diff --git a/group_vars/all b/group_vars/all index c030f05f..ad00bd91 100644 --- a/group_vars/all +++ b/group_vars/all @@ -1,5 +1,5 @@ # General -database_delay: "0" # Database delay to wait for the central database before continue tasks +pause_duration: "120" # Database delay to wait for the central database before continue tasks top_domain: "localhost" # Change this in inventory to your domain ip4_address: "127.0.0.1" # Change thie in inventory to the ip address of your server backups_folder_path: "/Backups/" # Path to the backups folder diff --git a/roles/docker-bigbluebutton/tasks/main.yml b/roles/docker-bigbluebutton/tasks/main.yml index f9cc1364..caabee80 100644 --- a/roles/docker-bigbluebutton/tasks/main.yml +++ b/roles/docker-bigbluebutton/tasks/main.yml @@ -36,7 +36,7 @@ - name: wait for database pause: - seconds: "{{database_delay}}" + seconds: "{{pause_duration}}" when: mode_setup | bool - name: create admin diff --git a/roles/docker-compose/handlers/main.yml b/roles/docker-compose/handlers/main.yml index db613935..74b27d8a 100644 --- a/roles/docker-compose/handlers/main.yml +++ b/roles/docker-compose/handlers/main.yml @@ -1,4 +1,13 @@ --- +# It is necessary to shut the projects down, when reset is activated. +# Otherwise it can lead to this bug: +# https://github.com/ansible/ansible/issues/10244 +- name: shut down docker compose project + command: + cmd: docker-compose -p "{{docker_compose_project_name}}" down + listen: docker compose project setup + when: mode_reset | bool + - name: docker compose project setup command: cmd: docker-compose -p "{{docker_compose_project_name}}" up -d --force-recreate @@ -6,3 +15,4 @@ environment: COMPOSE_HTTP_TIMEOUT: 600 DOCKER_CLIENT_TIMEOUT: 600 + listen: docker compose project setup diff --git a/roles/docker-mariadb/tasks/main.yml b/roles/docker-mariadb/tasks/main.yml index 9715a9ad..6b34f34f 100644 --- a/roles/docker-mariadb/tasks/main.yml +++ b/roles/docker-mariadb/tasks/main.yml @@ -26,6 +26,7 @@ timeout: 1s retries: 5 when: run_once_docker_mariadb is not defined + register: setup_mariadb_container_result - name: install python-mysqlclient pacman: @@ -34,12 +35,9 @@ when: run_once_docker_mariadb is not defined - name: wait for database - wait_for: - host: 127.0.0.1 - port: 3306 - delay: "{{database_delay}}" - timeout: 360 - when: run_once_docker_mariadb is not defined + pause: + seconds: "{{pause_duration}}" + when: setup_mariadb_container_result.changed and run_once_docker_mariadb is not defined - name: "Create database: {{ database_name }}" mysql_db: diff --git a/roles/docker-matrix-compose/tasks/main.yml b/roles/docker-matrix-compose/tasks/main.yml index c17d625c..5a39d1a9 100644 --- a/roles/docker-matrix-compose/tasks/main.yml +++ b/roles/docker-matrix-compose/tasks/main.yml @@ -14,24 +14,27 @@ domain: "{{element_domain}}" http_port: "{{element_http_port}}" -- name: "create {{docker_compose_instance_directory}}mautrix_whatsapp" - file: - path: "{{docker_compose_instance_directory}}mautrix_whatsapp" - state: directory - mode: 0755 - -- name: "include create-and-seed-database.yml" +- name: include create-and-seed-database.yml for multiple bridges include_tasks: create-and-seed-database.yml vars: - database_password: "{{mautrix_whatsapp_bridge_database_password}}" - database_username: "{{mautrix_whatsapp_bridge_database_username}}" - database_name: "{{mautrix_whatsapp_bridge_database_name}}" + database_password: "{{ item.database_password }}" + database_username: "{{ item.database_username }}" + database_name: "{{ item.database_name }}" + loop: "{{ bridges }}" -- name: add mautrix-whatsapp configuration +- name: "create bridge volume folders" + file: + path: "{{docker_compose_instance_directory}}{{item.bridge_name}}" + state: directory + mode: 0755 + loop: "{{ bridges }}" + +- name: add multiple mautrix bridge configuration template: - src: "mautrix-whatsapp.config.yml.j2" - dest: "{{docker_compose_instance_directory}}mautrix_whatsapp/config.yaml" + src: "{{item.bridge_name}}.config.yml.j2" + dest: "{{docker_compose_instance_directory}}{{item.bridge_name}}/config.yaml" notify: docker compose project setup + loop: "{{ bridges }}" - name: add element configuration template: @@ -65,17 +68,18 @@ - name: flush docker service meta: flush_handlers -- name: create registration files - command: - cmd: docker compose exec -it mautrix-whatsapp /usr/bin/mautrix-whatsapp -g -c /data/config.yaml -r {{mautrix_registration_file}} - chdir: "{{docker_compose_instance_directory}}" +- name: wait for containers + pause: + seconds: "{{pause_duration}}" - name: create registration files command: - cmd: docker compose exec mautrix-whatsapp /usr/bin/mautrix-whatsapp -g -c /data/config.yaml -r {{ mautrix_registration_file }} + cmd: docker compose exec {{item.bridge_name}} /usr/bin/{{item.bridge_name}} -g -c /data/config.yaml -r {{registration_file_folder}}{{item.bridge_name}}.registration.yaml chdir: "{{ docker_compose_instance_directory }}" + loop: "{{ bridges }}" - name: set read and execute permissions for the registration file in the container command: - cmd: docker compose exec mautrix-whatsapp chmod a+rx {{ mautrix_registration_file }} + cmd: docker compose exec {{item.bridge_name}} chmod a+rx {{registration_file_folder}}{{item.bridge_name}}.registration.yaml chdir: "{{ docker_compose_instance_directory }}" + loop: "{{ bridges }}" diff --git a/roles/docker-matrix-compose/templates/docker-compose.yml.j2 b/roles/docker-matrix-compose/templates/docker-compose.yml.j2 index 550e8778..6b37afa9 100644 --- a/roles/docker-matrix-compose/templates/docker-compose.yml.j2 +++ b/roles/docker-matrix-compose/templates/docker-compose.yml.j2 @@ -33,43 +33,20 @@ services: - "127.0.0.1:{{element_http_port}}:80" {% include 'templates/docker-container-networks.yml.j2' %} - # bridges - #mautrix-telegram: - # container_name: mautrix-telegram - # image: dock.mau.dev/mautrix/telegram: - # restart: {{docker_restart_policy}} - # volumes: - # - telegram_bridge_data:/data - - mautrix-whatsapp: - container_name: mautrix-whatsapp - image: dock.mau.dev/mautrix/whatsapp:latest +{% for item in bridges %} + {{item.bridge_name}}: + container_name: {{item.bridge_name}} + image: dock.mau.dev/{{ item.bridge_name | replace("-", "/") }}:latest restart: {{docker_restart_policy}} volumes: - - ./mautrix_whatsapp:/data - - registration_files:{{registration_file_folder}} + - ./{{item.bridge_name}}:/data + - registration_files:{{registration_file_folder}} + {% include 'templates/docker-container-networks.yml.j2' %} - - #mautrix-facebook: - # container_name: mautrix-facebook - # image: dock.mau.dev/mautrix/facebook: - # restart: {{docker_restart_policy}} - # volumes: - # - facebook_bridge_data:/data - - #mautrix-instagram: - # container_name: mautrix-instagram - # image: dock.mau.dev/mautrix/instagram: - # restart: {{docker_restart_policy}} - # volumes: - # - instagram_bridge_data:/data +{% endfor %} {% include 'templates/docker-compose-volumes.yml.j2' %} synapse_data: - #telegram_bridge_data: - whatsapp_bridge_data: registration_files: - #facebook_bridge_data: - #instagram_bridge_data: {% include 'templates/docker-compose-networks.