mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-25 06:01:04 +01:00
Implemented draft for matrix-docker-ansible-deploy
This commit is contained in:
parent
ca178dfc72
commit
156f52a1c4
@ -141,3 +141,6 @@ version_mastodon: "latest"
|
|||||||
pixelfed_app_name: "Pictures"
|
pixelfed_app_name: "Pictures"
|
||||||
|
|
||||||
top_domain: "localhost"
|
top_domain: "localhost"
|
||||||
|
|
||||||
|
# Prints well formated debug information
|
||||||
|
verbose: false
|
||||||
|
1
roles/docker-matrix/.gitignore
vendored
Normal file
1
roles/docker-matrix/.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
matrix-docker-ansible-deploy/
|
@ -1,8 +0,0 @@
|
|||||||
---
|
|
||||||
- name: recreate matrix
|
|
||||||
command:
|
|
||||||
cmd: docker-compose up -d --force-recreate
|
|
||||||
chdir: "{{docker_compose_instance_directory}}"
|
|
||||||
environment:
|
|
||||||
COMPOSE_HTTP_TIMEOUT: 600
|
|
||||||
DOCKER_CLIENT_TIMEOUT: 600
|
|
@ -1,59 +1,108 @@
|
|||||||
---
|
---
|
||||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||||
include_tasks: nginx-docker-proxy-domain.yml
|
include_tasks: nginx-docker-proxy-domain.yml
|
||||||
vars:
|
loop: "{{ domains }}"
|
||||||
domain: "{{synapse_domain}}"
|
loop_control:
|
||||||
http_port: "{{synapse_http_port}}"
|
loop_var: domain
|
||||||
|
|
||||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
- name: Clone the git repository
|
||||||
include_tasks: nginx-docker-proxy-domain.yml
|
git:
|
||||||
vars:
|
repo: https://github.com/spantaleev/matrix-docker-ansible-deploy.git
|
||||||
domain: "{{element_domain}}"
|
dest: "{{ local_repository_directory }}"
|
||||||
http_port: "{{element_http_port}}"
|
update: yes
|
||||||
|
delegate_to: localhost
|
||||||
|
become: false
|
||||||
|
|
||||||
- name: "create {{docker_compose_instance_directory}}"
|
- name: create temporary inventory directory
|
||||||
file:
|
tempfile:
|
||||||
path: "{{docker_compose_instance_directory}}"
|
|
||||||
state: directory
|
state: directory
|
||||||
mode: 0755
|
register: matrix_inventory_tmp_dir
|
||||||
|
delegate_to: localhost
|
||||||
|
become: false
|
||||||
|
|
||||||
- name: "create {{docker_compose_instance_directory}}mautrix_whatsapp"
|
- name: protect inventory directory
|
||||||
file:
|
file:
|
||||||
path: "{{docker_compose_instance_directory}}mautrix_whatsapp"
|
path: "{{ matrix_inventory_tmp_dir.path }}"
|
||||||
state: directory
|
mode: '0700' # Nur der Besitzer kann lesen, schreiben und ausführen
|
||||||
mode: 0755
|
delegate_to: localhost
|
||||||
|
become: false
|
||||||
|
|
||||||
- name: add whatsapp-bridge-config.yml
|
- name: set the hosts path
|
||||||
|
set_fact:
|
||||||
|
hosts_path: "{{ matrix_inventory_tmp_dir.path }}/hosts.yml"
|
||||||
|
|
||||||
|
- name: create hosts.yml
|
||||||
template:
|
template:
|
||||||
src: "whatsapp-bridge-config.yml.j2"
|
src: "hosts.yml.j2"
|
||||||
dest: "{{docker_compose_instance_directory}}mautrix_whatsapp/config.yml"
|
dest: "{{hosts_path}}"
|
||||||
notify: recreate matrix
|
become: false
|
||||||
|
delegate_to: localhost
|
||||||
|
|
||||||
- name: add element-config.json
|
- name: show variable information
|
||||||
template:
|
debug:
|
||||||
src: "element-config.json.j2"
|
msg: "hosts_path: {{hosts_path}}\nmatrix_inventory_tmp_dir:{{ matrix_inventory_tmp_dir }}"
|
||||||
dest: "{{docker_compose_instance_directory}}element-config.json"
|
when: verbose | bool
|
||||||
notify: recreate matrix
|
|
||||||
|
|
||||||
- name: add homeserver.yaml
|
- name: install requirements
|
||||||
template:
|
local_action: command just roles
|
||||||
src: "homeserver.yaml.j2"
|
args:
|
||||||
dest: "{{docker_compose_instance_directory}}homeserver.yaml"
|
chdir: "{{ local_repository_directory }}"
|
||||||
notify: recreate matrix
|
become: false
|
||||||
|
|
||||||
- name: add log.config
|
#- name: delete inventory directory
|
||||||
template:
|
# file:
|
||||||
src: "log.config.j2"
|
# path: "{{ matrix_inventory_tmp_dir.path }}"
|
||||||
dest: "{{docker_compose_instance_directory}}{{synapse_domain}}.log.config"
|
# state: absent
|
||||||
notify: recreate matrix
|
# delegate_to: localhost
|
||||||
|
# become: false
|
||||||
|
#
|
||||||
|
|
||||||
# https://github.com/matrix-org/synapse/issues/6303
|
|
||||||
- name: set correct folder permissions
|
|
||||||
command:
|
|
||||||
cmd: "docker run --rm --mount type=volume,src=matrix_synapse_data,dst=/data -e SYNAPSE_SERVER_NAME={{synapse_domain}} -e SYNAPSE_REPORT_STATS=no --entrypoint /bin/sh matrixdotorg/synapse:latest -c 'chown -vR 991:991 /data'"
|
|
||||||
|
|
||||||
- name: add docker-compose.yml
|
|
||||||
template:
|
|
||||||
src: "docker-compose.yml.j2"
|
#- name: "create {{docker_compose_instance_directory}}"
|
||||||
dest: "{{docker_compose_instance_directory}}docker-compose.yml"
|
# file:
|
||||||
notify: recreate matrix
|
# path: "{{docker_compose_instance_directory}}"
|
||||||
|
# state: directory
|
||||||
|
# mode: 0755
|
||||||
|
#
|
||||||
|
#- name: "create {{docker_compose_instance_directory}}mautrix_whatsapp"
|
||||||
|
# file:
|
||||||
|
# path: "{{docker_compose_instance_directory}}mautrix_whatsapp"
|
