Updated backup procedure for matrix and deactivated plugin chatgpt and slack

group_vars/all

@@ -212,7 +212,7 @@ moodle_user_name:       "{{administrator_username}}"
 moodle_user_email:      "{{administrator_email}}"
 
 #### Nextcloud
-nextcloud_version:      "production"  # Danger: Nextcloud can't skipp major version updates.
+nextcloud_version:      "production"  # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/
 
 #### Peertube
 peertube_version:       "bookworm"

roles/docker-mailu/README.md

@@ -15,6 +15,7 @@ This guide provides instructions for setting up, operating, and maintaining the
 - [Testing](#testing)
 - [Updates](#updates)
 - [To-Do](#to-do)
+- [Spam Issues][#spam-issues]
 - [References](#references)
 
 ## Setup
@@ -122,6 +123,25 @@ Use the following tools for testing:
 
 For instructions on updating your Mailu setup, follow the official [Mailu maintenance guide](https://mailu.io/master/maintain.html).
 
+## Spam Issues
+
+### Inspect
+
+To inspect use:
+- [Google Postmaster](https://postmaster.google.com/)
+- [Yahoo Postmaster](https://postmaster.yahooinc.com)
+
+### Blacklisted
+It may be that your domain is blacklisted. In this case check out:
+
+- [Spamhaus](https://check.spamhaus.org/)
+- [Barracuda](https://www.barracudacentral.org/lookups)
+
+### Reset
+- [Cloudmark](https://csi.cloudmark.com/en/reset/)
+
+
+
 ## To-Do
 
 - Implement two-factor authentication in Roundcube Webmail. More information can be found [here](https://blog.kuepper.nrw/2019/03/30/roundcube-webmail-mit-zwei-faktor-authentifizierung/).

roles/docker-matrix-compose/tasks/main.yml

@@ -96,9 +96,17 @@
     dest: "{{docker_compose_instance_directory}}docker-compose.yml"
   notify: docker compose project setup
 
+# Pull image when update is wished. 
+# @todo This should be moved to update-docker
+- name: docker compose pull
+  command:
+    cmd: docker-compose -p "{{docker_compose_project_name}}" pull
+    chdir: "{{docker_compose_instance_directory}}"
+  when: mode_update | bool
+
 - name: docker compose project setup
   command:
-    cmd: docker-compose -p "{{docker_compose_project_name}}" up -d --force-recreate
+    cmd: docker-compose -p "{{docker_compose_project_name}}" up -d
     chdir: "{{docker_compose_instance_directory}}"
   environment:
     COMPOSE_HTTP_TIMEOUT:   600