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-matrix-compose/templates/mautrix-signal.config.yml.j2 b/roles/docker-matrix-compose/templates/mautrix-signal.config.yml.j2 new file mode 100644 index 00000000..293c9caa --- /dev/null +++ b/roles/docker-matrix-compose/templates/mautrix-signal.config.yml.j2 @@ -0,0 +1,310 @@ +# Homeserver details. +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: http://synapse:8008 + # The domain of the homeserver (also known as server_name, used for MXIDs, etc). + domain: {{synapse_domain}} + + # What software is the homeserver running? + # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. + software: standard + # The URL to push real-time bridge status to. + # If set, the bridge will make POST requests to this URL whenever a user's discord connection state changes. + # The bridge will use the appservice as_token to authorize requests. + status_endpoint: null + # Endpoint for reporting per-message status. + message_send_checkpoint_endpoint: null + # Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246? + async_media: false + + # Should the bridge use a websocket for connecting to the homeserver? + # The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy, + # mautrix-asmux (deprecated), and hungryserv (proprietary). + websocket: false + # How often should the websocket be pinged? Pinging will be disabled if this is zero. + ping_interval_seconds: 0 + +# Application service host/registration related details. +# Changing these values requires regeneration of the registration. +appservice: + # The address that the homeserver can use to connect to this appservice. + address: http://mautrix-signal:29328 + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 29328 + + # Database config. + database: + # The database type. "sqlite3-fk-wal" and "postgres" are supported. + type: postgres + # The database URI. + # SQLite: A raw file path is supported, but `file:?_txlock=immediate` is recommended. + # https://github.com/mattn/go-sqlite3#connection-string + # Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable + # To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql + uri: postgres://mautrix_signal_bridge:{{mautrix_signal_bridge_database_password}}@{{database_host}}/mautrix_signal_bridge?sslmode=disable + # Maximum number of connections. Mostly relevant for Postgres. + max_open_conns: 20 + max_idle_conns: 2 + # Maximum connection idle time and lifetime before they're closed. Disabled if null. + # Parsed with https://pkg.go.dev/time#ParseDuration + max_conn_idle_time: null + max_conn_lifetime: null + + # The unique ID of this appservice. + id: signal + # Appservice bot details. + bot: + # Username of the appservice bot. + username: signalbot + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + displayname: Signal bridge bot + avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp + + # Whether or not to receive ephemeral events via appservice transactions. + # Requires MSC2409 support (i.e. Synapse 1.22+). + ephemeral_events: true + + # Should incoming events be handled asynchronously? + # This may be necessary for large public instances with lots of messages going through. + # However, messages will not be guaranteed to be bridged in the same order they were sent in. + async_transactions: false + + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. + as_token: "This value is generated when generating the registration" + hs_token: "This value is generated when generating the registration" + +# Prometheus config. +metrics: + # Enable prometheus metrics? + enabled: false + # IP and port where the metrics listener should be. The path is always /metrics + listen: 127.0.0.1:8000 + +signal: + # Default device name that shows up in the Signal app. + device_name: mautrix-signal + +# Bridge config +bridge: +{% raw %} + # Localpart template of MXIDs for Signal users. + # {{.}} is replaced with the internal ID of the Signal user. + username_template: signal_{{.}} + # Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. + # {{.ProfileName}} - The Signal profile name set by the user. + # {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances. + # {{.PhoneNumber}} - The phone number of the user. + # {{.UUID}} - The UUID of the Signal user. + # {{.AboutEmoji}} - The emoji set by the user in their profile. + displayname_template: '{{or .ProfileName .PhoneNumber "Unknown user"}}' +{% endraw %} + # Whether to explicitly set the avatar and room name for private chat portal rooms. + # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. + # If set to `always`, all DM rooms will have explicit names and avatars set. + # If set to `never`, DM rooms will never have names and avatars set. + private_chat_portal_meta: default + # Should avatars from the user's contact list be used? This is not safe on multi-user instances. + use_contact_avatars: false + # Should the Signal user's phone number be included in the room topic in private chat portal rooms? + number_in_topic: true + # Avatar image for the Note to Self room. + note_to_self_avatar: mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL + + portal_message_buffer: 128 + + # Should the bridge create a space for each logged-in user and add bridged rooms to it? + # Users who logged in before turning this on should run `!signal sync-space` to create and fill the space for the first time. + personal_filtering_spaces: false + # Should Matrix m.notice-type messages be bridged? + bridge_notices: true + # Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal? + delivery_receipts: false + # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. + message_status_events: false + # Whether the bridge should send error notices via m.notice events when a message fails to bridge. + message_error_notices: true + # Should the bridge update the m.direct account data event when double puppeting is enabled. + # Note that updating the m.direct event is not atomic (except with mautrix-asmux) + # and is therefore prone to race conditions. + sync_direct_chat_list: false + # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. + # This field will automatically be changed back to false after it, except if the config file is not writable. + resend_bridge_info: false + # Send captions in the same message as images. This will send data compatible with both MSC2530. + # This is currently not supported in most clients. + caption_in_message: false + # Whether or not created rooms should have federation enabled. + # If false, created portal rooms will never be federated. + federate_rooms: true + # Servers to always allow double puppeting from + double_puppet_server_map: + {{synapse_domain}}: https://{{synapse_domain}} + # Allow using double puppeting from any server with a valid client .well-known file. + double_puppet_allow_discovery: false + # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, double puppeting will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + login_shared_secret_map: + {{synapse_domain}}: foobar + + # Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration + # Null means there's no enforced timeout. + message_handling_timeout: + # Send an error message after this timeout, but keep waiting for the response until the deadline. + # This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay. + # If the message is older than this when it reaches the bridge, the message won't be handled at all. + error_after: null + # Drop messages after this timeout. They may still go through if the message got sent to the servers. + # This is counted from the time the bridge starts handling the message. + deadline: 120s + + # The prefix for commands. Only required in non-management rooms. + command_prefix: '!signal' + # Messages sent upon joining a management room. + # Markdown is supported. The defaults are listed below. + management_room_text: + # Sent when joining a room. + welcome: "Hello, I'm a Signal bridge bot." + # Sent when joining a management room and the user is already logged in. + welcome_connected: "Use `help` for help." + # Sent when joining a management room and the user is not logged in. + welcome_unconnected: "Use `help` for help or `login` to log in." + # Optional extra text sent when joining a management room. + additional_help: "" + + # End-to-bridge encryption support options. + # + # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: false + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: false + # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. + appservice: false + # Require encryption, drop any unencrypted messages. + require: false + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow_key_sharing: false + # Options for deleting megolm sessions from the bridge. + delete_keys: + # Beeper-specific: delete outbound sessions when hungryserv confirms + # that the user has uploaded the key to key backup. + delete_outbound_on_ack: false + # Don't store outbound sessions in the inbound table. + dont_store_outbound: false + # Ratchet megolm sessions forward after decrypting messages. + ratchet_on_decrypt: false + # Delete fully used keys (index >= max_messages) after decrypting messages. + delete_fully_used_on_decrypt: false + # Delete previous megolm sessions from same device when receiving a new one. + delete_prev_on_new_session: false + # Delete megolm sessions received from a device when the device is deleted. + delete_on_device_delete: false + # Periodically delete megolm sessions when 2x max_age has passed since receiving the session. + periodically_delete_expired: false + # Delete inbound megolm sessions that don't have the received_at field used for + # automatic ratcheting and expired session deletion. This is meant as a migration + # to delete old keys prior to the bridge update. + delete_outdated_inbound: false + # What level of device verification should be required from users? + # + # Valid levels: + # unverified - Send keys to all device in the room. + # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys. + # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes). + # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot. + # Note that creating user signatures from the bridge bot is not currently possible. + # verified - Require manual per-device verification + # (currently only possible by modifying the `trust` column in the `crypto_device` database table). + verification_levels: + # Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix. + receive: unverified + # Minimum level that the bridge should accept for incoming Matrix messages. + send: unverified + # Minimum level that the bridge should require for accepting key requests. + share: cross-signed-tofu + # Options for Megolm room key rotation. These options allow you to + # configure the m.room.encryption event content. See: + # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for + # more information about that event. + rotation: + # Enable custom Megolm room key rotation settings. Note that these + # settings will only apply to rooms created after this option is + # set. + enable_custom: false + # The maximum number of milliseconds a session should be used + # before changing it. The Matrix spec recommends 604800000 (a week) + # as the default. + milliseconds: 604800000 + # The maximum number of messages that should be sent with a given a + # session before changing it. The Matrix spec recommends 100 as the + # default. + messages: 100 + + # Disable rotating keys when a user's devices change? + # You should not enable this option unless you understand all the implications. + disable_device_change_key_rotation: false + + # Settings for provisioning API + provisioning: + # Prefix for the provisioning API paths. + prefix: /_matrix/provision + # Shared secret for authentication. If set to "generate", a random secret will be generated, + # or if set to "disable", the provisioning API will be disabled. + shared_secret: generate + # Enable debug API at /debug with provisioning authentication. + debug_endpoints: false + + # Permissions for using the bridge. + # Permitted values: + # relay - Talk through the relaybot (if enabled), no access otherwise + # user - Access to use the bridge to chat with a Signal account. + # admin - User level and some additional administration tools + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: + "*": relay + "{{synapse_domain}}": user + "@{{matrix_admin_name}}:{{synapse_domain}}": admin + + # Settings for relay mode + relay: + # Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any + # authenticated user into a relaybot for that chat. + enabled: false + # Should only admins be allowed to set themselves as relay users? + admin_only: true + # The formats to use when sending messages to Signal via the relaybot. + message_formats: +{% raw %} + m.text: "{{ .Sender.Displayname }}: {{ .Message }}" + m.notice: "{{ .Sender.Displayname }}: {{ .Message }}" + m.emote: "* {{ .Sender.Displayname }} {{ .Message }}" + m.file: "{{ .Sender.Displayname }} sent a file" + m.image: "{{ .Sender.Displayname }} sent an image" + m.audio: "{{ .Sender.Displayname }} sent an audio file" + m.video: "{{ .Sender.Displayname }} sent a video" + m.location: "{{ .Sender.Displayname }} sent a location" +{% endraw %} +# Logging config. See https://github.com/tulir/zeroconfig for details. +logging: + min_level: debug + writers: + - type: stdout + format: pretty-colored + - type: file + format: json + filename: ./logs/mautrix-signal.log + max_size: 100 + max_backups: 10 + compress: true \ No newline at end of file diff --git a/roles/docker-matrix-compose/templates/mautrix-telegram.config.yml.j2 b/roles/docker-matrix-compose/templates/mautrix-telegram.config.yml.j2 new file mode 100644 index 00000000..eb484ab8 --- /dev/null +++ b/roles/docker-matrix-compose/templates/mautrix-telegram.config.yml.j2 @@ -0,0 +1,670 @@ +# Homeserver details +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: http://synapse:8008 + # The domain of the homeserver (for MXIDs, etc). + domain: {{synapse_domain}} + # Whether or not to verify the SSL certificate of the homeserver. + # Only applies if address starts with https:// + verify_ssl: true + # What software is the homeserver running? + # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. + software: standard + # Number of retries for all HTTP requests if the homeserver isn't reachable. + http_retry_count: 4 + # The URL to push real-time bridge status to. + # If set, the bridge will make POST requests to this URL whenever a user's Telegram connection state changes. + # The bridge will use the appservice as_token to authorize requests. + status_endpoint: null + # Endpoint for reporting per-message status. + message_send_checkpoint_endpoint: null + # Whether asynchronous uploads via MSC2246 should be enabled for media. + # Requires a media repo that supports MSC2246. + async_media: false + +# Application service host/registration related details +# Changing these values requires regeneration of the registration. +appservice: + # The address that the homeserver can use to connect to this appservice. + address: http://mautrix-telegram:29317 + # When using https:// the TLS certificate and key files for the address. + tls_cert: false + tls_key: false + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 29317 + # The maximum body size of appservice API requests (from the homeserver) in mebibytes + # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s + max_body_size: 1 + + # The full URI to the database. SQLite and Postgres are supported. + # Format examples: + # SQLite: sqlite:filename.db + # Postgres: postgres://username:password@hostname/dbname + database: postgres://mautrix_telegram_bridge:{{mautrix_telegram_bridge_database_password}}@{{database_host}}/mautrix_telegram_bridge + # Additional arguments for asyncpg.create_pool() or sqlite3.connect() + # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool + # https://docs.python.org/3/library/sqlite3.html#sqlite3.connect + # For sqlite, min_size is used as the connection thread pool size and max_size is ignored. + # Additionally, SQLite supports init_commands as an array of SQL queries to run on connect (e.g. to set PRAGMAs). + database_opts: + min_size: 1 + max_size: 10 + + # Public part of web server for out-of-Matrix interaction with the bridge. + # Used for things like login if the user wants to make sure the 2FA password isn't stored in + # the HS database. + public: + # Whether or not the public-facing endpoints should be enabled. + enabled: false + # The prefix to use in the public-facing endpoints. + prefix: /public + # The base URL where the public-facing endpoints are available. The prefix is not added + # implicitly. + external: https://{{synapse_domain}}/public + + # Provisioning API part of the web server for automated portal creation and fetching information. + # Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager). + provisioning: + # Whether or not the provisioning API should be enabled. + enabled: true + # The prefix to use in the provisioning API endpoints. + prefix: /_matrix/provision + # The shared secret to authorize users of the API. + # Set to "generate" to generate and save a new token. + shared_secret: generate + + # The unique ID of this appservice. + id: telegram + # Username of the appservice bot. + bot_username: telegrambot + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + bot_displayname: Telegram bridge bot + bot_avatar: mxc://maunium.net/tJCRmUyJDsgRNgqhOgoiHWbX + + # Whether or not to receive ephemeral events via appservice transactions. + # Requires MSC2409 support (i.e. Synapse 1.22+). + # You should disable bridge -> sync_with_custom_puppets when this is enabled. + ephemeral_events: true + + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. + as_token: "This value is generated when generating the registration" + hs_token: "This value is generated when generating the registration" + +# Prometheus telemetry config. Requires prometheus-client to be installed. +metrics: + enabled: false + listen_port: 8000 + +# Manhole config. +manhole: + # Whether or not opening the manhole is allowed. + enabled: false + # The path for the unix socket. + path: /var/tmp/mautrix-telegram.manhole + # The list of UIDs who can be added to the whitelist. + # If empty, any UIDs can be specified in the open-manhole command. + whitelist: + - 0 + +# Bridge config +bridge: + # Localpart template of MXIDs for Telegram users. + # {userid} is replaced with the user ID of the Telegram user. + username_template: "telegram_{userid}" + # Localpart template of room aliases for Telegram portal rooms. + # {groupname} is replaced with the name part of the public channel/group invite link ( https://t.me/{} ) + alias_template: "telegram_{groupname}" + # Displayname template for Telegram users. + # {displayname} is replaced with the display name of the Telegram user. + displayname_template: "{displayname} (Telegram)" + + # Set the preferred order of user identifiers which to use in the Matrix puppet display name. + # In the (hopefully unlikely) scenario that none of the given keys are found, the numeric user + # ID is used. + # + # If the bridge is working properly, a phone number or an username should always be known, but + # the other one can very well be empty. + # + # Valid keys: + # "full name" (First and/or last name) + # "full name reversed" (Last and/or first name) + # "first name" + # "last name" + # "username" + # "phone number" + displayname_preference: + - full name + - username + - phone number + # Maximum length of displayname + displayname_max_length: 100 + # Remove avatars from Telegram ghost users when removed on Telegram. This is disabled by default + # as there's no way to determine whether an avatar is removed or just hidden from some users. If + # you're on a single-user instance, this should be safe to enable. + allow_avatar_remove: false + # Should contact names and profile pictures be allowed? + # This is only safe to enable on single-user instances. + allow_contact_info: false + + # Maximum number of members to sync per portal when starting up. Other members will be + # synced when they send messages. The maximum is 10000, after which the Telegram server + # will not send any more members. + # -1 means no limit (which means it's limited to 10000 by the server) + max_initial_member_sync: 100 + # Maximum number of participants in chats to bridge. Only applies when the portal is being created. + # If there are more members when trying to create a room, the room creation will be cancelled. + # -1 means no limit (which means all chats can be bridged) + max_member_count: -1 + # Whether or not to sync the member list in channels. + # If no channel admins have logged into the bridge, the bridge won't be able to sync the member + # list regardless of this setting. + sync_channel_members: false + # Whether or not to skip deleted members when syncing members. + skip_deleted_members: true + # Whether or not to automatically synchronize contacts and chats of Matrix users logged into + # their Telegram account at startup. + startup_sync: false + # Number of most recently active dialogs to check when syncing chats. + # Set to 0 to remove limit. + sync_update_limit: 0 + # Number of most recently active dialogs to create portals for when syncing chats. + # Set to 0 to remove limit. + sync_create_limit: 15 + # Should all chats be scheduled to be created later? + # This is best used in combination with MSC2716 infinite backfill. + sync_deferred_create_all: false + # Whether or not to sync and create portals for direct chats at startup. + sync_direct_chats: false + # The maximum number of simultaneous Telegram deletions to handle. + # A large number of simultaneous redactions could put strain on your homeserver. + max_telegram_delete: 10 + # Whether or not to automatically sync the Matrix room state (mostly unpuppeted displaynames) + # at startup and when creating a bridge. + sync_matrix_state: true + # Allow logging in within Matrix. If false, users can only log in using login-qr or the + # out-of-Matrix login website (see appservice.public config section) + allow_matrix_login: true + # Whether or not to make portals of publicly joinable channels/supergroups publicly joinable on Matrix. + public_portals: false + # Whether or not to use /sync to get presence, read receipts and typing notifications + # when double puppeting is enabled + sync_with_custom_puppets: false + # Whether or not to update the m.direct account data event when double puppeting is enabled. + # Note that updating the m.direct event is not atomic (except with mautrix-asmux) + # and is therefore prone to race conditions. + sync_direct_chat_list: false + # Servers to always allow double puppeting from + double_puppet_server_map: + {{synapse_domain}}: https://{{synapse_domain}} + # Allow using double puppeting from any server with a valid client .well-known file. + double_puppet_allow_discovery: false + # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, custom puppets will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + # If using this for other servers than the bridge's server, + # you must also set the URL in the double_puppet_server_map. + login_shared_secret_map: + {{synapse_domain}}: foobar + # Set to false to disable link previews in messages sent to Telegram. + telegram_link_preview: true + # Whether or not the !tg join command should do a HTTP request + # to resolve redirects in invite links. + invite_link_resolve: false + # Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552. + # This is currently not supported in most clients. + caption_in_message: false + # Maximum size of image in megabytes before sending to Telegram as a document. + image_as_file_size: 10 + # Maximum number of pixels in an image before sending to Telegram as a document. Defaults to 4096x4096 = 16777216. + image_as_file_pixels: 16777216 + # Enable experimental parallel file transfer, which makes uploads/downloads much faster by + # streaming from/to Matrix and using many connections for Telegram. + # Note that generating HQ thumbnails for videos is not possible with streamed transfers. + # This option uses internal Telethon implementation details and may break with minor updates. + parallel_file_transfer: false + # Whether or not created rooms should have federation enabled. + # If false, created portal rooms will never be federated. + federate_rooms: true + # Should the bridge send all unicode reactions as custom emoji reactions to Telegram? + # By default, the bridge only uses custom emojis for unicode emojis that aren't allowed in reactions. + always_custom_emoji_reaction: false + # Settings for converting animated stickers. + animated_sticker: + # Format to which animated stickers should be converted. + # disable - No conversion, send as-is (gzipped lottie) + # png - converts to non-animated png (fastest), + # gif - converts to animated gif + # webm - converts to webm video, requires ffmpeg executable with vp9 codec and webm container support + # webp - converts to animated webp, requires ffmpeg executable with webp codec/container support + target: gif + # Should video stickers be converted to the specified format as well? + convert_from_webm: false + # Arguments for converter. All converters take width and height. + args: + width: 256 + height: 256 + fps: 25 # only for webm, webp and gif (2, 5, 10, 20 or 25 recommended) + # Settings for converting animated emoji. + # Same as animated_sticker, but webm is not supported as the target + # (because inline images can only contain images, not videos). + animated_emoji: + target: webp + args: + width: 64 + height: 64 + fps: 25 + # End-to-bridge encryption support options. + # + # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: false + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: false + # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. + appservice: false + # Require encryption, drop any unencrypted messages. + require: false + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow_key_sharing: false + # Options for deleting megolm sessions from the bridge. + delete_keys: + # Beeper-specific: delete outbound sessions when hungryserv confirms + # that the user has uploaded the key to key backup. + delete_outbound_on_ack: false + # Don't store outbound sessions in the inbound table. + dont_store_outbound: false + # Ratchet megolm sessions forward after decrypting messages. + ratchet_on_decrypt: false + # Delete fully used keys (index >= max_messages) after decrypting messages. + delete_fully_used_on_decrypt: false + # Delete previous megolm sessions from same device when receiving a new one. + delete_prev_on_new_session: false + # Delete megolm sessions received from a device when the device is deleted. + delete_on_device_delete: false + # Periodically delete megolm sessions when 2x max_age has passed since receiving the session. + periodically_delete_expired: false + # Delete inbound megolm sessions that don't have the received_at field used for + # automatic ratcheting and expired session deletion. This is meant as a migration + # to