||||||
|
# state: directory
|
||||||
|
# mode: 0755
|
||||||
|
#
|
||||||
|
#- name: add whatsapp-bridge-config.yml
|
||||||
|
# template:
|
||||||
|
# src: "whatsapp-bridge-config.yml.j2"
|
||||||
|
# dest: "{{docker_compose_instance_directory}}mautrix_whatsapp/config.yml"
|
||||||
|
# notify: recreate matrix
|
||||||
|
#
|
||||||
|
#- name: add element-config.json
|
||||||
|
# template:
|
||||||
|
# src: "element-config.json.j2"
|
||||||
|
# dest: "{{docker_compose_instance_directory}}element-config.json"
|
||||||
|
# notify: recreate matrix
|
||||||
|
#
|
||||||
|
#- name: add homeserver.yaml
|
||||||
|
# template:
|
||||||
|
# src: "homeserver.yaml.j2"
|
||||||
|
# dest: "{{docker_compose_instance_directory}}homeserver.yaml"
|
||||||
|
# notify: recreate matrix
|
||||||
|
#
|
||||||
|
#- name: add log.config
|
||||||
|
# template:
|
||||||
|
# src: "log.config.j2"
|
||||||
|
# dest: "{{docker_compose_instance_directory}}{{synapse_domain}}.log.config"
|
||||||
|
# notify: recreate matrix
|
||||||
|
#
|
||||||
|
## https://github.com/matrix-org/synapse/issues/6303
|
||||||
|
#- name: set correct folder permissions
|
||||||
|
# command:
|
||||||
|
# cmd: "docker run --rm --mount type=volume,src=matrix_synapse_data,dst=/data -e SYNAPSE_SERVER_NAME={{synapse_domain}} -e SYNAPSE_REPORT_STATS=no --entrypoint /bin/sh matrixdotorg/synapse:latest -c 'chown -vR 991:991 /data'"
|
||||||
|
#
|
||||||
|
#- name: add docker-compose.yml
|
||||||
|
# template:
|
||||||
|
# src: "docker-compose.yml.j2"
|
||||||
|
# dest: "{{docker_compose_instance_directory}}docker-compose.yml"
|
||||||
|
# notify: recreate matrix
|
||||||
|
@ -1,84 +0,0 @@
|
|||||||
version: '3.1'
|
|
||||||
|
|
||||||
services:
|
|
||||||
|
|
||||||
synapse:
|
|
||||||
image: matrixdotorg/synapse:latest
|
|
||||||
restart: always
|
|
||||||
logging:
|
|
||||||
driver: journald
|
|
||||||
volumes:
|
|
||||||
- synapse_data:/data
|
|
||||||
- ./homeserver.yaml:/data/homeserver.yaml:ro
|
|
||||||
- ./{{synapse_domain}}.log.config:/data/{{synapse_domain}}.log.config:ro
|
|
||||||
environment:
|
|
||||||
- SYNAPSE_SERVER_NAME={{synapse_domain}}
|
|
||||||
- SYNAPSE_REPORT_STATS=no
|
|
||||||
ports:
|
|
||||||
- "127.0.0.1:{{synapse_http_port}}:8008"
|
|
||||||
depends_on:
|
|
||||||
- database
|
|
||||||
database:
|
|
||||||
logging:
|
|
||||||
driver: journald
|
|
||||||
image: postgres:16
|
|
||||||
restart: unless-stopped
|
|
||||||
volumes:
|
|
||||||
- database:/var/lib/postgresql/data
|
|
||||||
environment:
|
|
||||||
- POSTGRES_DB=matrix
|
|
||||||
- POSTGRES_USER=matrix
|
|
||||||
- POSTGRES_PASSWORD={{matrix_database_password}}
|
|
||||||
- POSTGRES_INITDB_ARGS=--encoding=UTF8 --locale=C
|
|
||||||
healthcheck:
|
|
||||||
test: ["CMD-SHELL", "pg_isready -U matrix"]
|
|
||||||
interval: 10s
|
|
||||||
timeout: 5s
|
|
||||||
retries: 6
|
|
||||||
element:
|
|
||||||
image: vectorim/element-web:latest
|
|
||||||
restart: unless-stopped
|
|
||||||
volumes:
|
|
||||||
- ./element-config.json:/app/config.json
|
|
||||||
ports:
|
|
||||||
- "127.0.0.1:{{element_http_port}}:80"
|
|
||||||
|
|
||||||
# bridges
|
|
||||||
#mautrix-telegram:
|
|
||||||
# container_name: mautrix-telegram
|
|
||||||
# image: dock.mau.dev/mautrix/telegram:<version>
|
|
||||||
# restart: unless-stopped
|
|
||||||
# volumes:
|
|
||||||
# - telegram_bridge_data:/data
|
|
||||||
|
|
||||||
#mautrix-whatsapp:
|
|
||||||
# container_name: mautrix-whatsapp
|
|
||||||
# image: dock.mau.dev/mautrix/whatsapp:latest
|
|
||||||
# restart: unless-stopped
|
|
||||||
# volumes:
|
|
||||||
# - ./mautrix_whatsapp:/data
|
|
||||||
|
|
||||||
#mautrix-facebook:
|
|
||||||
# container_name: mautrix-facebook
|
|
||||||
# image: dock.mau.dev/mautrix/facebook:<version>
|
|
||||||
# restart: unless-stopped
|
|
||||||
# volumes:
|
|
||||||
# - facebook_bridge_data:/data
|
|
||||||
|
|
||||||
#mautrix-instagram:
|
|
||||||
# container_name: mautrix-instagram
|
|
||||||
# image: dock.mau.dev/mautrix/instagram:<version>
|
|
||||||
# restart: unless-stopped
|
|
||||||
# volumes:
|
|
||||||
# - instagram_bridge_data:/data
|
|
||||||
|
|
||||||
volumes:
|
|
||||||
database:
|
|
||||||
synapse_data:
|
|
||||||
#telegram_bridge_data:
|
|
||||||
#whatsapp_bridge_data:
|
|
||||||
#facebook_bridge_data:
|
|
||||||
#instagram_bridge_data:
|
|
||||||
networks:
|
|
||||||
default:
|
|
||||||
driver: bridge
|
|
@ -1,59 +0,0 @@
|
|||||||
{
|
|
||||||
"default_server_config": {
|
|
||||||
"m.homeserver": {
|
|
||||||
"base_url": "https://{{domain_matrix_synapse}}",
|
|
||||||
"server_name": "{{domain_matrix_synapse}}"
|
|
||||||
},
|
|
||||||
"m.identity_server": {
|
|
||||||
"base_url": "https://{{top_domain}}"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"brand": "Element",
|
|
||||||
"integrations_ui_url": "https://scalar.vector.im/",
|
|
||||||
"integrations_rest_url": "https://scalar.vector.im/api",
|
|
||||||
"integrations_widgets_urls": [
|
|
||||||
"https://scalar.vector.im/_matrix/integrations/v1",
|
|
||||||
"https://scalar.vector.im/api",
|
|
||||||