roles/docker-matrix-compose/templates/docker-compose.yml.j2

@@ -61,49 +61,50 @@ services:
       retries: 3
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% endfor %}
-
-  matrix-chatgpt-bot:
-    restart: {{docker_restart_policy}}
-    container_name: matrix-chatgpt
-    image: ghcr.io/matrixgpt/matrix-chatgpt-bot:latest
-    volumes:
-      - chatgpt_data:/storage
-    environment:
-      OPENAI_API_KEY: '{{matrix_chatgpt_bridge_openai_api_key}}'
-      # Uncomment the next two lines if you are using Azure OpenAI API
-      # OPENAI_AZURE: 'false'
-      # CHATGPT_REVERSE_PROXY: 'your-completion-endpoint-here'
-      CHATGPT_CONTEXT: 'thread'
-      CHATGPT_API_MODEL: 'gpt-3.5-turbo'
-      # Uncomment and edit the next line if needed
-      # CHATGPT_PROMPT_PREFIX: 'Instructions:\nYou are ChatGPT, a large language model trained by OpenAI.'
-      # CHATGPT_IGNORE_MEDIA: 'false'
-      CHATGPT_REVERSE_PROXY: 'https://api.openai.com/v1/chat/completions'
-      # Uncomment and edit the next line if needed
-      # CHATGPT_TEMPERATURE: '0.8'
-      # Uncomment and edit the next line if needed
-      # CHATGPT_MAX_CONTEXT_TOKENS: '4097'
-      # CHATGPT_MAX_PROMPT_TOKENS: '3097'
-      KEYV_BACKEND: 'file'
-      KEYV_URL: ''
-      KEYV_BOT_ENCRYPTION: 'false'
-      KEYV_BOT_STORAGE: 'true'
-      MATRIX_HOMESERVER_URL: 'https://{{synapse_domain}}'
-      MATRIX_BOT_USERNAME: '@chatgptbot:{{matrix_server_name}}'
-      MATRIX_ACCESS_TOKEN: '{{ matrix_chatgpt_bridge_access_token | default('') }}'
-      MATRIX_BOT_PASSWORD: '{{matrix_chatgpt_bridge_user_password}}'
-      MATRIX_DEFAULT_PREFIX: '!chatgpt'
-      MATRIX_DEFAULT_PREFIX_REPLY: 'false'
-      #MATRIX_BLACKLIST: ''
-      MATRIX_WHITELIST: ':{{matrix_server_name}}'
-      MATRIX_AUTOJOIN: 'true'
-      MATRIX_ENCRYPTION: 'true'
-      MATRIX_THREADS: 'true'
-      MATRIX_PREFIX_DM: 'false'
-      MATRIX_RICH_TEXT: 'true'
+# Deactivated chatgpt. 
+# @todo needs to be reactivated as soon as bug is found
+#  matrix-chatgpt-bot:
+#    restart: {{docker_restart_policy}}
+#    container_name: matrix-chatgpt
+#    image: ghcr.io/matrixgpt/matrix-chatgpt-bot:latest
+#    volumes:
+#      - chatgpt_data:/storage
+#    environment:
+#      OPENAI_API_KEY: '{{matrix_chatgpt_bridge_openai_api_key}}'
+#      # Uncomment the next two lines if you are using Azure OpenAI API
+#      # OPENAI_AZURE: 'false'
+#      # CHATGPT_REVERSE_PROXY: 'your-completion-endpoint-here'
+#      CHATGPT_CONTEXT: 'thread'
+#      CHATGPT_API_MODEL: 'gpt-3.5-turbo'
+#      # Uncomment and edit the next line if needed
+#      # CHATGPT_PROMPT_PREFIX: 'Instructions:\nYou are ChatGPT, a large language model trained by OpenAI.'
+#      # CHATGPT_IGNORE_MEDIA: 'false'
+#      CHATGPT_REVERSE_PROXY: 'https://api.openai.com/v1/chat/completions'
+#      # Uncomment and edit the next line if needed
+#      # CHATGPT_TEMPERATURE: '0.8'
+#      # Uncomment and edit the next line if needed
+#      #CHATGPT_MAX_CONTEXT_TOKENS: '4097'
+#      CHATGPT_MAX_PROMPT_TOKENS: '3000'
+#      KEYV_BACKEND: 'file'
+#      KEYV_URL: ''
+#      KEYV_BOT_ENCRYPTION: 'false'
+#      KEYV_BOT_STORAGE: 'true'
+#      MATRIX_HOMESERVER_URL: 'https://{{synapse_domain}}'
+#      MATRIX_BOT_USERNAME: '@chatgptbot:{{matrix_server_name}}'
+#      MATRIX_ACCESS_TOKEN: '{{ matrix_chatgpt_bridge_access_token | default('') }}'
+#      MATRIX_BOT_PASSWORD: '{{matrix_chatgpt_bridge_user_password}}'
+#      MATRIX_DEFAULT_PREFIX: '!chatgpt'
+#      MATRIX_DEFAULT_PREFIX_REPLY: 'false'
+#      #MATRIX_BLACKLIST: ''
+#      MATRIX_WHITELIST: ':{{matrix_server_name}}'
+#      MATRIX_AUTOJOIN: 'true'
+#      MATRIX_ENCRYPTION: 'true'
+#      MATRIX_THREADS: 'true'
+#      MATRIX_PREFIX_DM: 'false'
+#      MATRIX_RICH_TEXT: 'true'
 
 {% include 'templates/docker/compose/volumes.yml.j2' %}
   synapse_data:
-  chatgpt_data:
+#  chatgpt_data:
 
 {% include 'templates/docker/compose/networks.yml.j2' %}

roles/docker-matrix-compose/vars/main.yml

@@ -21,10 +21,12 @@ bridges:
     database_name:      "mautrix_signal_bridge"
     bridge_name:        "signal"
 
-  - database_password:  "{{ mautrix_slack_bridge_database_password }}"
-    database_username:  "mautrix_slack_bridge"
-    database_name:      "mautrix_slack_bridge"
-    bridge_name:        "slack"
+# Deactivated temporary, due to bug which is hard to find 
+# @todo Reactivate 
+#  - database_password:  "{{ mautrix_slack_bridge_database_password }}"
+#    database_username:  "mautrix_slack_bridge"
+#    database_name:      "mautrix_slack_bridge"
+#    bridge_name:        "slack"
 
   - database_password:  "{{ mautrix_facebook_bridge_database_password }}"
     database_username:  "mautrix_facebook_bridge"

roles/docker-nextcloud/templates/docker-compose.yml.j2

@@ -17,6 +17,7 @@ services:
       MYSQL_USER: "{{database_username}}"
       MYSQL_PASSWORD: "{{database_password}}"
       MYSQL_HOST: {{database_host}}:3306
+      PHP_MEMORY_LIMIT: 1G # Required for plugin duplicate finder
 {% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 

roles/docker-nextcloud/templates/nginx.conf.j2

@@ -12,7 +12,9 @@ events {
 http {
     include       /etc/nginx/mime.types;
     default_type  application/octet-stream;
-
+    types {
+        application/javascript mjs;
+    }
     log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                       '$status $body_bytes_sent "$http_referer" '
                       '"$http_user_agent" "$http_x_forwarded_for"';

roles/update-docker/files/update-docker.py

@@ -22,7 +22,7 @@ def run_command(command):
         if process and process.stdout:
             process.stdout.close()
 
-def git_pull(directory):
+def git_pull():
     """
     Checks whether the Git repository in the specified directory is up to date and performs a git pull if necessary.
 
@@ -32,8 +32,7 @@ def git_pull(directory):
     Returns:
         bool: True if a git pull was performed, otherwise False.
     """
-    os.chdir(directory)
-    print(f"Checking if the git repository in {directory} is up to date.")
+    print(f"Checking if the git repository is up to date.")
     local = subprocess.check_output("git rev-parse @", shell=True).decode().strip()
     remote = subprocess.check_output("git rev-parse @{u}", shell=True).decode().strip()
     
@@ -59,8 +58,7 @@ def get_image_digests(directory):
         else:
             raise  # Other errors are still raised
 
-def is_any_service_up(directory):
-    os.chdir(directory)
+def is_any_service_up():
     process = subprocess.Popen("docker-compose ps -q", shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
     output, _ = process.communicate()
     service_ids = output.decode().strip().splitlines()
@@ -70,26 +68,23 @@ def is_any_service_up(directory):
         return False  # No services are up
     return True  # At least one service is up
 
-
-def update_docker(directory):
-    print(f"Checking for updates to Docker images in {directory}.")
-    os.chdir(directory)
-    before_digests = get_image_digests(directory)
+def pull_docker_images():
     print("Pulling docker images.")
-    
-    need_to_build=False
-    
     try:
         run_command("docker-compose pull")
     except subprocess.CalledProcessError as e:
         if "pull access denied" in e.output.decode() or "must be built from source" in e.output.decode():
             print("Need to build the image from source.")
-            need_to_build=True
+            return True
         else:
             print("Failed to pull images with unexpected error.")
             raise
+    return False
 
-    
+def update_docker(directory):
+    print(f"Checking for updates to Docker images in {directory}.")        
+    before_digests = get_image_digests(directory)
+    need_to_build = pull_docker_images()
     after_digests = get_image_digests(directory)
     if before_digests != after_digests:
         print("Changes detected in image digests. Rebuilding containers.")
@@ -128,9 +123,8 @@ def update_procedure(command):
                 print("All attempts to update Nextcloud apps have failed.")
                 raise  # Re-raise the last exception after all attempts fail
 
-
 def start_docker(directory):
-    if is_any_service_up(directory):
+    if is_any_service_up():
         print(f"Restarting containers in {directory}.")
         run_command("docker-compose up -d --force-recreate")
     else:
@@ -146,9 +140,10 @@ if __name__ == "__main__":
         if dir_entry.is_dir():
             dir_path = dir_entry.path
             print(f"Checking for updates in: {dir_path}")
+            os.chdir(dir_path)
             
             if os.path.isdir(os.path.join(dir_path, ".git")):
-                git_repository_was_pulled = git_pull(dir_path)
+                git_repository_was_pulled = git_pull()
             
             # Discourse is an exception and uses own update command instead of docker compose
             if os.path.basename(dir_path) == "discourse":
@@ -156,8 +151,16 @@ if __name__ == "__main__":
                     update_discourse(dir_path)
                 else:
                     print("Discourse update skipped. No changes in git repository.")
+            if os.path.basename(dir_path) == "matrix":
+                # No autoupdate for matrix is possible atm, 
+                # due to the reason that the role has to be executed every time.
+                # The update has to be executed in the role
+                # @todo implement in future
+                pass
             else:
+                # Pull and update docker images
                 update_docker(dir_path)
+                
                 # Nextcloud needs additional update procedures
                 if os.path.basename(dir_path) == "nextcloud":
                     update_nextcloud()