delete old keys prior to the bridge update. + delete_outdated_inbound: false + # What level of device verification should be required from users? + # + # Valid levels: + # unverified - Send keys to all device in the room. + # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys. + # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes). + # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot. + # Note that creating user signatures from the bridge bot is not currently possible. + # verified - Require manual per-device verification + # (currently only possible by modifying the `trust` column in the `crypto_device` database table). + verification_levels: + # Minimum level for which the bridge should send keys to when bridging messages from Telegram to Matrix. + receive: unverified + # Minimum level that the bridge should accept for incoming Matrix messages. + send: unverified + # Minimum level that the bridge should require for accepting key requests. + share: cross-signed-tofu + # Options for Megolm room key rotation. These options allow you to + # configure the m.room.encryption event content. See: + # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for + # more information about that event. + rotation: + # Enable custom Megolm room key rotation settings. Note that these + # settings will only apply to rooms created after this option is + # set. + enable_custom: false + # The maximum number of milliseconds a session should be used + # before changing it. The Matrix spec recommends 604800000 (a week) + # as the default. + milliseconds: 604800000 + # The maximum number of messages that should be sent with a given a + # session before changing it. The Matrix spec recommends 100 as the + # default. + messages: 100 + + # Disable rotating keys when a user's devices change? + # You should not enable this option unless you understand all the implications. + disable_device_change_key_rotation: false + + # Whether to explicitly set the avatar and room name for private chat portal rooms. + # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. + # If set to `always`, all DM rooms will have explicit names and avatars set. + # If set to `never`, DM rooms will never have names and avatars set. + private_chat_portal_meta: default + # Disable generating reply fallbacks? Some extremely bad clients still rely on them, + # but they're being phased out and will be completely removed in the future. + disable_reply_fallbacks: false + # Should cross-chat replies from Telegram be bridged? Most servers and clients don't support this. + cross_room_replies: false + # Whether or not the bridge should send a read receipt from the bridge bot when a message has + # been sent to Telegram. + delivery_receipts: false + # Whether or not delivery errors should be reported as messages in the Matrix room. + delivery_error_reports: false + # Should errors in incoming message handling send a message to the Matrix room? + incoming_bridge_error_reports: false + # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. + message_status_events: false + # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. + # This field will automatically be changed back to false after it, + # except if the config file is not writable. + resend_bridge_info: false + # When using double puppeting, should muted chats be muted in Matrix? + mute_bridging: false + # When using double puppeting, should pinned chats be moved to a specific tag in Matrix? + # The favorites tag is `m.favourite`. + pinned_tag: null + # Same as above for archived chats, the low priority tag is `m.lowpriority`. + archive_tag: null + # Whether or not mute status and tags should only be bridged when the portal room is created. + tag_only_on_create: true + # Should leaving the room on Matrix make the user leave on Telegram? + bridge_matrix_leave: true + # Should the user be kicked out of all portals when logging out of the bridge? + kick_on_logout: true + # Should the "* user joined Telegram" notice always be marked as read automatically? + always_read_joined_telegram_notice: true + # Should the bridge auto-create a group chat on Telegram when a ghost is invited to a room? + # Requires the user to have sufficient power level and double puppeting enabled. + create_group_on_invite: true + # Settings for backfilling messages from Telegram. + backfill: + # Allow backfilling at all? + enable: true + # Whether or not to enable backfilling in normal groups. + # Normal groups have numerous technical problems in Telegram, and backfilling normal groups + # will likely cause problems if there are multiple Matrix users in the group. + normal_groups: false + + # If a backfilled chat is older than this number of hours, mark it as read even if it's unread on Telegram. + # Set to -1 to let any chat be unread. + unread_hours_threshold: 720 + + # Forward backfilling limits. + # + # Using a negative initial limit is not recommended, as it would try to backfill everything in a single batch. + forward_limits: + # Number of messages to backfill immediately after creating a portal. + initial: + user: 50 + normal_group: 100 + supergroup: 10 + channel: 10 + # Number of messages to backfill when syncing chats. + sync: + user: 100 + normal_group: 100 + supergroup: 100 + channel: 100 + # Timeout for forward backfills in seconds. If you have a high limit, you'll have to increase this too. + forward_timeout: 900 + + # Settings for incremental backfill of history. These only apply to Beeper, as upstream abandoned MSC2716. + incremental: + # Maximum number of messages to backfill per batch. + messages_per_batch: 100 + # The number of seconds to wait after backfilling the batch of messages. + post_batch_delay: 20 + # The maximum number of batches to backfill per portal, split by the chat type. + # If set to -1, all messages in the chat will eventually be backfilled. + max_batches: + # Direct chats + user: -1 + # Normal groups. Note that the normal_groups option above must be enabled + # for these to be backfilled. + normal_group: -1 + # Supergroups + supergroup: 10 + # Broadcast channels + channel: -1 + + # Overrides for base power levels. + initial_power_level_overrides: + user: {} + group: {} + + # Whether to bridge Telegram bot messages as m.notices or m.texts. + bot_messages_as_notices: true + bridge_notices: + # Whether or not Matrix bot messages (type m.notice) should be bridged. + default: false + # List of user IDs for whom the previous flag is flipped. + # e.g. if bridge_notices.default is false, notices from other users will not be bridged, but + # notices from users listed here will be bridged. + exceptions: [] + + # An array of possible values for the $distinguisher variable in message formats. + # Each user gets one of the values here, based on a hash of their user ID. + # If the array is empty, the $distinguisher variable will also