"https://scalar-staging.vector.im/_matrix/integrations/v1",
|
|
||||||
"https://scalar-staging.vector.im/api",
|
|
||||||
"https://scalar-staging.riot.im/scalar/api"
|
|
||||||
],
|
|
||||||
"bug_report_endpoint_url": "https://element.io/bugreports/submit",
|
|
||||||
"uisi_autorageshake_app": "element-auto-uisi",
|
|
||||||
"show_labs_settings": true,
|
|
||||||
"room_directory": {
|
|
||||||
"servers": ["matrix.org", "gitter.im", "libera.chat"]
|
|
||||||
},
|
|
||||||
"enable_presence_by_hs_url": {
|
|
||||||
"https://matrix.org": false,
|
|
||||||
"https://matrix-client.matrix.org": false
|
|
||||||
},
|
|
||||||
"terms_and_conditions_links": [
|
|
||||||
{
|
|
||||||
"url": "https://element.io/privacy",
|
|
||||||
"text": "Privacy Policy"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"url": "https://element.io/cookie-policy",
|
|
||||||
"text": "Cookie Policy"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"sentry": {
|
|
||||||
"dsn": "https://029a0eb289f942508ae0fb17935bd8c5@sentry.matrix.org/6",
|
|
||||||
"environment": "develop"
|
|
||||||
},
|
|
||||||
"posthog": {
|
|
||||||
"project_api_key": "phc_Jzsm6DTm6V2705zeU5dcNvQDlonOR68XvX2sh1sEOHO",
|
|
||||||
"api_host": "https://posthog.element.io"
|
|
||||||
},
|
|
||||||
"privacy_policy_url": "https://element.io/cookie-policy",
|
|
||||||
"features": {
|
|
||||||
"feature_video_rooms": true,
|
|
||||||
"feature_rust_crypto": true,
|
|
||||||
"feature_new_room_decoration_ui": true
|
|
||||||
},
|
|
||||||
"element_call": {
|
|
||||||
"url": "https://call.element.dev"
|
|
||||||
},
|
|
||||||
"map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"
|
|
||||||
}
|
|
@ -1,46 +0,0 @@
|
|||||||
server_name: "{{domain_matrix_synapse}}"
|
|
||||||
pid_file: /data/homeserver.pid
|
|
||||||
listeners:
|
|
||||||
- port: 8008
|
|
||||||
tls: false
|
|
||||||
type: http
|
|
||||||
x_forwarded: true
|
|
||||||
resources:
|
|
||||||
- names: [client, federation]
|
|
||||||
compress: false
|
|
||||||
database:
|
|
||||||
name: psycopg2
|
|
||||||
args:
|
|
||||||
user: matrix
|
|
||||||
password: {{matrix_database_password}}
|
|
||||||
database: matrix
|
|
||||||
host: database
|
|
||||||
cp_min: 5
|
|
||||||
cp_max: 10
|
|
||||||
log_config: "/data/{{domain_matrix_synapse}}.log.config"
|
|
||||||
media_store_path: /data/media_store
|
|
||||||
registration_shared_secret: "{{matrix_registration_shared_secret}}"
|
|
||||||
report_stats: true
|
|
||||||
macaroon_secret_key: "{{matrix_macaroon_secret_key}}"
|
|
||||||
form_secret: "{{matrix_form_secret}}"
|
|
||||||
signing_key_path: "/data/{{domain_matrix_synapse}}.signing.key"
|
|
||||||
web_client_location: "https://{{element_domain}}"
|
|
||||||
public_baseurl: "https://{{synapse_domain}}"
|
|
||||||
trusted_key_servers:
|
|
||||||
- server_name: "matrix.org"
|
|
||||||
admin_contact: 'mailto:{{administrator_email}}'
|
|
||||||
|
|
||||||
email:
|
|
||||||
smtp_host: "{{system_email_host}}"
|
|
||||||
smtp_port: "{{system_email_smtp_port}}"
|
|
||||||
smtp_user: "{{system_email_username}}"
|
|
||||||
smtp_pass: "{{system_email_password}}"
|
|
||||||
#force_tls: true
|
|
||||||
#require_transport_security: true
|
|
||||||
enable_tls: "{{ system_email_tls | upper }}"
|
|
||||||
notif_from: "Your Friendly %(app)s homeserver <{{system_email}}>"
|
|
||||||
app_name: "Matrix on {{top_domain}}"
|
|
||||||
enable_notifs: true
|
|
||||||
notif_for_new_users: false
|
|
||||||
client_base_url: "{{domain_matrix_synapse}}"
|
|
||||||
validation_token_lifetime: 15m
|
|
79
roles/docker-matrix/templates/hosts.yml.j2
Normal file
79
roles/docker-matrix/templates/hosts.yml.j2
Normal file
@ -0,0 +1,79 @@
|
|||||||
|
matrix_servers:
|
||||||
|
hosts:
|
||||||
|
{{inventory_hostname}}:
|
||||||
|
ansible_host: "{{ip4_address}}"
|
||||||
|
ansible_ssh_user: administrator
|
||||||
|
become: true
|
||||||
|
become_user: root
|
||||||
|
ansible_become_password: "{{ansible_become_password}}"
|
||||||
|
# The bare domain name which represents your Matrix identity.
|
||||||
|
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
|
||||||
|
#
|
||||||
|
# Note: this playbook does not touch the server referenced here.
|
||||||
|
# Installation happens on another server ("matrix.<matrix-domain>").
|
||||||
|
#
|
||||||
|
# If you've deployed using the wrong domain, you'll have to run the Uninstalling step,
|
||||||
|
# because you can't change the Domain after deployment.
|
||||||
|
#
|
||||||
|
# Example value: example.com
|
||||||
|
matrix_domain: "{{synapse_domain}}"
|
||||||
|
|
||||||
|
# The Matrix homeserver software to install.
|
||||||
|
# See:
|
||||||
|
# - `roles/custom/matrix-base/defaults/main.yml` for valid options
|
||||||
|
# - the `docs/configuring-playbook-IMPLEMENTATION_NAME.md` documentation page, if one is available for your implementation choice
|
||||||
|
matrix_homeserver_implementation: synapse
|
||||||
|
|
||||||
|
# A secret used as a base, for generating various other secrets.
|
||||||
|
# You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`).
|
||||||
|
matrix_homeserver_generic_secret_key: "{{matrix_generic_secret_key}}"
