_headers_auto:
|
||||
{{
|
||||
{}
|
||||
| combine ({'X-XSS-Protection': matrix_synapse_admin_http_header_xss_protection} if matrix_synapse_admin_http_header_xss_protection else {})
|
||||
| combine ({'X-Frame-Options': matrix_synapse_admin_http_header_frame_options} if matrix_synapse_admin_http_header_frame_options else {})
|
||||
| combine ({'X-Content-Type-Options': matrix_synapse_admin_http_header_content_type_options} if matrix_synapse_admin_http_header_content_type_options else {})
|
||||
| combine ({'Content-Security-Policy': matrix_synapse_admin_http_header_content_security_policy} if matrix_synapse_admin_http_header_content_security_policy else {})
|
||||
| combine ({'Permission-Policy': matrix_synapse_admin_http_header_content_permission_policy} if matrix_synapse_admin_http_header_content_permission_policy else {})
|
||||
@@ -109,10 +108,6 @@ matrix_synapse_admin_systemd_wanted_services_list: []
|
||||
# - https://portswigger.net/web-security/cross-site-scripting/reflected
|
||||
matrix_synapse_admin_http_header_xss_protection: "1; mode=block"
|
||||
|
||||
# Specifies the value of the `X-Frame-Options` header which controls whether framing can happen.
|
||||
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
|
||||
matrix_synapse_admin_http_header_frame_options: SAMEORIGIN
|
||||
|
||||
# Specifies the value of the `X-Content-Type-Options` header.
|
||||
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
|
||||
matrix_synapse_admin_http_header_content_type_options: nosniff
|
||||
|
||||
+29
-4
@@ -4,9 +4,9 @@
|
||||
|
||||
---
|
||||
|
||||
- name: Ensure Matrix Authentication Service user registered - {{ user.username | quote }}
|
||||
ansible.builtin.command:
|
||||
cmd: |-
|
||||
- name: Build Matrix Authentication Service user registration command - {{ user.username | quote }}
|
||||
ansible.builtin.set_fact:
|
||||
matrix_authentication_service_register_user_command: |-
|
||||
{{ devture_systemd_docker_base_host_command_docker }} exec matrix-authentication-service
|
||||
mas-cli manage register-user
|
||||
-p {{ user.initial_password | quote }}
|
||||
@@ -18,6 +18,31 @@
|
||||
--no-admin
|
||||
{% endif %}
|
||||
{{ user.username | quote }}
|
||||
|
||||
- name: Ensure Matrix Authentication Service user registered - {{ user.username | quote }}
|
||||
ansible.builtin.command:
|
||||
cmd: "{{ matrix_authentication_service_register_user_command }}"
|
||||
register: matrix_authentication_service_register_user_result
|
||||
changed_when: "matrix_authentication_service_register_user_result.rc == 0 and 'Error: User already exists' not in matrix_authentication_service_register_user_result.stderr"
|
||||
failed_when: "matrix_authentication_service_register_user_result.rc != 0 and 'Error: User already exists' not in matrix_authentication_service_register_user_result.stderr"
|
||||
failed_when: >-
|
||||
matrix_authentication_service_register_user_result.rc != 0
|
||||
and 'Error: User already exists' not in matrix_authentication_service_register_user_result.stderr
|
||||
and 'password authentication failed' not in matrix_authentication_service_register_user_result.stderr
|
||||
|
||||
- when: "'password authentication failed' in matrix_authentication_service_register_user_result.stderr | default('')"
|
||||
block:
|
||||
- name: Restart Matrix Authentication Service due to database authentication failure (likely a password change)
|
||||
ansible.builtin.service:
|
||||
name: "matrix-authentication-service.service"
|
||||
state: restarted
|
||||
|
||||
- name: Wait for Matrix Authentication Service to start after restart
|
||||
ansible.builtin.pause:
|
||||
seconds: "{{ matrix_user_creator_homeserver_start_wait_time_seconds }}"
|
||||
|
||||
- name: Retry Matrix Authentication Service user registration - {{ user.username | quote }}
|
||||
ansible.builtin.command:
|
||||
cmd: "{{ matrix_authentication_service_register_user_command }}"
|
||||
register: matrix_authentication_service_register_user_result
|
||||
changed_when: "matrix_authentication_service_register_user_result.rc == 0 and 'Error: User already exists' not in matrix_authentication_service_register_user_result.stderr"
|
||||
failed_when: "matrix_authentication_service_register_user_result.rc != 0 and 'Error: User already exists' not in matrix_authentication_service_register_user_result.stderr"
|
||||
|
||||
@@ -80,6 +80,11 @@
|
||||
- {'old': 'cinny_docker_image_registry_prefix_upstream', 'new': 'cinny_container_image_registry_prefix_upstream'}
|
||||
- {'old': 'cinny_docker_image_registry_prefix_upstream_default', 'new': 'cinny_container_image_registry_prefix_upstream_default'}
|
||||
|
||||
- {'old': 'ddclient_docker_image', 'new': 'ddclient_container_image'}
|
||||
- {'old': 'ddclient_docker_image_registry_prefix', 'new': 'ddclient_container_image_registry_prefix'}
|
||||
- {'old': 'ddclient_docker_image_registry_prefix_upstream', 'new': 'ddclient_container_image_registry_prefix_upstream'}
|
||||
- {'old': 'ddclient_docker_image_registry_prefix_upstream_default', 'new': 'ddclient_container_image_registry_prefix_upstream_default'}
|
||||
|
||||
- name: (Deprecation) Catch and report matrix_postgres variables
|
||||
ansible.builtin.fail:
|
||||
msg: |-
|
||||
@@ -590,6 +595,19 @@
|
||||
The following variables in your configuration need to be renamed: {{ lookup('ansible.builtin.varnames', '^matrix_client_cinny_.+', wantlist=True) | join(', ') }}
|
||||
when: "lookup('ansible.builtin.varnames', '^matrix_client_cinny_.+', wantlist=True) | length > 0"
|
||||
|
||||
- name: (Deprecation) Catch and report matrix-dynamic-dns variables
|
||||
ansible.builtin.fail:
|
||||
msg: |-
|
||||
The matrix-dynamic-dns role in the playbook now lives under the MASH organization (https://github.com/mother-of-all-self-hosting/ansible-role-ddclient).
|
||||
The new role is pretty much the same, but uses differently named variables.
|
||||
|
||||
Please rename all `matrix_dynamic_dns_`-prefixed variables (`matrix_dynamic_dns_*` -> `ddclient_*`) on your configuration file (vars.yml).
|
||||
|
||||
After renaming them, please do not forget to fetch the Ansible role. See docs/maintenance-upgrading-services.md for details about how to do so.
|
||||
|
||||
The following variables in your configuration need to be renamed: {{ lookup('ansible.builtin.varnames', '^matrix_dynamic_dns_.+', wantlist=True) | join(', ') }}
|
||||
when: "lookup('ansible.builtin.varnames', '^matrix_dynamic_dns_.+', wantlist=True) | length > 0"
|
||||
|
||||
- name: (Deprecation) Catch and report mautrix-facebook variables
|
||||
ansible.builtin.fail:
|
||||
msg: |-
|
||||
|
||||
@@ -42,7 +42,7 @@
|
||||
- install-all
|
||||
|
||||
- custom/matrix-base
|
||||
- custom/matrix-dynamic-dns
|
||||
- galaxy/ddclient
|
||||
- galaxy/exim_relay
|
||||
|
||||
- role: galaxy/postgres
|
||||
@@ -79,7 +79,6 @@
|
||||
- custom/matrix-bridge-steam
|
||||
- custom/matrix-bridge-heisenbridge
|
||||
- custom/matrix-bridge-hookshot
|
||||
- custom/matrix-bridge-zulip
|
||||
- custom/matrix-bot-matrix-reminder-bot
|
||||
- custom/matrix-bot-matrix-registration-bot
|
||||
- custom/matrix-bot-maubot
|
||||
|
||||
Reference in New Issue
Block a user