be empty. + relay_user_distinguishers: ["🟦", "🟣", "🟩", "⭕️", "🔶", "⬛️", "🔵", "🟢"] + # The formats to use when sending messages to Telegram via the relay bot. + # Text msgtypes (m.text, m.notice and m.emote) support HTML, media msgtypes don't. + # + # Available variables: + # $sender_displayname - The display name of the sender (e.g. Example User) + # $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser) + # $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com) + # $distinguisher - A random string from the options in the relay_user_distinguishers array. + # $message - The message content + message_formats: + m.text: "$distinguisher $sender_displayname: $message" + m.notice: "$distinguisher $sender_displayname: $message" + m.emote: "* $distinguisher $sender_displayname $message" + m.file: "$distinguisher $sender_displayname sent a file: $message" + m.image: "$distinguisher $sender_displayname sent an image: $message" + m.audio: "$distinguisher $sender_displayname sent an audio file: $message" + m.video: "$distinguisher $sender_displayname sent a video: $message" + m.location: "$distinguisher $sender_displayname sent a location: $message" + # Telegram doesn't have built-in emotes, this field specifies how m.emote's from authenticated + # users are sent to telegram. All fields in message_formats are supported. Additionally, the + # Telegram user info is available in the following variables: + # $displayname - Telegram displayname + # $username - Telegram username (may not exist) + # $mention - Telegram @username or displayname mention (depending on which exists) + emote_format: "* $mention $formatted_body" + + # The formats to use when sending state events to Telegram via the relay bot. + # + # Variables from `message_formats` that have the `sender_` prefix are available without the prefix. + # In name_change events, `$prev_displayname` is the previous displayname. + # + # Set format to an empty string to disable the messages for that event. + state_event_formats: + join: "$distinguisher $displayname joined the room." + leave: "$distinguisher $displayname left the room." + name_change: "$distinguisher $prev_displayname changed their name to $distinguisher $displayname" + + # Filter rooms that can/can't be bridged. Can also be managed using the `filter` and + # `filter-mode` management commands. + # + # An empty blacklist will essentially disable the filter. + filter: + # Filter mode to use. Either "blacklist" or "whitelist". + # If the mode is "blacklist", the listed chats will never be bridged. + # If the mode is "whitelist", only the listed chats can be bridged. + mode: blacklist + # The list of group/channel IDs to filter. + list: [] + # How to handle direct chats: + # If users is "null", direct chats will follow the previous settings. + # If users is "true", direct chats will always be bridged. + # If users is "false", direct chats will never be bridged. + users: true + + # The prefix for commands. Only required in non-management rooms. + command_prefix: "!tg" + + # Messages sent upon joining a management room. + # Markdown is supported. The defaults are listed below. + management_room_text: + # Sent when joining a room. + welcome: "Hello, I'm a Telegram bridge bot." + # Sent when joining a management room and the user is already logged in. + welcome_connected: "Use `help` for help." + # Sent when joining a management room and the user is not logged in. + welcome_unconnected: "Use `help` for help or `login` to log in." + # Optional extra text sent when joining a management room. + additional_help: "" + + # Send each message separately (for readability in some clients) + management_room_multiple_messages: false + + # Permissions for using the bridge. + # Permitted values: + # relaybot - Only use the bridge via the relaybot, no access to commands. + # user - Relaybot level + access to commands to create bridges. + # puppeting - User level + logging in with a Telegram account. + # full - Full access to use the bridge, i.e. previous levels + Matrix login. + # admin - Full access to use the bridge and some extra administration commands. + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: + "*": "relaybot" + "public.{{synapse_domain}}": "user" + "{{synapse_domain}}": "full" + "@{{matrix_admin_name}}:{{synapse_domain}}": "admin" + + # Options related to the message relay Telegram bot. + relaybot: + private_chat: + # List of users to invite to the portal when someone starts a private chat with the bot. + # If empty, private chats with the bot won't create a portal. + invite: [] + # Whether or not to bridge state change messages in relaybot private chats. + state_changes: true + # When private_chat_invite is empty, this message is sent to users /starting the + # relaybot. Telegram's "markdown" is supported. + message: This is a Matrix bridge relaybot and does not support direct chats + # List of users to invite to all group chat portals created by the bridge. + group_chat_invite: [] + # Whether or not the relaybot should not bridge events in unbridged group chats. + # If false, portals will be created when the relaybot receives messages, just like normal + # users. This behavior is usually not desirable, as it interferes with manually bridging + # the chat to another room. + ignore_unbridged_group_chat: true + # Whether or not to allow creating portals from Telegram. + authless_portals: true + # Whether or not to allow Telegram group admins to use the bot commands. + whitelist_group_admins: true + # Whether or not to ignore incoming events sent by the relay bot. + ignore_own_incoming_events: true + # List of usernames/user IDs who are also allowed to use the bot commands. + whitelist: [] + +# Telegram config +telegram: + # Get your own API keys at https://my.telegram.org/apps + api_id: {{mautrix_telgegram_bridge_api_id}} + api_hash: {{mautrix_telgegram_bridge_api_pin}} + # (Optional) Create your own bot at https://t.me/BotFather + bot_token: disabled + + # Should the bridge request missed updates from Telegram when restarting? + catch_up: true + # Should incoming updates be handled sequentially to make sure order is preserved on Matrix? + sequential_updates: true + exit_on_update_error: false + + # Telethon connection options. + connection: + # The timeout in seconds to be used when connecting. + timeout: 120 + # How many times the reconnection should retry, either on the initial connection or when + # Telegram disconnects us. May be set to a negative or null value for infinite retries, but + # this is not recommended, since the program can get stuck in an infinite loop. + retries: 5 + # The delay in seconds to sleep between automatic reconnections. + retry_delay: 1 + # The threshold below which the library should automatically sleep on flood wait errors + # (inclusive). For instance, if a FloodWaitError for 17s occurs and