|
||||||
|
|
||||||
|
# By default, the playbook manages its own Traefik (https://doc.traefik.io/traefik/) reverse-proxy server.
|
||||||
|
# It will retrieve SSL certificates for you on-demand and forward requests to all other components.
|
||||||
|
# For alternatives, see `docs/configuring-playbook-own-webserver.md`.
|
||||||
|
matrix_playbook_reverse_proxy_type: playbook-managed-traefik
|
||||||
|
|
||||||
|
# Ensure that public urls use https
|
||||||
|
matrix_playbook_ssl_enabled: true
|
||||||
|
|
||||||
|
# Disable the web-secure (port 443) endpoint, which also disables SSL certificate retrieval
|
||||||
|
devture_traefik_config_entrypoint_web_secure_enabled: false
|
||||||
|
|
||||||
|
# If your reverse-proxy runs on another machine, consider using `0.0.0.0:81`, just `81` or `SOME_IP_ADDRESS_OF_THIS_MACHINE:81`
|
||||||
|
devture_traefik_container_web_host_bind_port: "127.0.0.1:{{http_port}}"
|
||||||
|
|
||||||
|
# We bind to `127.0.0.1` by default (see above), so trusting `X-Forwarded-*` headers from
|
||||||
|
# a reverse-proxy running on the local machine is safe enough.
|
||||||
|
devture_traefik_config_entrypoint_web_forwardedHeaders_insecure: true
|
||||||
|
|
||||||
|
# This is something which is provided to Let's Encrypt when retrieving SSL certificates for domains.
|
||||||
|
#
|
||||||
|
# In case SSL renewal fails at some point, you'll also get an email notification there.
|
||||||
|
#
|
||||||
|
# If you decide to use another method for managing SSL certificates (different than the default Let's Encrypt),
|
||||||
|
# you won't be required to define this variable (see `docs/configuring-playbook-ssl-certificates.md`).
|
||||||
|
#
|
||||||
|
# Example value: someone@example.com
|
||||||
|
devture_traefik_config_certificatesResolvers_acme_email: "{{administrator_email}}"
|
||||||
|
|
||||||
|
# A Postgres password to use for the superuser Postgres user (called `matrix` by default).
|
||||||
|
#
|
||||||
|
# The playbook creates additional Postgres users and databases (one for each enabled service)
|
||||||
|
# using this superuser account.
|
||||||
|
devture_postgres_connection_password: ''
|
||||||
|
|
||||||
|
# By default, we configure Coturn's external IP address using the value specified for `ansible_host` in your `inventory/hosts` file.
|
||||||
|
# If this value is an external IP address, you can skip this section.
|
||||||
|
#
|
||||||
|
# If `ansible_host` is not the server's external IP address, you have 2 choices:
|
||||||
|
# 1. Uncomment the line below, to allow IP address auto-detection to happen (more on this below)
|
||||||
|
# 2. Uncomment and adjust the line below to specify an IP address manually
|
||||||
|
#
|
||||||
|
# By default, auto-detection will be attempted using the `https://ifconfig.co/json` API.
|
||||||
|
# Default values for this are specified in `matrix_coturn_turn_external_ip_address_auto_detection_*` variables in the Coturn role
|
||||||
|
# (see `roles/custom/matrix-coturn/defaults/main.yml`).
|
||||||
|
#
|
||||||
|
# If your server has multiple IP addresses, you may define them in another variable which allows a list of addresses.
|
||||||
|
# Example: `matrix_coturn_turn_external_ip_addresses: ['1.2.3.4', '4.5.6.7']`
|
||||||
|
#
|
||||||
|
# matrix_coturn_turn_external_ip_address: ''
|
@ -1,25 +0,0 @@
|
|||||||
version: 1
|
|
||||||
|
|
||||||
formatters:
|
|
||||||
precise:
|
|
||||||
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
|
|
||||||
|
|
||||||
handlers:
|
|
||||||
file:
|
|
||||||
class: logging.handlers.RotatingFileHandler
|
|
||||||
formatter: precise
|
|
||||||
filename: /data/{{synapse_domain}}.homeserver.log
|
|
||||||
maxBytes: 10485760
|
|
||||||
backupCount: 3
|
|
||||||
console:
|
|
||||||
class: logging.StreamHandler
|
|
||||||
formatter: precise
|
|
||||||
|
|
||||||
loggers:
|
|
||||||
synapse:
|
|
||||||
level: INFO
|
|
||||||
handlers: [file, console]
|
|
||||||
|
|
||||||
root:
|
|
||||||
level: INFO
|
|
||||||
handlers: [file, console]
|
|
@ -1,461 +0,0 @@
|
|||||||
# Homeserver details.
|
|
||||||
homeserver:
|
|
||||||
# The address that this appservice can use to connect to the homeserver.
|
|
||||||
address: https://{{synapse_domain}}
|
|
||||||
# The domain of the homeserver (for MXIDs, etc).
|
|
||||||
domain: {{synapse_domain}}
|
|
||||||
|
|
||||||
# What software is the homeserver running?
|
|
||||||
# Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
|
|
||||||
software: standard
|
|
||||||
# The URL to push real-time bridge status to.
|
|
||||||
# If set, the bridge will make POST requests to this URL whenever a user's whatsapp connection state changes.
|
|
||||||
# The bridge will use the appservice as_token to authorize requests.
|
|
||||||
status_endpoint: null
|
|
||||||
# Endpoint for reporting per-message status.
|
|
||||||
message_send_checkpoint_endpoint: null
|
|
||||||
# Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
|
|
||||||
async_media: false
|
|
||||||
# Should the bridge use a websocket for connecting to the homeserver?
|
|
||||||
# The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy,
|
|
||||||
# mautrix-asmux (deprecated), and hungryserv (proprietary).
|
|
||||||
websocket: false
|
|
||||||
# How often should the websocket be pinged? Pinging will be disabled if this is zero.
|
|
||||||
ping_interval_seconds: 0
|
|
||||||
|
|
||||||
# Application service host/registration related details.
|
|
||||||
# Changing these values requires regeneration of the registration.
|
|
||||||
appservice:
|
|
||||||
# The address that the homeserver can use to connect to this appservice.
|
|
||||||
address: http://localhost:29318
|
|
||||||
|
|
||||||
# The hostname and port where this appservice should listen.
|
|
||||||
hostname: 0.0.0.0
|
|
||||||
port: 29318
|
|
||||||
|
|
||||||
# Database config.
|
|
||||||
database:
|
|
||||||
# The database type. "sqlite3-fk-wal" and "postgres" are supported.
|
|
||||||
type: postgres
|
|
||||||
# The database URI.
|
|
||||||
# SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
|
|
||||||
# https://github.com/mattn/go-sqlite3#connection-string
|
|
||||||
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
|
|
||||||
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
|
|
||||||
uri: postgres://matrix:{{matrix_database_password}}@database/matrix?sslmode=disable
|
|
||||||
# Maximum number of connections. Mostly relevant for Postgres.
|
|
||||||
max_open_conns: 20
|
|
||||||
max_idle_conns: 2
|
|
||||||
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
|
|
||||||
# Parsed with https://pkg.go.dev/time#ParseDuration
|
|
||||||
max_conn_idle_time: null
|
|
||||||
max_conn_lifetime: null
|
|
||||||
|
|
||||||
# The unique ID of this appservice.
|
|
||||||
id: whatsapp
|
|
||||||
# Appservice bot details.
|
|
||||||
bot:
|
|
||||||
# Username of the appservice bot.
|
|
||||||
username: whatsappbot
|
|
||||||
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
|
|
||||||
# to leave display name/avatar as-is.
|
|
||||||
displayname: WhatsApp bridge bot
|
|
||||||
avatar: mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr
|
|
||||||
# Whether or not to receive ephemeral events via appservice transactions.
|
|
||||||
# Requires MSC2409 support (i.e. Synapse 1.22+).
|
|
||||||
ephemeral_events: true
|
|
||||||
# Should incoming events be handled asynchronously?
|
|
||||||
# This may be necessary for large public instances with lots of messages going through.
|
|
||||||
# However, messages will not be guaranteed to be bridged in the same order they were sent in.
|
|
||||||
async_transactions: false
|
|
||||||
|
|
||||||
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
|
|
||||||
as_token: "GvOrixRxN8G2dO1KhUgWKL8yhC0lgSBtbr819nntLV2ZcPlWayjWj14YIVKMJHmA"
|
|
||||||
hs_token: "oQbRcd1KO2ggrF9lu13fElKnp1Zf0GDU9fiTFSwQQjnD3VmcRnVlZqhMpXu3criI"
|
|
||||||
|
|
||||||
# Segment-compatible analytics endpoint for tracking some events, like provisioning API login and encryption errors.
|
|
||||||
analytics:
|
|
||||||
# Hostname of the tracking server. The path is hardcoded to /v1/track
|
|
||||||
host: api.segment.io
|
|
||||||
# API key to send with tracking requests. Tracking is disabled if this is null.
|
|
||||||
token: null
|
|
||||||
# Optional user ID for tracking events. If null, defaults to using Matrix user ID.
|
|
||||||
user_id: null
|
|
||||||
|
|
||||||
# Prometheus config.
|
|
||||||
metrics:
|
|
||||||
# Enable prometheus metrics?
|
|
||||||
enabled: false
|
|
||||||
# IP and port where the metrics listener should be. The path is always /metrics
|
|
||||||
listen: 127.0.0.1:8001
|
|
||||||
|
|
||||||
# Config for things that are directly sent to WhatsApp.
|
|
||||||
whatsapp:
|
|
||||||
# Device name that's shown in the "WhatsApp Web" section in the mobile app.
|
|
||||||
os_name: Mautrix-WhatsApp bridge
|
|
||||||
# Browser name that determines the logo shown in the mobile app.
|
|
||||||
# Must be "unknown" for a generic icon or a valid browser name if you want a specific icon.
|
|
||||||
# List of valid browser names: https://github.com/tulir/whatsmeow/blob/efc632c008604016ddde63bfcfca8de4e5304da9/binary/proto/def.proto#L43-L64
|
|
||||||
browser_name: unknown
|
|
||||||
|
|
||||||
# Bridge config
|
|
||||||
bridge:
|
|
||||||
# Localpart template of MXIDs for WhatsApp users.
|
|
||||||
# {{.}} is replaced with the phone number of the WhatsApp user.
|
|
||||||
username_template: whatsapp_{{.}}
|
|
||||||
# Displayname template for WhatsApp users.
|
|
||||||
# {{.PushName}} - nickname set by the WhatsApp user
|
|
||||||
# {{.BusinessName}} - validated WhatsApp business name
|
|
||||||
# {{.Phone}} - phone number (international format)
|
|
||||||
# The following variables are also available, but will cause problems on multi-user instances:
|
|
||||||
# {{.FullName}} - full name from contact list
|
|
||||||
# {{.FirstName}} - first name from contact list
|
|
||||||
displayname_template: "{{or .BusinessName .PushName .JID}} (WA)"
|
|
||||||
# Should the bridge create a space for each logged-in user and add bridged rooms to it?
|
|
||||||
# Users who logged in before turning this on should run `!wa sync space` to create and fill the space for the first time.
|
|
||||||
personal_filtering_spaces: false
|
|
||||||
# Should the bridge send a read receipt from the bridge bot when a message has been sent to WhatsApp?
|
|
||||||
delivery_receipts: false
|
|
||||||
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
|
|
||||||
message_status_events: false
|
|
||||||
# Whether the bridge should send error notices via m.notice events when a message fails to bridge.
|
|
||||||
message_error_notices: true
|
|
||||||
# Should incoming calls send a message to the Matrix room?
|
|
||||||
call_start_notices: true
|
|
||||||
# Should another user's cryptographic identity changing send a message to Matrix?
|
|
||||||
identity_change_notices: false
|
|
||||||
portal_message_buffer: 128
|
|
||||||
# Settings for handling history sync payloads.
|
|
||||||
history_sync:
|
|
||||||
# Enable backfilling history sync payloads from WhatsApp?
|
|
||||||
backfill: true
|
|
||||||
# The maximum number of initial conversations that should be synced.
|
|
||||||
# Other conversations will be backfilled on demand when receiving a message or when initiating a direct chat.
|
|
||||||
max_initial_conversations: -1
|
|
||||||
# Maximum number of messages to backfill in each conversation.
|
|
||||||
# Set to -1 to disable limit.
|
|
||||||
message_count: 50
|
|
||||||
# Should the bridge request a full sync from the phone when logging in?
|
|
||||||
# This bumps the size of history syncs from 3 months to 1 year.
|
|
||||||
request_full_sync: false
|
|
||||||
# Configuration parameters that are sent to the phone along with the request full sync flag.
|
|
||||||
# By default (when the values are null or 0), the config isn't sent at all.
|
|
||||||
full_sync_config:
|
|
||||||
# Number of days of history to request.
|
|
||||||
# The limit seems to be around 3 years, but using higher values doesn't break.
|
|
||||||
days_limit: null
|
|
||||||
# This is presumably the maximum size of the transferred history sync blob, which may affect what the phone includes in the blob.
|
|
||||||
size_mb_limit: null
|
|
||||||
# This is presumably the local storage quota, which may affect what the phone includes in the history sync blob.
|
|
||||||
storage_quota_mb: null
|
|
||||||
# If this value is greater than 0, then if the conversation's last message was more than
|
|
||||||
# this number of hours ago, then the conversation will automatically be marked it as read.
|
|
||||||
# Conversations that have a last message that is less than this number of hours ago will
|
|
||||||
# have their unread status synced from WhatsApp.
|
|
||||||
unread_hours_threshold: 0
|
|
||||||
###############################################################################
|
|
||||||
# The settings below are only applicable for backfilling using batch sending, #
|
|
||||||
# which is no longer supported in Synapse. #
|
|
||||||
###############################################################################
|
|
||||||
|
|
||||||
# Settings for media requests. If the media expired, then it will not be on the WA servers.
|
|
||||||
# Media can always be requested by reacting with the ♻️ (recycle) emoji.
|
|
||||||
# These settings determine if the media requests should be done automatically during or after backfill.
|
|
||||||
media_requests:
|
|
||||||
# Should expired media be automatically requested from the server as part of the backfill process?
|
|
||||||
auto_request_media: true
|
|
||||||
# Whether to request the media immediately after the media message is backfilled ("immediate")
|
|
||||||
# or at a specific time of the day ("local_time").
|
|
||||||
request_method: immediate
|
|
||||||
# If request_method is "local_time", what time should the requests be sent (in minutes after midnight)?
|
|
||||||
request_local_time: 120
|
|
||||||
# Settings for immediate backfills. These backfills should generally be small and their main purpose is
|
|
||||||
# to populate each of the initial chats (as configured by max_initial_conversations) with a few messages
|
|
||||||
# so that you can continue conversations without losing context.
|
|
||||||
immediate:
|
|
||||||
# The number of concurrent backfill workers to create for immediate backfills.
|
|
||||||
# Note that using more than one worker could cause the room list to jump around
|
|
||||||
# since there are no guarantees about the order in which the backfills will complete.
|
|
||||||
worker_count: 1
|
|
||||||
# The maximum number of events to backfill initially.
|
|
||||||
max_events: 10
|
|
||||||
# Settings for deferred backfills. The purpose of these backfills are to fill in the rest of
|
|
||||||
# the chat history that was not covered by the immediate backfills.
|
|
||||||
# These backfills generally should happen at a slower pace so as not to overload the homeserver.
|
|
||||||
# Each deferred backfill config should define a "stage" of backfill (i.e. the last week of messages).
|
|
||||||
# The fields are as follows:
|
|
||||||
# - start_days_ago: the number of days ago to start backfilling from.
|
|
||||||
# To indicate the start of time, use -1. For example, for a week ago, use 7.
|
|
||||||
# - max_batch_events: the number of events to send per batch.
|
|
||||||
# - batch_delay: the number of seconds to wait before backfilling each batch.
|
|
||||||
deferred:
|
|
||||||
# Last Week
|
|
||||||
- start_days_ago: 7
|
|
||||||
max_batch_events: 20
|
|
||||||
batch_delay: 5
|
|
||||||
# Last Month
|
|
||||||
- start_days_ago: 30
|
|
||||||
max_batch_events: 50
|
|
||||||
batch_delay: 10
|
|
||||||
# Last 3 months
|
|
||||||
- start_days_ago: 90
|
|
||||||
max_batch_events: 100
|
|
||||||
batch_delay: 10
|
|
||||||
# The start of time
|
|
||||||
- start_days_ago: -1
|
|
||||||
max_batch_events: 500
|
|
||||||
batch_delay: 10
|
|
||||||
# Should puppet avatars be fetched from the server even if an avatar is already set?
|
|
||||||
user_avatar_sync: true
|
|
||||||
# Should Matrix users leaving groups be bridged to WhatsApp?
|
|
||||||
bridge_matrix_leave: true
|
|
||||||
# Should the bridge update the m.direct account data event when double puppeting is enabled.
|
|
||||||
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
|
|
||||||
# and is therefore prone to race conditions.
|
|
||||||
sync_direct_chat_list: false
|
|
||||||
# Should the bridge use MSC2867 to bridge manual "mark as unread"s from
|
|
||||||
# WhatsApp and set the unread status on initial backfill?
|
|
||||||
# This will only work on clients that support the m.marked_unread or
|
|
||||||
# com.famedly.marked_unread room account data.
|
|
||||||
sync_manual_marked_unread: true
|
|
||||||
# When double puppeting is enabled, users can use `!wa toggle` to change whether
|
|
||||||
# presence is bridged. This setting sets the default value.
|
|
||||||
# Existing users won't be affected when these are changed.
|
|
||||||
default_bridge_presence: true
|
|
||||||
# Send the presence as "available" to whatsapp when users start typing on a portal.
|
|
||||||
# This works as a workaround for homeservers that do not support presence, and allows
|
|
||||||
# users to see when the whatsapp user on the other side is typing during a conversation.
|
|
||||||
send_presence_on_typing: false
|
|
||||||
# Should the bridge always send "active" delivery receipts (two gray ticks on WhatsApp)
|
|
||||||
# even if the user isn't marked as online (e.g. when presence bridging isn't enabled)?
|
|
||||||
#
|
|
||||||
# By default, the bridge acts like WhatsApp web, which only sends active delivery
|
|
||||||
# receipts when it's in the foreground.
|
|
||||||
force_active_delivery_receipts: false
|
|
||||||
# Servers to always allow double puppeting from
|
|
||||||
double_puppet_server_map:
|
|
||||||
example.com: https://example.com
|
|
||||||
# Allow using double puppeting from any server with a valid client .well-known file.
|
|
||||||
double_puppet_allow_discovery: false
|
|
||||||
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
|
|
||||||
#
|
|
||||||
# If set, double puppeting will be enabled automatically for local users
|
|
||||||
# instead of users having to find an access token and run `login-matrix`
|
|
||||||
# manually.
|
|
||||||
login_shared_secret_map:
|
|
||||||
example.com: foobar
|
|
||||||
# Whether to explicitly set the avatar and room name for private chat portal rooms.
|
|
||||||
# If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
|
|
||||||
# If set to `always`, all DM rooms will have explicit names and avatars set.
|
|
||||||
# If set to `never`, DM rooms will never have names and avatars set.
|
|
||||||
private_chat_portal_meta: default
|
|
||||||
# Should group members be synced in parallel? This makes member sync faster
|
|
||||||
parallel_member_sync: false
|
|
||||||
# Should Matrix m.notice-type messages be bridged?
|
|
||||||
bridge_notices: true
|
|
||||||
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
|
|
||||||
# This field will automatically be changed back to false after it, except if the config file is not writable.
|
|
||||||
resend_bridge_info: false
|
|
||||||
# When using double puppeting, should muted chats be muted in Matrix?
|
|
||||||
mute_bridging: false
|
|
||||||
# When using double puppeting, should archived chats be moved to a specific tag in Matrix?
|
|
||||||
# Note that WhatsApp unarchives chats when a message is received, which will also be mirrored to Matrix.
|
|
||||||
# This can be set to a tag (e.g. m.lowpriority), or null to disable.
|
|
||||||
archive_tag: null
|
|
||||||
# Same as above, but for pinned chats. The favorite tag is called m.favourite
|
|
||||||
pinned_tag: null
|
|
||||||
# Should mute status and tags only be bridged when the portal room is created?
|
|
||||||
tag_only_on_create: true
|
|
||||||
# Should WhatsApp status messages be bridged into a Matrix room?
|
|
||||||
# Disabling this won't affect already created status broadcast rooms.
|
|
||||||
enable_status_broadcast: true
|
|
||||||
# Should sending WhatsApp status messages be allowed?
|
|
||||||
# This can cause issues if the user has lots of contacts, so it's disabled by default.
|
|
||||||
disable_status_broadcast_send: true
|
|
||||||
# Should the status broadcast room be muted and moved into low priority by default?
|
|
||||||
# This is only applied when creating the room, the user can unmute it later.
|
|
||||||
mute_status_broadcast: true
|
|
||||||
# Tag to apply to the status broadcast room.
|
|
||||||
status_broadcast_tag: m.lowpriority
|
|
||||||
# Should the bridge use thumbnails from WhatsApp?
|
|
||||||
# They're disabled by default due to very low resolution.
|
|
||||||
whatsapp_thumbnail: false
|
|
||||||
# Allow invite permission for user. User can invite any bots to room with whatsapp
|
|
||||||
# users (private chat and groups)
|
|
||||||
allow_user_invite: false
|
|
||||||
# Whether or not created rooms should have federation enabled.
|
|
||||||
# If false, created portal rooms will never be federated.
|
|
||||||
federate_rooms: true
|
|
||||||
# Should the bridge never send alerts to the bridge management room?
|
|
||||||
# These are mostly things like the user being logged out.
|
|
||||||
disable_bridge_alerts: false
|
|
||||||
# Should the bridge stop if the WhatsApp server says another user connected with the same session?
|
|
||||||
# This is only safe on single-user bridges.
|
|
||||||
crash_on_stream_replaced: false
|
|
||||||
# Should the bridge detect URLs in outgoing messages, ask the homeserver to generate a preview,
|
|
||||||
# and send it to WhatsApp? URL previews can always be sent using the `com.beeper.linkpreviews`
|
|
||||||
# key in the event content even if this is disabled.
|
|
||||||
url_previews: false
|
|
||||||
# Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552.
|
|
||||||
# This is currently not supported in most clients.
|
|
||||||
caption_in_message: false
|
|
||||||
# Send galleries as a single event? This is not an MSC (yet).
|
|
||||||
beeper_galleries: false
|
|
||||||
# Should polls be sent using MSC3381 event types?
|
|
||||||
extev_polls: false
|
|
||||||
# Should cross-chat replies from WhatsApp be bridged? Most servers and clients don't support this.
|
|
||||||
cross_room_replies: false
|
|
||||||
# Disable generating reply fallbacks? Some extremely bad clients still rely on them,
|
|
||||||
# but they're being phased out and will be completely removed in the future.
|
|
||||||
disable_reply_fallbacks: false
|
|
||||||
# Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration
|
|
||||||
# Null means there's no enforced timeout.
|
|
||||||
message_handling_timeout:
|
|
||||||
# Send an error message after this timeout, but keep waiting for the response until the deadline.
|
|
||||||
# This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay.
|
|
||||||
# If the message is older than this when it reaches the bridge, the message won't be handled at all.
|
|
||||||
error_after: null
|
|
||||||
# Drop messages after this timeout. They may still go through if the message got sent to the servers.
|
|
||||||
# This is counted from the time the bridge starts handling the message.
|
|
||||||
deadline: 120s
|
|
||||||
|
|
||||||
# The prefix for commands. Only required in non-management rooms.
|
|
||||||
command_prefix: "!wa"
|
|
||||||
|
|
||||||
# Messages sent upon joining a management room.
|
|
||||||
# Markdown is supported. The defaults are listed below.
|
|
||||||
management_room_text:
|
|
||||||
# Sent when joining a room.
|
|
||||||
welcome: "Hello, I'm a WhatsApp bridge bot."
|
|
||||||
# Sent when joining a management room and the user is already logged in.
|
|
||||||
welcome_connected: "Use `help` for help."
|
|
||||||
# Sent when joining a management room and the user is not logged in.
|
|
||||||
welcome_unconnected: "Use `help` for help or `login` to log in."
|
|
||||||
# Optional extra text sent when joining a management room.
|
|
||||||
additional_help: ""
|
|
||||||
|
|
||||||
# End-to-bridge encryption support options.
|
|
||||||
#
|
|
||||||
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
|
|
||||||
encryption:
|
|
||||||
# Allow encryption, work in group chat rooms with e2ee enabled
|
|
||||||
allow: false
|
|
||||||
# Default to encryption, force-enable encryption in all portals the bridge creates
|
|
||||||
# This will cause the bridge bot to be in private chats for the encryption to work properly.
|
|
||||||
default: false
|
|
||||||
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
|
|
||||||
appservice: false
|
|
||||||
# Require encryption, drop any unencrypted messages.
|
|
||||||
require: false
|
|
||||||
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
|
|
||||||
# You must use a client that supports requesting keys from other users to use this feature.
|
|
||||||
allow_key_sharing: false
|
|
||||||
# Should users mentions be in the event wire content to enable the server to send push notifications?
|
|
||||||
plaintext_mentions: false
|
|
||||||
# Options for deleting megolm sessions from the bridge.
|
|
||||||
delete_keys:
|
|
||||||
# Beeper-specific: delete outbound sessions when hungryserv confirms
|
|
||||||
# that the user has uploaded the key to key backup.
|
|
||||||
delete_outbound_on_ack: false
|
|
||||||
# Don't store outbound sessions in the inbound table.
|
|
||||||
dont_store_outbound: false
|
|
||||||
# Ratchet megolm sessions forward after decrypting messages.
|
|
||||||
ratchet_on_decrypt: false
|
|
||||||
# Delete fully used keys (index >= max_messages) after decrypting messages.
|
|
||||||
delete_fully_used_on_decrypt: false
|
|
||||||
# Delete previous megolm sessions from same device when receiving a new one.
|
|
||||||
delete_prev_on_new_session: false
|
|
||||||
# Delete megolm sessions received from a device when the device is deleted.
|
|
||||||
delete_on_device_delete: false
|
|
||||||
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
|
|
||||||
periodically_delete_expired: false
|
|
||||||
# Delete inbound megolm sessions that don't have the received_at field used for
|
|
||||||
# automatic ratcheting and expired session deletion. This is meant as a migration
|
|
||||||
# to delete old keys prior to the bridge update.
|
|
||||||
delete_outdated_inbound: false
|
|
||||||
# What level of device verification should be required from users?
|
|
||||||
#
|
|
||||||
# Valid levels:
|
|
||||||
# unverified - Send keys to all device in the room.
|
|
||||||
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
|
|
||||||
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
|
|
||||||
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
|
|
||||||
# Note that creating user signatures from the bridge bot is not currently possible.
|
|
||||||
# verified - Require manual per-device verification
|
|
||||||
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
|
|
||||||
verification_levels:
|
|
||||||
# Minimum level for which the bridge should send keys to when bridging messages from WhatsApp to Matrix.
|
|
||||||
receive: unverified
|
|
||||||
# Minimum level that the bridge should accept for incoming Matrix messages.
|
|
||||||
send: unverified
|
|
||||||
# Minimum level that the bridge should require for accepting key requests.
|
|
||||||
share: cross-signed-tofu
|
|
||||||
# Options for Megolm room key rotation. These options allow you to
|
|
||||||
# configure the m.room.encryption event content. See:
|
|
||||||
# https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
|
|
||||||
# more information about that event.
|
|
||||||
rotation:
|
|
||||||
# Enable custom Megolm room key rotation settings. Note that these
|
|
||||||
# settings will only apply to rooms created after this option is
|
|
||||||
# set.
|
|
||||||
enable_custom: false
|
|
||||||
# The maximum number of milliseconds a session should be used
|
|
||||||
# before changing it. The Matrix spec recommends 604800000 (a week)
|
|
||||||
# as the default.
|
|
||||||
milliseconds: 604800000
|
|
||||||
# The maximum number of messages that should be sent with a given a
|
|
||||||
# session before changing it. The Matrix spec recommends 100 as the
|
|
||||||
# default.
|
|
||||||
messages: 100
|
|
||||||
# Disable rotating keys when a user's devices change?
|
|
||||||
# You should not enable this option unless you understand all the implications.
|
|
||||||
disable_device_change_key_rotation: false
|
|
||||||
|
|
||||||
# Settings for provisioning API
|
|
||||||
provisioning:
|
|
||||||
# Prefix for the provisioning API paths.
|
|
||||||
prefix: /_matrix/provision
|
|
||||||
# Shared secret for authentication. If set to "generate", a random secret will be generated,
|
|
||||||
# or if set to "disable", the provisioning API will be disabled.
|
|
||||||
shared_secret: kY8Ez6M80YBpvGtMz5R1Mb1c7deb8d9zxmlvqwTv0HGCKPVqcrTmHu90Wi04828z
|
|
||||||
# Enable debug API at /debug with provisioning authentication.
|
|
||||||
debug_endpoints: false
|
|
||||||
|
|
||||||
# Permissions for using the bridge.
|
|
||||||
# Permitted values:
|
|
||||||
# relay - Talk through the relaybot (if enabled), no access otherwise
|
|
||||||
# user - Access to use the bridge to chat with a WhatsApp account.
|
|
||||||
# admin - User level and some additional administration tools
|
|
||||||
# Permitted keys:
|
|
||||||
# * - All Matrix users
|
|
||||||
# domain - All users on that homeserver
|
|
||||||
# mxid - Specific user
|
|
||||||
permissions:
|
|
||||||
"*": relay
|
|
||||||
"example.com": user
|
|
||||||
"@admin:example.com": admin
|
|
||||||
|
|
||||||
# Settings for relay mode
|
|
||||||
relay:
|
|
||||||
# Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any
|
|
||||||
# authenticated user into a relaybot for that chat.
|
|
||||||
enabled: false
|
|
||||||
# Should only admins be allowed to set themselves as relay users?
|
|
||||||
admin_only: true
|
|
||||||
# The formats to use when sending messages to WhatsApp via the relaybot.
|
|
||||||
message_formats:
|
|
||||||
m.text: "<b>{{ .Sender.Displayname }}</b>: {{ .Message }}"
|
|
||||||
m.notice: "<b>{{ .Sender.Displayname }}</b>: {{ .Message }}"
|
|
||||||
m.emote: "* <b>{{ .Sender.Displayname }}</b> {{ .Message }}"
|
|
||||||
m.file: "<b>{{ .Sender.Displayname }}</b> sent a file"
|
|
||||||
m.image: "<b>{{ .Sender.Displayname }}</b> sent an image"
|
|
||||||
m.audio: "<b>{{ .Sender.Displayname }}</b> sent an audio file"
|
|
||||||
m.video: "<b>{{ .Sender.Displayname }}</b> sent a video"
|
|
||||||
m.location: "<b>{{ .Sender.Displayname }}</b> sent a location"
|
|
||||||
|
|
||||||
# Logging config. See https://github.com/tulir/zeroconfig for details.
|
|
||||||
logging:
|
|
||||||
min_level: debug
|
|
||||||
writers:
|
|
||||||
- type: stdout
|
|
||||||
format: pretty-colored
|
|
@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
docker_compose_instance_directory: "{{path_docker_compose_instances}}matrix/"
|
local_repository_directory: "{{role_path}}/matrix-docker-ansible-deploy"
|
@ -205,10 +205,12 @@
|
|||||||
roles:
|
roles:
|
||||||
- role: docker-matrix
|
- role: docker-matrix
|
||||||
vars:
|
vars:
|
||||||
synapse_domain: "{{domain_matrix_synapse}}"
|
domains:
|
||||||
synapse_http_port: 8021
|
- "{{domain_matrix_element}}"
|
||||||
|
- "{{domain_matrix_synapse}}"
|
||||||
element_domain: "{{domain_matrix_element}}"
|
element_domain: "{{domain_matrix_element}}"
|
||||||
element_http_port: 8022
|
synapse_domain: "{{domain_matrix_synapse}}"
|
||||||
|
http_port: 8021
|
||||||
|
|
||||||
- name: setup akaunting hosts
|
- name: setup akaunting hosts
|
||||||
hosts: akaunting
|
hosts: akaunting
|
||||||
|
Loading…
Reference in New Issue
Block a user