diff --git a/roles/docker-matrix-compose/templates/mautrix/imessage.config.yml.j2 b/roles/docker-matrix-compose/templates/mautrix/imessage.config.yml.j2 new file mode 100644 index 00000000..4a8966c6 --- /dev/null +++ b/roles/docker-matrix-compose/templates/mautrix/imessage.config.yml.j2 @@ -0,0 +1,373 @@ +# Homeserver details. +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: http://synapse:8008 + # The address to mautrix-wsproxy (which should usually be next to the homeserver behind a reverse proxy). + # Only the /_matrix/client/unstable/fi.mau.as_sync websocket endpoint is used on this address. + # + # Set to null to disable using the websocket. When not using the websocket, make sure hostname and port are set in the appservice section. + websocket_proxy: wss://synapse:8008 + # How often should the websocket be pinged? Pinging will be disabled if this is zero. + ping_interval_seconds: 0 + # The domain of the homeserver (also known as server_name, used for MXIDs, etc). + domain: {{matrix_server_name}} + + # What software is the homeserver running? + # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. + software: standard + # Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246? + async_media: false + +# Application service host/registration related details. +# Changing these values requires regeneration of the registration. +appservice: + # The hostname and port where this appservice should listen. + # The default method of deploying mautrix-imessage is using a websocket proxy, so it doesn't need a http server + # To use a http server instead of a websocket, set websocket_proxy to null in the homeserver section, + # and set the port below to a real port. + hostname: 0.0.0.0 + port: null + # Optional TLS certificates to listen for https instead of http connections. + tls_key: null + tls_cert: null + + # Database config. + database: + # The database type. Only "sqlite3-fk-wal" is supported. + type: sqlite3-fk-wal + # SQLite database path. A raw file path is supported, but `file:?_txlock=immediate` is recommended. + uri: file:mautrix-imessage.db?_txlock=immediate + + # The unique ID of this appservice. + id: imessage + # Appservice bot details. + bot: + # Username of the appservice bot. + username: imessagebot + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + displayname: iMessage bridge bot + avatar: mxc://maunium.net/tManJEpANASZvDVzvRvhILdX + + # Whether or not to receive ephemeral events via appservice transactions. + # Requires MSC2409 support (i.e. Synapse 1.22+). + # You should disable bridge -> sync_with_custom_puppets when this is enabled. + ephemeral_events: true + + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. + as_token: "This value is generated when generating the registration" + hs_token: "This value is generated when generating the registration" + +# iMessage connection config +imessage: + # Available platforms: + # * mac: Standard Mac connector, requires full disk access and will ask for AppleScript and contacts permission. + # * ios: Jailbreak iOS connector when using with Brooklyn. + # * android: Equivalent to ios, but for use with the Android SMS wrapper app. + # * mac-nosip: Mac without SIP connector, runs Barcelona as a subprocess. + platform: mac + # Path to the Barcelona executable for the mac-nosip connector + imessage_rest_path: darwin-barcelona-mautrix + # Additional arguments to pass to the mac-nosip connector + imessage_rest_args: [] + # The mode for fetching contacts in the no-SIP connector. + # The default mode is `ipc` which will ask Barcelona. However, recent versions of Barcelona have removed contact support. + # You can specify `mac` to use Contacts.framework directly instead of through Barcelona. + # You can also specify `disable` to not try to use contacts at all. + contacts_mode: ipc + # Whether to log the contents of IPC payloads + log_ipc_payloads: false + # For the no-SIP connector, hackily set the user account locale before starting Barcelona. + hacky_set_locale: null + # A list of environment variables to add for the Barcelona process (as NAME=value strings) + environment: [] + # Path to unix socket for Barcelona communication. + unix_socket: mautrix-imessage.sock + # Interval to ping Barcelona at. The process will exit if Barcelona doesn't respond in time. + ping_interval_seconds: 15 + # Should media on disk be deleted after bridging to Matrix? + delete_media_after_upload: false + + bluebubbles_url: + bluebubbles_password: + +# Segment settings for collecting some debug data. +segment: + key: null + user_id: null + +hacky_startup_test: + identifier: null + message: null + response_message: null + key: null + echo_mode: false + send_on_startup: false + periodic_resolve: -1 + +# Bridge config +bridge: + # The user of the bridge. + user: "@you:example.com" +{% raw %} + # Localpart template of MXIDs for iMessage users. + # {{.}} is replaced with the phone number or email of the iMessage user. + username_template: imessage_{{.}} + # Displayname template for iMessage users. + # {{.}} is replaced with the contact list name (if available) or username (phone number or email) of the iMessage user. + displayname_template: "{{.}} (iMessage)" + # Should the bridge create a space and add bridged rooms to it? + personal_filtering_spaces: false +{% endraw %} + # Whether or not the bridge should send a read receipt from the bridge bot when a message has been + # sent to iMessage. + delivery_receipts: false + # Whether or not the bridge should send the message status as a custom + # com.beeper.message_send_status event. + message_status_events: true + # Whether or not the bridge should send error notices via m.notice events + # when a message fails to bridge. + send_error_notices: true + # The maximum number of seconds between the message arriving at the + # homeserver and the bridge attempting to send the message. This can help + # prevent messages from being bridged a long time after arriving at the + # homeserver which could cause confusion in the chat history on the remote + # network. Set to 0 to disable. + max_handle_seconds: 0 + # Device ID to include in m.bridge data, read by client-integrated Android SMS. + # Not relevant for standalone bridges nor iMessage. + device_id: null + # Whether or not to sync with custom puppets to receive EDUs that are not normally sent to appservices. + sync_with_custom_puppets: false + # Whether or not to update the m.direct account data event when double puppeting is enabled. + # Note that updating the m.direct event is not atomic (except with mautrix-asmux) + # and is therefore prone to race conditions. + sync_direct_chat_list: false + # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, double puppeting will be enabled automatically instead of the user + # having to find an access token and run `login-matrix` manually. + login_shared_secret: null + # Homeserver URL for the double puppet. If null, will use the URL set in homeserver -> address + double_puppet_server_url: null + # Backfill settings + backfill: + # Should backfilling be enabled at all? + enable: true + # Maximum number of messages to backfill for new portal rooms. + initial_limit: 100 + # Maximum age of chats to sync in days. + initial_sync_max_age: 0.5 + # If a backfilled chat is older than this number of hours, mark it as read even if it's unread on iMessage. + # Set to -1 to let any chat be unread. + unread_hours_threshold: 720 + + ######################################################################### + # The settings below are only applicable if you are: # + # # + # 1. Using batch sending, which is no longer supported in Synapse. # + # 2. Running the bridge in backfill-only mode connecting to another # + # instance for portal creation via websocket commands. # + # # + # In other words, unless you are Beeper, the rest of the backfill # + # section very likely does not apply to you. # + ######################################################################### + # Is this bridge only meant for backfilling chats? + only_backfill: false + + # Settings for immediate backfills. These backfills should generally be small and their main purpose is + # to populate each of the initial chats (as configured by max_initial_conversations) with a few messages + # so that you can continue conversations without losing context. + immediate: + # The maximum number of events to backfill initially. + max_events: 25 + # Settings for deferred backfills. The purpose of these backfills are to fill in the rest of + # the chat history that was not covered by the immediate backfills. + # These backfills generally should happen at a slower pace so as not to overload the homeserver. + # Each deferred backfill config should define a "stage" of backfill (i.e. the last week of messages). + # The fields are as follows: + # - start_days_ago: the number of days ago to start backfilling from. + # To indicate the start of time, use -1. For example, for a week ago, use 7. + # - max_batch_events: the number of events to send per batch. + # - batch_delay: the number of seconds to wait before backfilling each batch. + deferred: + # Last Week + - start_days_ago: 7 + max_batch_events: 50 + batch_delay: 5 + # Last Month + - start_days_ago: 30 + max_batch_events: 100 + batch_delay: 10 + # Last 3 months + - start_days_ago: 90 + max_batch_events: 250 + batch_delay: 10 + # The start of time + - start_days_ago: -1 + max_batch_events: 500 + batch_delay: 10 + + # Whether or not the bridge should periodically resync chat and contact info. + periodic_sync: true + # Should the bridge look through joined rooms to find existing portals if the database has none? + # This can be used to recover from bridge database loss. + find_portals_if_db_empty: false + # Media viewer settings. See https://gitlab.com/beeper/media-viewer for more info. + # Used to send media viewer links instead of full files for attachments that are too big for MMS. + media_viewer: + # The address to the media viewer. If null, media viewer links will not be used. + url: null + # The homeserver domain to pass to the media viewer to use for downloading media. + # If null, will use the server name configured in the homeserver section. + homeserver: null + # The minimum number of bytes in a file before the bridge switches to using the media viewer when sending MMS. + # Note that for unencrypted files, this will use a direct link to the homeserver rather than the media viewer. + sms_min_size: 409600 + # Same as above, but for iMessages. + imessage_min_size: 52428800 + # Template text when inserting media viewer URLs. + # %s is replaced with the actual URL. + template: "Full size attachment: %s" + # Should we convert heif images to jpeg before re-uploading? This increases + # compatibility, but adds generation loss (reduces quality). + convert_heif: true + # Should we convert tiff images to jpeg before re-uploading? This increases + # compatibility, but adds generation loss (reduces quality). + convert_tiff: true + # Modern Apple devices tend to use h265 encoding for video, which is a licensed standard and therefore not + # supported by most major browsers. If enabled, all video attachments will be converted according to the + # ffmpeg args. + convert_video: + enabled: false + # Convert to h264 format (supported by all major browsers) at decent quality while retaining original + # audio. Modify these args to do whatever encoding/quality you want. + ffmpeg_args: ["-c:v", "libx264", "-preset", "faster", "-crf", "22", "-c:a", "copy"] + extension: "mp4" + mime_type: "video/mp4" + # The prefix for commands. + command_prefix: "!im" + # Should we rewrite the sender in a DM to match the chat GUID? + # This is helpful when the sender ID shifts depending on the device they use, since + # the bridge is unable to add participants to the chat post-creation. + force_uniform_dm_senders: true + # Should SMS chats always be in the same room as iMessage chats with the same phone number? + disable_sms_portals: false + # iMessage has weird IDs for group chats, so getting all messages in the same MMS group chat into the same Matrix room + # may require rerouting some messages based on the fake ReplyToGUID that iMessage adds. + reroute_mms_group_replies: false + # Whether or not created rooms should have federation enabled. + # If false, created portal rooms will never be federated. + federate_rooms: true + # Send captions in the same message as images using MSC2530? + # This is currently not supported in most clients. + caption_in_message: false + # Whether to explicitly set the avatar and room name for private chat portal rooms. + # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. + # If set to `always`, all DM rooms will have explicit names and avatars set. + # If set to `never`, DM rooms will never have names and avatars set. + private_chat_portal_meta: default + + # End-to-bridge encryption support options. + # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: false + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: false + # Whether or not to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. + appservice: false + # Require encryption, drop any unencrypted messages. + require: false + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow_key_sharing: false + # Options for deleting megolm sessions from the bridge. + delete_keys: + # Beeper-specific: delete outbound sessions when hungryserv confirms + # that the user has uploaded the key to key backup. + delete_outbound_on_ack: false + # Don't store outbound sessions in the inbound table. + dont_store_outbound: false + # Ratchet megolm sessions forward after decrypting messages. + ratchet_on_decrypt: false + # Delete fully used keys (index >= max_messages) after decrypting messages. + delete_fully_used_on_decrypt: false + # Delete previous megolm sessions from same device when receiving a new one. + delete_prev_on_new_session: false + # Delete megolm sessions received from a device when the device is deleted. + delete_on_device_delete: false + # Periodically delete megolm sessions when 2x max_age has passed since receiving the session. + periodically_delete_expired: false + # What level of device verification should be required from users? + # + # Valid levels: + # unverified - Send keys to all device in the room. + # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys. + # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes). + # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot. + # Note that creating user signatures from the bridge bot is not currently possible. + # verified - Require manual per-device verification + # (currently only possible by modifying the `trust` column in the `crypto_device` database table). + verification_levels: + # Minimum level for which the bridge should send keys to when bridging messages from WhatsApp to Matrix. + receive: unverified + # Minimum level that the bridge should accept for incoming Matrix messages. + send: unverified + # Minimum level that the bridge should require for accepting key requests. + share: cross-signed-tofu + # Options for Megolm room key rotation. These options allow you to + # configure the m.room.encryption event content. See: + # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for + # more information about that event. + rotation: + # Enable custom Megolm room key rotation settings. Note that these + # settings will only apply to rooms created after this option is + # set. + enable_custom: false + # The maximum number of milliseconds a session should be used + # before changing it. The Matrix spec recommends 604800000 (a week) + # as the default. + milliseconds: 604800000 + # The maximum number of messages that should be sent with a given a + # session before changing it. The Matrix spec recommends 100 as the + # default. + messages: 100 + + # Disable rotating keys when a user's devices change? + # You should not enable this option unless you understand all the implications. + disable_device_change_key_rotation: false +{% raw %} + # Settings for relay mode + relay: + # Whether relay mode should be allowed. + enabled: false + # A list of user IDs and server names who are allowed to be relayed through this bridge. Use * to allow everyone. + whitelist: [] + # The formats to use when relaying messages to iMessage. + message_formats: + m.text: "{{ .Sender.Displayname }}: {{ .Message }}" + m.notice: "{{ .Sender.Displayname }}: {{ .Message }}" + m.emote: "* {{ .Sender.Displayname }} {{ .Message }}" + m.file: "{{ .Sender.Displayname }} sent a file: {{ .FileName }}" + m.image: "{{ .Sender.Displayname }} sent an image: {{ .FileName }}" + m.audio: "{{ .Sender.Displayname }} sent an audio file: {{ .FileName }}" + m.video: "{{ .Sender.Displayname }} sent a video: {{ .FileName }}" +{% endraw %} + +# Logging config. See https://github.com/tulir/zeroconfig for details. +logging: + min_level: debug + writers: + - type: stdout + format: pretty-colored + - type: file + format: json + filename: ./logs/mautrix-imessage.log + max_size: 100 + max_backups: 10 + compress: true + +# This may be used by external config managers. mautrix-imessage does not read it, but will carry it across configuration migrations. +revision: 0 \ No newline at end of file diff --git a/roles/docker-matrix-compose/templates/mautrix/instagram.config.yml.j2 b/roles/docker-matrix-compose/templates/mautrix/instagram.config.yml.j2 new file mode 100644 index 00000000..26cd5f60 --- /dev/null +++ b/roles/docker-matrix-compose/templates/mautrix/instagram.config.yml.j2 @@ -0,0 +1,416 @@ +# Homeserver details +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: http://synapse:8008 + # The domain of the homeserver (also known as server_name, used for MXIDs, etc). + domain: {{matrix_server_name}} + # Whether or not to verify the SSL certificate of the homeserver. + # Only applies if address starts with https:// + verify_ssl: true + # What software is the homeserver running? + # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. + software: standard + # Number of retries for all HTTP requests if the homeserver isn't reachable. + http_retry_count: 4 + # The URL to push real-time bridge status to. + # If set, the bridge will make POST requests to this URL whenever a user's Instagram MQTT connection state changes. + # The bridge will use the appservice as_token to authorize requests. + status_endpoint: null + # Endpoint for reporting per-message status. + message_send_checkpoint_endpoint: null + # Whether asynchronous uploads via MSC2246 should be enabled for media. + # Requires a media repo that supports MSC2246. + async_media: false + +# Application service host/registration related details +# Changing these values requires regeneration of the registration. +appservice: + # The address that the homeserver can use to connect to this appservice. + address: http://mautrix-instagram:29330 + # When using https:// the TLS certificate and key files for the address. + tls_cert: false + tls_key: false + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 29330 + # The maximum body size of appservice API requests (from the homeserver) in mebibytes + # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s + max_body_size: 1 + + # The full URI to the database. SQLite and Postgres are supported. + # Format examples: + # SQLite: sqlite:filename.db + # Postgres: postgres://username:password@hostname/dbname + database: postgres://mautrix_instagram_bridge:{{mautrix_instagram_bridge_database_password}}@{{database_host}}/mautrix_instagram_bridge + # Additional arguments for asyncpg.create_pool() or sqlite3.connect() + # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool + # https://docs.python.org/3/library/sqlite3.html#sqlite3.connect + # For sqlite, min_size is used as the connection thread pool size and max_size is ignored. + # Additionally, SQLite supports init_commands as an array of SQL queries to run on connect (e.g. to set PRAGMAs). + database_opts: + min_size: 1 + max_size: 10 + + # The unique ID of this appservice. + id: instagram + # Username of the appservice bot. + bot_username: instagrambot + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + bot_displayname: Instagram bridge bot + bot_avatar: mxc://maunium.net/JxjlbZUlCPULEeHZSwleUXQv + + # Whether or not to receive ephemeral events via appservice transactions. + # Requires MSC2409 support (i.e. Synapse 1.22+). + # You should disable bridge -> sync_with_custom_puppets when this is enabled. + ephemeral_events: true + + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. + as_token: "This value is generated when generating the registration" + hs_token: "This value is generated when generating the registration" + +# Segment-compatible analytics endpoint for tracking some events, like provisioning API login and encryption errors. +analytics: + # Hostname of the tracking server. The path is hardcoded to /v1/track + host: api.segment.io + # API key to send with tracking requests. Tracking is disabled if this is null. + token: null + # Optional user ID for tracking events. If null, defaults to using Matrix user ID. + user_id: null + +# Prometheus telemetry config. Requires prometheus-client to be installed. +metrics: + enabled: false + listen_port: 8000 + +# Manhole config. +manhole: + # Whether or not opening the manhole is allowed. + enabled: false + # The path for the unix socket. + path: /var/tmp/mautrix-instagram.manhole + # The list of UIDs who can be added to the whitelist. + # If empty, any UIDs can be specified in the open-manhole command. + whitelist: + - 0 + +instagram: + # Seed for generating devices. This is secret because the seed is used to generate + # device IDs, which can apparently be used to bypass two-factor authentication after + # logging out, because Instagram is insecure. + device_seed: generate + + mqtt_keepalive: 60 + +# Bridge config +bridge: + # Localpart template of MXIDs for Instagram users. + # {userid} is replaced with the user ID of the Instagram user. + username_template: "instagram_{userid}" + # Displayname template for Instagram users. + # {displayname} is replaced with the display name of the Instagram user. + # {username} is replaced with the username of the Instagram user. + displayname_template: "{displayname} (Instagram)" + # Displayname template for 1:1 chat portals. Same variables as displayname_template. + private_chat_name_template: "{displayname}" + # Displayname template for group chat portals. Only {name} is available. + group_chat_name_template: "{name}" + + # Maximum length of displayname + displayname_max_length: 100 + + # The maximum number of conversations that should be synced when we get a + # message sync error. In general, 1 page (20) is sufficient. + max_startup_thread_sync_count: 20 + # Whether or not to use /sync to get read receipts and typing notifications + # when double puppeting is enabled + sync_with_custom_puppets: false + # Whether or not to update the m.direct account data event when double puppeting is enabled. + # Note that updating the m.direct event is not atomic (except with mautrix-asmux) + # and is therefore prone to race conditions. + sync_direct_chat_list: false + # Allow using double puppeting from any server with a valid client .well-known file. + double_puppet_allow_discovery: false + # Servers to allow double puppeting from, even if double_puppet_allow_discovery is false. + double_puppet_server_map: + {{matrix_server_name}}: https://{{synapse_domain}} + # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, custom puppets will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + # If using this for other servers than the bridge's server, + # you must also set the URL in the double_puppet_server_map. + login_shared_secret_map: + {{matrix_server_name}}: {{matrix_registration_shared_secret}} + # Whether or not created rooms should have federation enabled. + # If false, created portal rooms will never be federated. + federate_rooms: true + # Settings for backfilling messages from Instagram. + backfill: + # Enable initial backfill (~10 messages after creating portal)? + enable_initial: true + # Enable backfill queue? This is used for backfilling additional threads after the initial sync, + # and when MSC2716 is enabled, to backfill message history going backwards. + enable: false + # Use MSC2716 for backfilling? If this is disabled, backfilling only happens when syncing threads, + # and the incremental settings below don't apply. + # + # This requires a server with MSC2716 support, which is currently an experimental feature in Synapse. + # It can be enabled by setting experimental_features -> msc2716_enabled to true in homeserver.yaml. + msc2716: false + # Use double puppets for backfilling? + # In order to use this, the double puppets must be in the appservice's user ID namespace + # (because the bridge can't use the double puppet access token with batch sending). + # This only affects double puppets on the local server, double puppets on other servers will never be used. + double_puppet_backfill: false + # The maximum number of conversations that should be synced. + # Other conversations will be backfilled on demand when the start PM + # provisioning endpoint is used or when a message comes in from that + # chat. + # If set to -1, all conversations will by synced. + max_conversations: 20 + # The minimum amount of time to wait between syncing each thread. This + # helps avoid situations where you sync too quickly. + min_sync_thread_delay: 5 + # If this value is greater than 0, then if the conversation's last + # message was more than this number of hours ago, then the conversation + # will automatically be marked it as read. + # Conversations that have a last message that is less than this number + # of hours ago will have their unread status synced from Instagram. + unread_hours_threshold: 0 + + # Settings for how quickly to backoff when rate-limits are encountered + # while backfilling. + backoff: + # How many seconds to wait after getting rate limited during a + # thread list fetch. + thread_list: 300 + # How many seconds to wait after getting rate limited during a + # message history fetch. + message_history: 300 + + # Settings for backfills. + # + # During initial/incremental sync, the entirety of the thread that is + # available will be backfilled. For example, on initial sync, about 20 + # messages are included for each thread in the thread list returned by + # the server. After that, incremental backfills will be run for each of + # the portals in a round-robin fashion until all portals have been + # backfilled as configured below. + incremental: + # The maximum number of pages to backfill per batch. + max_pages: 10 + # The maximum number of total pages to backfill per portal. + # If set to -1, infinite pages will be synced. + max_total_pages: -1 + # The number of seconds to wait between backfilling each page. + page_delay: 5 + # The number of seconds to wait after backfilling the batch of + # messages. + post_batch_delay: 20 + + periodic_reconnect: + # Interval in seconds in which to automatically reconnect all users. + # This can be used to automatically mitigate the bug where Instagram stops sending messages. + # Set to -1 to disable periodic reconnections entirely. + interval: -1 + # Whether or not the bridge should backfill chats when reconnecting. + resync: true + # Should even disconnected users be reconnected? + always: false + + # URL to call to retrieve a proxy URL from (defaults to the http_proxy environment variable). + get_proxy_api_url: null + # Whether to use proxy for downloading media from Instagram. + use_proxy_for_media: true + + # End-to-bridge encryption support options. + # + # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: false + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: false + # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. + appservice: false + # Require encryption, drop any unencrypted messages. + require: false + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow_key_sharing: false + # Options for deleting megolm sessions from the bridge. + delete_keys: + # Beeper-specific: delete outbound sessions when hungryserv confirms + # that the user has uploaded the key to key backup. + delete_outbound_on_ack: false + # Don't store outbound sessions in the inbound table. + dont_store_outbound: false + # Ratchet megolm sessions forward after decrypting messages. + ratchet_on_decrypt: false + # Delete fully used keys (index >= max_messages) after decrypting messages. + delete_fully_used_on_decrypt: false + # Delete previous megolm sessions from same device when receiving a new one. + delete_prev_on_new_session: false + # Delete megolm sessions received from a device when the device is deleted. + delete_on_device_delete: false + # Periodically delete megolm sessions when 2x max_age has passed since receiving the session. + periodically_delete_expired: false + # Delete inbound megolm sessions that don't have the received_at field used for + # automatic ratcheting and expired session deletion. This is meant as a migration + # to delete old keys prior to the bridge update. + delete_outdated_inbound: false + # What level of device verification should be required from users? + # + # Valid levels: + # unverified - Send keys to all device in the room. + # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys. + # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes). + # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot. + # Note that creating user signatures from the bridge bot is not currently possible. + # verified - Require manual per-device verification + # (currently only possible by modifying the `trust` column in the `crypto_device` database table). + verification_levels: + # Minimum level for which the bridge should send keys to when bridging messages from Telegram to Matrix. + receive: unverified + # Minimum level that the bridge should accept for incoming Matrix messages. + send: unverified + # Minimum level that the bridge should require for accepting key requests. + share: cross-signed-tofu + # Options for Megolm room key rotation. These options allow you to + # configure the m.room.encryption event content. See: + # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for + # more information about that event. + rotation: + # Enable custom Megolm room key rotation settings. Note that these + # settings will only apply to rooms created after this option is + # set. + enable_custom: false + # The maximum number of milliseconds a session should be used + # before changing it. The Matrix spec recommends 604800000 (a week) + # as the default. + milliseconds: 604800000 + # The maximum number of messages that should be sent with a given a + # session before changing it. The Matrix spec recommends 100 as the + # default. + messages: 100 + + # Disable rotating keys when a user's devices change? + # You should not enable this option unless you understand all the implications. + disable_device_change_key_rotation: false + + # Whether to explicitly set the avatar and room name for private chat portal rooms. + # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. + # If set to `always`, all DM rooms will have explicit names and avatars set. + # If set to `never`, DM rooms will never have names and avatars set. + private_chat_portal_meta: default + # Whether or not the bridge should send a read receipt from the bridge bot when a message has + # been sent to Instagram. + delivery_receipts: false + # Whether or not delivery errors should be reported as messages in the Matrix room. + delivery_error_reports: false + # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. + message_status_events: false + # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. + # This field will automatically be changed back to false after it, + # except if the config file is not writable. + resend_bridge_info: false + # Whether or not unimportant bridge notices should be sent to the user. + # (e.g. connected, disconnected but will retry) + unimportant_bridge_notices: true + # Disable bridge notices entirely + disable_bridge_notices: false + # Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552. + # This is currently not supported in most clients. + caption_in_message: false + + # Should Matrix m.notice-type messages be bridged? + bridge_notices: true + + # Should Matrix typing notices be sent to Instagram? Typing notifications + # from Instagram will still be bridged. + bridge_matrix_typing: true + + # Provisioning API part of the web server for automated portal creation and fetching information. + # Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager). + provisioning: + # Whether or not the provisioning API should be enabled. + enabled: true + # The prefix to use in the provisioning API endpoints. + prefix: /_matrix/provision/v1 + # The shared secret to authorize users of the API. + # Set to "generate" to generate and save a new token. + shared_secret: generate + + # The prefix for commands. Only required in non-management rooms. + command_prefix: "!ig" + + # Permissions for using the bridge. + # Permitted values: + # relay - Allowed to be relayed through the bridge, no access to commands. + # user - Use the bridge with puppeting. + # admin - Use and administrate the bridge. + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: + "*": relay + "{{matrix_server_name}}": user + "@{{matrix_admin_name}}:{{matrix_server_name}}": admin + + relay: + # Whether relay mode should be allowed. If allowed, `!ig set-relay` can be used to turn any + # authenticated user into a relaybot for that chat. + enabled: false + # The formats to use when sending messages to Instagram via a relay user. + # + # Available variables: + # $sender_displayname - The display name of the sender (e.g. Example User) + # $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser) + # $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com) + # $message - The message content + # + # Note that Instagram doesn't support captions for images, so images won't include any indication of being relayed. + message_formats: + m.text: '$sender_displayname: $message' + m.notice: '$sender_displayname: $message' + m.emote: '* $sender_displayname $message' + +# Python logging configuration. +# +# See section 16.7.2 of the Python documentation for more info: +# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema +logging: + version: 1 + formatters: + colored: + (): mautrix_instagram.util.ColorFormatter + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + normal: + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + handlers: + file: + class: logging.handlers.RotatingFileHandler + formatter: normal + filename: ./mautrix-instagram.log + maxBytes: 10485760 + backupCount: 10 + console: + class: logging.StreamHandler + formatter: colored + loggers: + mau: + level: DEBUG + mauigpapi: + level: DEBUG + aiohttp: + level: INFO + paho.mqtt: + level: INFO + root: + level: DEBUG + handlers: [file, console] \ No newline at end of file