flood_sleep_threshold + # is 20s, the library will sleep automatically. If the error was for 21s, it would raise + # the error instead. Values larger than a day (86400) will be changed to a day. + flood_sleep_threshold: 60 + # How many times a request should be retried. Request are retried when Telegram is having + # internal issues, when there is a FloodWaitError less than flood_sleep_threshold, or when + # there's a migrate error. May take a negative or null value for infinite retries, but this + # is not recommended, since some requests can always trigger a call fail (such as searching + # for messages). + request_retries: 5 + # Use IPv6 for Telethon connection + use_ipv6: false + + # Device info sent to Telegram. + device_info: + # "auto" = OS name+version. + device_model: mautrix-telegram + # "auto" = Telethon version. + system_version: auto + # "auto" = mautrix-telegram version. + app_version: auto + lang_code: en + system_lang_code: en + + # Custom server to connect to. + server: + # Set to true to use these server settings. If false, will automatically + # use production server assigned by Telegram. Set to false in production. + enabled: false + # The DC ID to connect to. + dc: 2 + # The IP to connect to. + ip: 149.154.167.40 + # The port to connect to. 443 may not work, 80 is better and both are equally secure. + port: 80 + + # Telethon proxy configuration. + # You must install PySocks from pip for proxies to work. + proxy: + # Allowed types: disabled, socks4, socks5, http, mtproxy + type: disabled + # Proxy IP address and port. + address: 127.0.0.1 + port: 1080 + # Whether or not to perform DNS resolving remotely. Only for socks/http proxies. + rdns: true + # Proxy authentication (optional). Put MTProxy secret in password field. + username: "" + password: "" + +# Python logging configuration. +# +# See section 16.7.2 of the Python documentation for more info: +# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema +logging: + version: 1 + formatters: + colored: + (): mautrix_telegram.util.ColorFormatter + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + normal: + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + handlers: + file: + class: logging.handlers.RotatingFileHandler + formatter: normal + filename: ./mautrix-telegram.log + maxBytes: 10485760 + backupCount: 10 + console: + class: logging.StreamHandler + formatter: colored + loggers: + mau: + level: DEBUG + telethon: + level: INFO + aiohttp: + level: INFO + root: + level: DEBUG + handlers: [file, console] \ No newline at end of file diff --git a/roles/docker-matrix-compose/templates/mautrix-whatsapp.config.yml.j2 b/roles/docker-matrix-compose/templates/mautrix-whatsapp.config.yml.j2 index 4fdab768..083d405f 100644 --- a/roles/docker-matrix-compose/templates/mautrix-whatsapp.config.yml.j2 +++ b/roles/docker-matrix-compose/templates/mautrix-whatsapp.config.yml.j2 @@ -42,7 +42,7 @@ appservice: # https://github.com/mattn/go-sqlite3#connection-string # Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable # To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql - uri: postgres://{{mautrix_whatsapp_bridge_database_username}}:{{mautrix_whatsapp_bridge_database_password}}@{{database_host}}/{{mautrix_whatsapp_bridge_database_name}}?sslmode=disable + uri: postgres://mautrix_whatsapp_bridge:{{mautrix_whatsapp_bridge_database_password}}@{{database_host}}/mautrix_whatsapp_bridge?sslmode=disable # Maximum number of connections. Mostly relevant for Postgres. max_open_conns: 20 max_idle_conns: 2 @@ -70,8 +70,8 @@ appservice: async_transactions: false # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. - #as_token: "{{mautrix_whatsapp_bridge_as_token}}" - #hs_token: "{{mautrix_whatsapp_bridge_hs_token}}" + as_token: "This value is generated when generating the registration" + hs_token: "This value is generated when generating the registration" # Segment-compatible analytics endpoint for tracking some events, like provisioning API login and encryption errors. analytics: diff --git a/roles/docker-matrix-compose/templates/synapse.homeserver.config.j2 b/roles/docker-matrix-compose/templates/synapse.homeserver.config.j2 index a08d9d49..5ed65685 100644 --- a/roles/docker-matrix-compose/templates/synapse.homeserver.config.j2 +++ b/roles/docker-matrix-compose/templates/synapse.homeserver.config.j2 @@ -46,4 +46,6 @@ email: validation_token_lifetime: 15m app_service_config_files: - - "{{mautrix_registration_file}}" \ No newline at end of file +{% for item in bridges %} + - {{registration_file_folder}}{{item.bridge_name}}.registration.yaml +{% endfor %} \ No newline at end of file diff --git a/roles/docker-matrix-compose/vars/main.yml b/roles/docker-matrix-compose/vars/main.yml index 3fbbf358..81b33223 100644 --- a/roles/docker-matrix-compose/vars/main.yml +++ b/roles/docker-matrix-compose/vars/main.yml @@ -1,9 +1,22 @@ --- -docker_compose_project_name: "matrix" -database_password: "{{matrix_database_password}}" -database_type: "postgres" -registration_file_folder: "/data/registration/" -mautrix_whatsapp_bridge_database_name: "mautrix_whatsapp_bridge" -mautrix_whatsapp_bridge_database_username: "mautrix_whatsapp_bridge" -mautrix_registration_file: "{{registration_file_folder}}mautrix-whatsapp.registration.yaml" +docker_compose_project_name: "matrix" +database_password: "{{matrix_database_password}}" +database_type: "postgres" +registration_file_folder: "/data/registration/" +mautrix_registration_file: "{{registration_file_folder}}mautrix-whatsapp.registration.yaml" +bridges: + - database_password: "{{ mautrix_whatsapp_bridge_database_password }}" + database_username: "mautrix_whatsapp_bridge" + database_name: "mautrix_whatsapp_bridge" + bridge_name: "mautrix-whatsapp" + +# - database_password: "{{ mautrix_telegram_bridge_database_password }}" +# database_username: "mautrix_telegram_bridge" +# database_name: "mautrix_telegram_bridge" +# bridge_name: "mautrix-telegram" + + - database_password: "{{ mautrix_signal_bridge_database_password }}" + database_username: "mautrix_signal_bridge" + database_name: "mautrix_signal_bridge" + bridge_name: "mautrix-signal" diff --git a/roles/docker-postgres/tasks/main.yml b/roles/docker-postgres/tasks/main.yml index fc3f9334..de87c832 100644 --- a/roles/docker-postgres/tasks/main.yml +++ b/roles/docker-postgres/tasks/main.yml @@ -25,15 +25,13 @@ timeout: 5s retries: 5 start_period: 30s + register: setup_postgres_container_result when: run_once_docker_postgres is not defined -- name: wait for availability of postgres - wait_for: - host: "127.0.0.1" - port: "5432" - delay: "{{database_delay}}" - timeout: 360 - when: run_once_docker_postgres is not defined +- name: wait for database + pause: + seconds: "{{pause_duration}}" + when: setup_postgres_container_result.changed and run_once_docker_postgres is not defined - name: install python-psycopg2 pacman: