Changed element domain to fitt to new matrix setup

Solved bug
Matrix debugging
2024-11-22 04:31:13 +01:00 · 2023-12-21 20:42:33 +01:00 · 2023-12-21 20:29:44 +01:00 · 2023-12-21 19:50:19 +01:00 · 2023-12-21 18:06:30 +01:00 · 2023-12-21 17:50:51 +01:00
13 changed files with 221 additions and 733 deletions
--- a/group_vars/all
+++ b/group_vars/all
@ -103,7 +103,6 @@ redirect_domain_mappings:
 - { source: "funkwhale.{{top_domain}}", target: "music.{{top_domain}}" }
 - { source: "pixelfed.{{top_domain}}", target: "picture.{{top_domain}}" }
 - { source: "pictures.{{top_domain}}", target: "picture.{{top_domain}}" }
 - { source: "element.{{top_domain}}", target: "chat.{{top_domain}}" }
 ## Docker Applications
@ -121,7 +120,7 @@ domain_mastodon:                "microblog.{{top_domain}}"
 domains_mastodon_alternates:    []
 domain_matomo:                  "matomo.{{top_domain}}"
 domain_matrix_synapse:          "matrix.{{top_domain}}"
-domain_matrix_element:          "chat.{{top_domain}}"
+domain_matrix_element:          "element.{{top_domain}}"
 domain_mediawiki:               "wiki.{{top_domain}}"
 domain_nextcloud:               "cloud.{{top_domain}}"
 domain_pixelfed:                "picture.{{top_domain}}"
@ -141,3 +140,10 @@ version_mastodon:   "latest"
 pixelfed_app_name:  "Pictures"
 top_domain:         "localhost"
 # Prints well formated debug information
 verbose:                false
 # Tags used by the matrix playbook
 # For the initial update use: install-all,ensure-matrix-users-created,start
 matrix_playbook_tags:   "setup-all,start"
--- a/roles/docker-matrix/.gitignore
+++ b/roles/docker-matrix/.gitignore
@ -0,0 +1 @@
 matrix-docker-ansible-deploy/
--- a/roles/docker-matrix/handlers/main.yml
+++ b/roles/docker-matrix/handlers/main.yml
@ -1,8 +0,0 @@
 ---
 - name: recreate matrix
  command:
    cmd: docker-compose up -d --force-recreate
    chdir: "{{docker_compose_instance_directory}}"
  environment:
    COMPOSE_HTTP_TIMEOUT: 600
    DOCKER_CLIENT_TIMEOUT: 600
--- a/roles/docker-matrix/tasks/main.yml
+++ b/roles/docker-matrix/tasks/main.yml
@ -1,59 +1,142 @@
 ---
 - name: "include tasks nginx-docker-proxy-domain.yml"
  include_tasks: nginx-docker-proxy-domain.yml
-  vars:
+  loop: "{{ domains }}"
-    domain:     "{{synapse_domain}}"
+  loop_control:
-    http_port:  "{{synapse_http_port}}"
+    loop_var: domain
- name: "include tasks nginx-docker-proxy-domain.yml"
+- name: Clone the git repository
-  include_tasks: nginx-docker-proxy-domain.yml
+  git:
-  vars:        
+    repo: https://github.com/spantaleev/matrix-docker-ansible-deploy.git
-    domain:     "{{element_domain}}"
+    dest: "{{ local_repository_directory }}"
-    http_port:  "{{element_http_port}}"
+    update: yes
  delegate_to: localhost
  become: false
- name: "create {{docker_compose_instance_directory}}"
+- name: create temporary inventory directory
-  file:
+  tempfile:
    path: "{{docker_compose_instance_directory}}"
    state: directory
-    mode: 0755
+  register: matrix_inventory_tmp_dir
  delegate_to: localhost
  become: false
- name: "create {{docker_compose_instance_directory}}mautrix_whatsapp"
+- name: protect inventory directory
  file:
-    path: "{{docker_compose_instance_directory}}mautrix_whatsapp"
+    path: "{{ matrix_inventory_tmp_dir.path }}"
    mode: '0700'
  delegate_to: localhost
  become: false
 # Host file
 - name: set the hosts files path
  set_fact:
    hosts_path: "{{ matrix_inventory_tmp_dir.path }}/hosts.yml"
 - name: create hosts.yml
  template: 
    src:  "hosts.yml.j2" 
    dest: "{{hosts_path}}"
  become: false
  delegate_to: localhost
 # Vars file
 - name: set the vars folder path
  set_fact:
    vars_folder_path: "{{ matrix_inventory_tmp_dir.path }}/host_vars/{{inventory_hostname}}/"
 - name: create vars directory
  file:
    path: "{{vars_folder_path}}"
    state: directory
-    mode: 0755
+    recurse: yes
  delegate_to: localhost
  become: false
- name: add whatsapp-bridge-config.yml
+- name: set the vars path
  set_fact:
    vars_file_path: "{{ vars_folder_path }}vars.yml"
 - name: create vars.yml
  template: 
-    src:  "whatsapp-bridge-config.yml.j2" 
+    src:  "vars.yml.j2" 
-    dest: "{{docker_compose_instance_directory}}mautrix_whatsapp/config.yml"
+    dest: "{{vars_file_path}}"
-  notify: recreate matrix
+  become: false
  delegate_to: localhost
 - name: add element-config.json
  template: 
    src:  "element-config.json.j2" 
    dest: "{{docker_compose_instance_directory}}element-config.json"
  notify: recreate matrix
- name: add homeserver.yaml
+- name: show variable information
-  template: 
+  debug:
-    src:  "homeserver.yaml.j2" 
+    msg: "hosts_path: {{hosts_path}}\nmatrix_inventory_tmp_dir:{{ matrix_inventory_tmp_dir }}"
-    dest: "{{docker_compose_instance_directory}}homeserver.yaml"
+  when: verbose | bool
  notify: recreate matrix
- name: add log.config
+- name: install requirements
-  template: 
+  local_action: command just roles
-    src:  "log.config.j2" 
+  args:
-    dest: "{{docker_compose_instance_directory}}{{synapse_domain}}.log.config"
+    chdir: "{{ local_repository_directory }}"
-  notify: recreate matrix
+  become: false
-# https://github.com/matrix-org/synapse/issues/6303
+- name: play matrix-docker-ansible-deploy
- name: set correct folder permissions
+  local_action: "command ansible-playbook -i {{hosts_path}} {{local_repository_directory}}/setup.yml -vvv --tags={{matrix_playbook_tags}}"
-  command:
+  become: false
    cmd: "docker run --rm --mount type=volume,src=matrix_synapse_data,dst=/data -e SYNAPSE_SERVER_NAME={{synapse_domain}} -e SYNAPSE_REPORT_STATS=no --entrypoint /bin/sh matrixdotorg/synapse:latest -c 'chown -vR 991:991 /data'"
- name: add docker-compose.yml
+
-  template: 
+  
-    src:  "docker-compose.yml.j2" 
+#- name: delete inventory directory
-    dest: "{{docker_compose_instance_directory}}docker-compose.yml"
+#  file:
-  notify: recreate matrix
+#    path: "{{ matrix_inventory_tmp_dir.path }}"
 #    state: absent
 #  delegate_to: localhost
 #  become: false
 #
 #- name: "create {{docker_compose_instance_directory}}"
 #  file:
 #    path: "{{docker_compose_instance_directory}}"
 #    state: directory
 #    mode: 0755
 #
 #- name: "create {{docker_compose_instance_directory}}mautrix_whatsapp"
 #  file:
 #    path: "{{docker_compose_instance_directory}}mautrix_whatsapp"
 #    state: directory
 #    mode: 0755
 #
 #- name: add whatsapp-bridge-config.yml
 #  template: 
 #    src:  "whatsapp-bridge-config.yml.j2" 
 #    dest: "{{docker_compose_instance_directory}}mautrix_whatsapp/config.yml"
 #  notify: recreate matrix
 #
 #- name: add element-config.json
 #  template: 
 #    src:  "element-config.json.j2" 
 #    dest: "{{docker_compose_instance_directory}}element-config.json"
 #  notify: recreate matrix
 #
 #- name: add homeserver.yaml
 #  template: 
 #    src:  "homeserver.yaml.j2" 
 #    dest: "{{docker_compose_instance_directory}}homeserver.yaml"
 #  notify: recreate matrix
 #
 #- name: add log.config
 #  template: 
 #    src:  "log.config.j2" 
 #    dest: "{{docker_compose_instance_directory}}{{synapse_domain}}.log.config"
 #  notify: recreate matrix
 #
 ## https://github.com/matrix-org/synapse/issues/6303
 #- name: set correct folder permissions
 #  command:
 #    cmd: "docker run --rm --mount type=volume,src=matrix_synapse_data,dst=/data -e SYNAPSE_SERVER_NAME={{synapse_domain}} -e SYNAPSE_REPORT_STATS=no --entrypoint /bin/sh matrixdotorg/synapse:latest -c 'chown -vR 991:991 /data'"
 #
 #- name: add docker-compose.yml
 #  template: 
 #    src:  "docker-compose.yml.j2" 
 #    dest: "{{docker_compose_instance_directory}}docker-compose.yml"
 #  notify: recreate matrix
--- a/roles/docker-matrix/templates/docker-compose.yml.j2
+++ b/roles/docker-matrix/templates/docker-compose.yml.j2
@ -1,84 +0,0 @@
 version: '3.1'
 services:
  synapse:
    image: matrixdotorg/synapse:latest
    restart: always
    logging:
      driver: journald
    volumes:
      - synapse_data:/data
      - ./homeserver.yaml:/data/homeserver.yaml:ro
      - ./{{synapse_domain}}.log.config:/data/{{synapse_domain}}.log.config:ro
    environment:
      - SYNAPSE_SERVER_NAME={{synapse_domain}}
      - SYNAPSE_REPORT_STATS=no
    ports:
      - "127.0.0.1:{{synapse_http_port}}:8008"
    depends_on:
      - database
  database:
    logging:
      driver: journald
    image: postgres:16
    restart: unless-stopped
    volumes:
      - database:/var/lib/postgresql/data
    environment:
      - POSTGRES_DB=matrix
      - POSTGRES_USER=matrix
      - POSTGRES_PASSWORD={{matrix_database_password}}
      - POSTGRES_INITDB_ARGS=--encoding=UTF8 --locale=C
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U matrix"]
      interval: 10s
      timeout: 5s
      retries: 6
  element:
    image: vectorim/element-web:latest
    restart: unless-stopped
    volumes:
      - ./element-config.json:/app/config.json
    ports:
      - "127.0.0.1:{{element_http_port}}:80"
  # bridges
  #mautrix-telegram:
  #  container_name: mautrix-telegram
  #  image: dock.mau.dev/mautrix/telegram:<version>
  #  restart: unless-stopped
  #  volumes:
  #  - telegram_bridge_data:/data
  #mautrix-whatsapp:
  #  container_name: mautrix-whatsapp
  #  image: dock.mau.dev/mautrix/whatsapp:latest
  #  restart: unless-stopped
  #  volumes:
  #  - ./mautrix_whatsapp:/data
  #mautrix-facebook:
  #  container_name: mautrix-facebook
  #  image: dock.mau.dev/mautrix/facebook:<version>
  #  restart: unless-stopped
  #  volumes:
  #  - facebook_bridge_data:/data
  #mautrix-instagram:
  #  container_name: mautrix-instagram
  #  image: dock.mau.dev/mautrix/instagram:<version>
  #  restart: unless-stopped
  #  volumes:
  #  - instagram_bridge_data:/data  
 volumes:
  database:
  synapse_data:
  #telegram_bridge_data:
  #whatsapp_bridge_data:
  #facebook_bridge_data:
  #instagram_bridge_data:
 networks:
  default:
    driver: bridge
--- a/roles/docker-matrix/templates/element-config.json.j2
+++ b/roles/docker-matrix/templates/element-config.json.j2
@ -1,59 +0,0 @@
 {
    "default_server_config": {
        "m.homeserver": {
            "base_url": "https://{{domain_matrix_synapse}}",
            "server_name": "{{domain_matrix_synapse}}"
        },
        "m.identity_server": {
            "base_url": "https://{{top_domain}}"
        }
    },
    "brand": "Element",
    "integrations_ui_url": "https://scalar.vector.im/",
    "integrations_rest_url": "https://scalar.vector.im/api",
    "integrations_widgets_urls": [
        "https://scalar.vector.im/_matrix/integrations/v1",
        "https://scalar.vector.im/api",
        "https://scalar-staging.vector.im/_matrix/integrations/v1",
        "https://scalar-staging.vector.im/api",
        "https://scalar-staging.riot.im/scalar/api"
    ],
    "bug_report_endpoint_url": "https://element.io/bugreports/submit",
    "uisi_autorageshake_app": "element-auto-uisi",
    "show_labs_settings": true,
    "room_directory": {
        "servers": ["matrix.org", "gitter.im", "libera.chat"]
    },
    "enable_presence_by_hs_url": {
        "https://matrix.org": false,
        "https://matrix-client.matrix.org": false
    },
    "terms_and_conditions_links": [
        {
            "url": "https://element.io/privacy",
            "text": "Privacy Policy"
        },
        {
            "url": "https://element.io/cookie-policy",
            "text": "Cookie Policy"
        }
    ],
    "sentry": {
        "dsn": "https://029a0eb289f942508ae0fb17935bd8c5@sentry.matrix.org/6",
        "environment": "develop"
    },
    "posthog": {
        "project_api_key": "phc_Jzsm6DTm6V2705zeU5dcNvQDlonOR68XvX2sh1sEOHO",
        "api_host": "https://posthog.element.io"
    },
    "privacy_policy_url": "https://element.io/cookie-policy",
    "features": {
        "feature_video_rooms": true,
        "feature_rust_crypto": true,
        "feature_new_room_decoration_ui": true
    },
    "element_call": {
        "url": "https://call.element.dev"
    },
    "map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"
 }
--- a/roles/docker-matrix/templates/homeserver.yaml.j2
+++ b/roles/docker-matrix/templates/homeserver.yaml.j2
@ -1,46 +0,0 @@
 server_name: "{{domain_matrix_synapse}}"
 pid_file: /data/homeserver.pid
 listeners:
  - port: 8008
    tls: false
    type: http
    x_forwarded: true
    resources:
      - names: [client, federation]
        compress: false
 database:
  name: psycopg2
  args:
    user: matrix
    password: {{matrix_database_password}}
    database: matrix
    host: database
    cp_min: 5
    cp_max: 10
 log_config:                     "/data/{{domain_matrix_synapse}}.log.config"
 media_store_path:               /data/media_store
 registration_shared_secret:     "{{matrix_registration_shared_secret}}"
 report_stats:                   true
 macaroon_secret_key:            "{{matrix_macaroon_secret_key}}"
 form_secret:                    "{{matrix_form_secret}}"
 signing_key_path:               "/data/{{domain_matrix_synapse}}.signing.key"
 web_client_location:            "https://{{element_domain}}"
 public_baseurl:                 "https://{{synapse_domain}}"
 trusted_key_servers:
  - server_name: "matrix.org"
 admin_contact: 'mailto:{{administrator_email}}'
 email:
  smtp_host:                    "{{system_email_host}}"
  smtp_port:                    "{{system_email_smtp_port}}"
  smtp_user:                    "{{system_email_username}}"
  smtp_pass:                    "{{system_email_password}}"
  #force_tls:                    true
  #require_transport_security:   true
  enable_tls:                   "{{ system_email_tls | upper }}"
  notif_from:                   "Your Friendly %(app)s homeserver <{{system_email}}>"
  app_name:                     "Matrix on {{top_domain}}"
  enable_notifs:                true
  notif_for_new_users:          false
  client_base_url:              "{{domain_matrix_synapse}}"
  validation_token_lifetime:    15m
--- a/roles/docker-matrix/templates/hosts.yml.j2
+++ b/roles/docker-matrix/templates/hosts.yml.j2
@ -0,0 +1,8 @@
 matrix_servers:
  hosts:
    {{inventory_hostname}}:
      ansible_host: "{{ip4_address}}"
      ansible_ssh_user: administrator
      become: true
      become_user: root
      ansible_become_password: "{{ansible_become_password}}"
--- a/roles/docker-matrix/templates/log.config.j2
+++ b/roles/docker-matrix/templates/log.config.j2
@ -1,25 +0,0 @@
 version: 1
 formatters:
  precise:
    format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
 handlers:
  file:
    class: logging.handlers.RotatingFileHandler
    formatter: precise
    filename: /data/{{synapse_domain}}.homeserver.log
    maxBytes: 10485760
    backupCount: 3
  console:
    class: logging.StreamHandler
    formatter: precise
 loggers:
  synapse:
    level: INFO
    handlers: [file, console]
 root:
  level: INFO
  handlers: [file, console]
--- a/roles/docker-matrix/templates/vars.yml.j2
+++ b/roles/docker-matrix/templates/vars.yml.j2
@ -0,0 +1,71 @@
 # The bare domain name which represents your Matrix identity.
 # Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
 #
 # Note: this playbook does not touch the server referenced here.
 # Installation happens on another server ("matrix.<matrix-domain>").
 #
 # If you've deployed using the wrong domain, you'll have to run the Uninstalling step,
 # because you can't change the Domain after deployment.
 #
 # Example value: example.com
 matrix_domain: "{{synapse_domain}}"
 # The Matrix homeserver software to install.
 # See:
 #  - `roles/custom/matrix-base/defaults/main.yml` for valid options
 # - the `docs/configuring-playbook-IMPLEMENTATION_NAME.md` documentation page, if one is available for your implementation choice
 matrix_homeserver_implementation: synapse
 # A secret used as a base, for generating various other secrets.
 # You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`).
 matrix_homeserver_generic_secret_key: "{{matrix_generic_secret_key}}"
 # By default, the playbook manages its own Traefik (https://doc.traefik.io/traefik/) reverse-proxy server.
 # It will retrieve SSL certificates for you on-demand and forward requests to all other components.
 # For alternatives, see `docs/configuring-playbook-own-webserver.md`.
 matrix_playbook_reverse_proxy_type: playbook-managed-traefik
 # Ensure that public urls use https
 matrix_playbook_ssl_enabled: true
 # Disable the web-secure (port 443) endpoint, which also disables SSL certificate retrieval
 devture_traefik_config_entrypoint_web_secure_enabled: false
 # If your reverse-proxy runs on another machine, consider using `0.0.0.0:81`, just `81` or `SOME_IP_ADDRESS_OF_THIS_MACHINE:81`
 devture_traefik_container_web_host_bind_port: "127.0.0.1:{{http_port}}"
 # We bind to `127.0.0.1` by default (see above), so trusting `X-Forwarded-*` headers from
 # a reverse-proxy running on the local machine is safe enough.
 devture_traefik_config_entrypoint_web_forwardedHeaders_insecure: true
 # This is something which is provided to Let's Encrypt when retrieving SSL certificates for domains.
 #
 # In case SSL renewal fails at some point, you'll also get an email notification there.
 #
 # If you decide to use another method for managing SSL certificates (different than the default Let's Encrypt),
 # you won't be required to define this variable (see `docs/configuring-playbook-ssl-certificates.md`).
 #
 # Example value: someone@example.com
 devture_traefik_config_certificatesResolvers_acme_email: "{{administrator_email}}"
 # A Postgres password to use for the superuser Postgres user (called `matrix` by default).
 #
 # The playbook creates additional Postgres users and databases (one for each enabled service)
 # using this superuser account.
 devture_postgres_connection_password: "{{matrix_postgres_password}}"
 # By default, we configure Coturn's external IP address using the value specified for `ansible_host` in your `inventory/hosts` file.
 # If this value is an external IP address, you can skip this section.
 #
 # If `ansible_host` is not the server's external IP address, you have 2 choices:
 # 1. Uncomment the line below, to allow IP address auto-detection to happen (more on this below)
 # 2. Uncomment and adjust the line below to specify an IP address manually
 #
 # By default, auto-detection will be attempted using the `https://ifconfig.co/json` API.
 # Default values for this are specified in `matrix_coturn_turn_external_ip_address_auto_detection_*` variables in the Coturn role
 # (see `roles/custom/matrix-coturn/defaults/main.yml`).
 #
 # If your server has multiple IP addresses, you may define them in another variable which allows a list of addresses.
 # Example: `matrix_coturn_turn_external_ip_addresses: ['1.2.3.4', '4.5.6.7']`
 #
 # matrix_coturn_turn_external_ip_address: ''
--- a/roles/docker-matrix/templates/whatsapp-bridge-config.yml.j2
+++ b/roles/docker-matrix/templates/whatsapp-bridge-config.yml.j2
@ -1,461 +0,0 @@
 # Homeserver details.
 homeserver:
    # The address that this appservice can use to connect to the homeserver.
    address: https://{{synapse_domain}}
    # The domain of the homeserver (for MXIDs, etc).
    domain: {{synapse_domain}}
    # What software is the homeserver running?
    # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
    software: standard
    # The URL to push real-time bridge status to.
    # If set, the bridge will make POST requests to this URL whenever a user's whatsapp connection state changes.
    # The bridge will use the appservice as_token to authorize requests.
    status_endpoint: null
    # Endpoint for reporting per-message status.
    message_send_checkpoint_endpoint: null
    # Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
    async_media: false
    # Should the bridge use a websocket for connecting to the homeserver?
    # The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy,
    # mautrix-asmux (deprecated), and hungryserv (proprietary).
    websocket: false
    # How often should the websocket be pinged? Pinging will be disabled if this is zero.
    ping_interval_seconds: 0
 # Application service host/registration related details.
 # Changing these values requires regeneration of the registration.
 appservice:
    # The address that the homeserver can use to connect to this appservice.
    address: http://localhost:29318
    # The hostname and port where this appservice should listen.
    hostname: 0.0.0.0
    port: 29318
    # Database config.
    database:
        # The database type. "sqlite3-fk-wal" and "postgres" are supported.
        type: postgres
        # The database URI.
        #   SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
        #           https://github.com/mattn/go-sqlite3#connection-string
        #   Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
        #             To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
        uri: postgres://matrix:{{matrix_database_password}}@database/matrix?sslmode=disable
        # Maximum number of connections. Mostly relevant for Postgres.
        max_open_conns: 20
        max_idle_conns: 2
        # Maximum connection idle time and lifetime before they're closed. Disabled if null.
        # Parsed with https://pkg.go.dev/time#ParseDuration
        max_conn_idle_time: null
        max_conn_lifetime: null
    # The unique ID of this appservice.
    id: whatsapp
    # Appservice bot details.
    bot:
        # Username of the appservice bot.
        username: whatsappbot
        # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
        # to leave display name/avatar as-is.
        displayname: WhatsApp bridge bot
        avatar: mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr
    # Whether or not to receive ephemeral events via appservice transactions.
    # Requires MSC2409 support (i.e. Synapse 1.22+).
    ephemeral_events: true
    # Should incoming events be handled asynchronously?
    # This may be necessary for large public instances with lots of messages going through.
    # However, messages will not be guaranteed to be bridged in the same order they were sent in.
    async_transactions: false
    # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
    as_token: "GvOrixRxN8G2dO1KhUgWKL8yhC0lgSBtbr819nntLV2ZcPlWayjWj14YIVKMJHmA"
    hs_token: "oQbRcd1KO2ggrF9lu13fElKnp1Zf0GDU9fiTFSwQQjnD3VmcRnVlZqhMpXu3criI"
 # Segment-compatible analytics endpoint for tracking some events, like provisioning API login and encryption errors.
 analytics:
    # Hostname of the tracking server. The path is hardcoded to /v1/track
    host: api.segment.io
    # API key to send with tracking requests. Tracking is disabled if this is null.
    token: null
    # Optional user ID for tracking events. If null, defaults to using Matrix user ID.
    user_id: null
 # Prometheus config.
 metrics:
    # Enable prometheus metrics?
    enabled: false
    # IP and port where the metrics listener should be. The path is always /metrics
    listen: 127.0.0.1:8001
 # Config for things that are directly sent to WhatsApp.
 whatsapp:
    # Device name that's shown in the "WhatsApp Web" section in the mobile app.
    os_name: Mautrix-WhatsApp bridge
    # Browser name that determines the logo shown in the mobile app.
    # Must be "unknown" for a generic icon or a valid browser name if you want a specific icon.
    # List of valid browser names: https://github.com/tulir/whatsmeow/blob/efc632c008604016ddde63bfcfca8de4e5304da9/binary/proto/def.proto#L43-L64
    browser_name: unknown
 # Bridge config
 bridge:
    # Localpart template of MXIDs for WhatsApp users.
    # {{.}} is replaced with the phone number of the WhatsApp user.
    username_template: whatsapp_{{.}}
    # Displayname template for WhatsApp users.
    # {{.PushName}}     - nickname set by the WhatsApp user
    # {{.BusinessName}} - validated WhatsApp business name
    # {{.Phone}}        - phone number (international format)
    # The following variables are also available, but will cause problems on multi-user instances:
    # {{.FullName}}  - full name from contact list
    # {{.FirstName}} - first name from contact list
    displayname_template: "{{or .BusinessName .PushName .JID}} (WA)"
    # Should the bridge create a space for each logged-in user and add bridged rooms to it?
    # Users who logged in before turning this on should run `!wa sync space` to create and fill the space for the first time.
    personal_filtering_spaces: false
    # Should the bridge send a read receipt from the bridge bot when a message has been sent to WhatsApp?
    delivery_receipts: false
    # Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
    message_status_events: false
    # Whether the bridge should send error notices via m.notice events when a message fails to bridge.
    message_error_notices: true
    # Should incoming calls send a message to the Matrix room?
    call_start_notices: true
    # Should another user's cryptographic identity changing send a message to Matrix?
    identity_change_notices: false
    portal_message_buffer: 128
    # Settings for handling history sync payloads.
    history_sync:
        # Enable backfilling history sync payloads from WhatsApp?
        backfill: true
        # The maximum number of initial conversations that should be synced.
        # Other conversations will be backfilled on demand when receiving a message or when initiating a direct chat.
        max_initial_conversations: -1
        # Maximum number of messages to backfill in each conversation.
        # Set to -1 to disable limit.
        message_count: 50
        # Should the bridge request a full sync from the phone when logging in?
        # This bumps the size of history syncs from 3 months to 1 year.
        request_full_sync: false
        # Configuration parameters that are sent to the phone along with the request full sync flag.
        # By default (when the values are null or 0), the config isn't sent at all.
        full_sync_config:
            # Number of days of history to request.
            # The limit seems to be around 3 years, but using higher values doesn't break.
            days_limit: null
            # This is presumably the maximum size of the transferred history sync blob, which may affect what the phone includes in the blob.
            size_mb_limit: null
            # This is presumably the local storage quota, which may affect what the phone includes in the history sync blob.
            storage_quota_mb: null
        # If this value is greater than 0, then if the conversation's last message was more than
        # this number of hours ago, then the conversation will automatically be marked it as read.
        # Conversations that have a last message that is less than this number of hours ago will
        # have their unread status synced from WhatsApp.
        unread_hours_threshold: 0
        ###############################################################################
        # The settings below are only applicable for backfilling using batch sending, #
        # which is no longer supported in Synapse.                                    #
        ###############################################################################
        # Settings for media requests. If the media expired, then it will not be on the WA servers.
        # Media can always be requested by reacting with the ♻️ (recycle) emoji.
        # These settings determine if the media requests should be done automatically during or after backfill.
        media_requests:
            # Should expired media be automatically requested from the server as part of the backfill process?
            auto_request_media: true
            # Whether to request the media immediately after the media message is backfilled ("immediate")
            # or at a specific time of the day ("local_time").
            request_method: immediate
            # If request_method is "local_time", what time should the requests be sent (in minutes after midnight)?
            request_local_time: 120
        # Settings for immediate backfills. These backfills should generally be small and their main purpose is
        # to populate each of the initial chats (as configured by max_initial_conversations) with a few messages
        # so that you can continue conversations without losing context.
        immediate:
            # The number of concurrent backfill workers to create for immediate backfills.
            # Note that using more than one worker could cause the room list to jump around
            # since there are no guarantees about the order in which the backfills will complete.
            worker_count: 1
            # The maximum number of events to backfill initially.
            max_events: 10
        # Settings for deferred backfills. The purpose of these backfills are to fill in the rest of
        # the chat history that was not covered by the immediate backfills.
        # These backfills generally should happen at a slower pace so as not to overload the homeserver.
        # Each deferred backfill config should define a "stage" of backfill (i.e. the last week of messages).
        # The fields are as follows:
        # - start_days_ago: the number of days ago to start backfilling from.
        #     To indicate the start of time, use -1. For example, for a week ago, use 7.
        # - max_batch_events: the number of events to send per batch.
        # - batch_delay: the number of seconds to wait before backfilling each batch.
        deferred:
            # Last Week
            - start_days_ago: 7
              max_batch_events: 20
              batch_delay: 5
            # Last Month
            - start_days_ago: 30
              max_batch_events: 50
              batch_delay: 10
            # Last 3 months
            - start_days_ago: 90
              max_batch_events: 100
              batch_delay: 10
            # The start of time
            - start_days_ago: -1
              max_batch_events: 500
              batch_delay: 10
    # Should puppet avatars be fetched from the server even if an avatar is already set?
    user_avatar_sync: true
    # Should Matrix users leaving groups be bridged to WhatsApp?
    bridge_matrix_leave: true
    # Should the bridge update the m.direct account data event when double puppeting is enabled.
    # Note that updating the m.direct event is not atomic (except with mautrix-asmux)
    # and is therefore prone to race conditions.
    sync_direct_chat_list: false
    # Should the bridge use MSC2867 to bridge manual "mark as unread"s from
    # WhatsApp and set the unread status on initial backfill?
    # This will only work on clients that support the m.marked_unread or
    # com.famedly.marked_unread room account data.
    sync_manual_marked_unread: true
    # When double puppeting is enabled, users can use `!wa toggle` to change whether
    # presence is bridged. This setting sets the default value.
    # Existing users won't be affected when these are changed.
    default_bridge_presence: true
    # Send the presence as "available" to whatsapp when users start typing on a portal.
    # This works as a workaround for homeservers that do not support presence, and allows
    # users to see when the whatsapp user on the other side is typing during a conversation.
    send_presence_on_typing: false
    # Should the bridge always send "active" delivery receipts (two gray ticks on WhatsApp)
    # even if the user isn't marked as online (e.g. when presence bridging isn't enabled)?
    #
    # By default, the bridge acts like WhatsApp web, which only sends active delivery
    # receipts when it's in the foreground.
    force_active_delivery_receipts: false
    # Servers to always allow double puppeting from
    double_puppet_server_map:
        example.com: https://example.com
    # Allow using double puppeting from any server with a valid client .well-known file.
    double_puppet_allow_discovery: false
    # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
    #
    # If set, double puppeting will be enabled automatically for local users
    # instead of users having to find an access token and run `login-matrix`
    # manually.
    login_shared_secret_map:
        example.com: foobar
    # Whether to explicitly set the avatar and room name for private chat portal rooms.
    # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
    # If set to `always`, all DM rooms will have explicit names and avatars set.
    # If set to `never`, DM rooms will never have names and avatars set.
    private_chat_portal_meta: default
    # Should group members be synced in parallel? This makes member sync faster
    parallel_member_sync: false
    # Should Matrix m.notice-type messages be bridged?
    bridge_notices: true
    # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
    # This field will automatically be changed back to false after it, except if the config file is not writable.
    resend_bridge_info: false
    # When using double puppeting, should muted chats be muted in Matrix?
    mute_bridging: false
    # When using double puppeting, should archived chats be moved to a specific tag in Matrix?
    # Note that WhatsApp unarchives chats when a message is received, which will also be mirrored to Matrix.
    # This can be set to a tag (e.g. m.lowpriority), or null to disable.
    archive_tag: null
    # Same as above, but for pinned chats. The favorite tag is called m.favourite
    pinned_tag: null
    # Should mute status and tags only be bridged when the portal room is created?
    tag_only_on_create: true
    # Should WhatsApp status messages be bridged into a Matrix room?
    # Disabling this won't affect already created status broadcast rooms.
    enable_status_broadcast: true
    # Should sending WhatsApp status messages be allowed?
    # This can cause issues if the user has lots of contacts, so it's disabled by default.
    disable_status_broadcast_send: true
    # Should the status broadcast room be muted and moved into low priority by default?
    # This is only applied when creating the room, the user can unmute it later.
    mute_status_broadcast: true
    # Tag to apply to the status broadcast room.
    status_broadcast_tag: m.lowpriority
    # Should the bridge use thumbnails from WhatsApp?
    # They're disabled by default due to very low resolution.
    whatsapp_thumbnail: false
    # Allow invite permission for user. User can invite any bots to room with whatsapp
    # users (private chat and groups)
    allow_user_invite: false
    # Whether or not created rooms should have federation enabled.
    # If false, created portal rooms will never be federated.
    federate_rooms: true
    # Should the bridge never send alerts to the bridge management room?
    # These are mostly things like the user being logged out.
    disable_bridge_alerts: false
    # Should the bridge stop if the WhatsApp server says another user connected with the same session?
    # This is only safe on single-user bridges.
    crash_on_stream_replaced: false
    # Should the bridge detect URLs in outgoing messages, ask the homeserver to generate a preview,
    # and send it to WhatsApp? URL previews can always be sent using the `com.beeper.linkpreviews`
    # key in the event content even if this is disabled.
    url_previews: false
    # Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552.
    # This is currently not supported in most clients.
    caption_in_message: false
    # Send galleries as a single event? This is not an MSC (yet).
    beeper_galleries: false
    # Should polls be sent using MSC3381 event types?
    extev_polls: false
    # Should cross-chat replies from WhatsApp be bridged? Most servers and clients don't support this.
    cross_room_replies: false
    # Disable generating reply fallbacks? Some extremely bad clients still rely on them,
    # but they're being phased out and will be completely removed in the future.
    disable_reply_fallbacks: false
    # Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration
    # Null means there's no enforced timeout.
    message_handling_timeout:
        # Send an error message after this timeout, but keep waiting for the response until the deadline.
        # This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay.
        # If the message is older than this when it reaches the bridge, the message won't be handled at all.
        error_after: null
        # Drop messages after this timeout. They may still go through if the message got sent to the servers.
        # This is counted from the time the bridge starts handling the message.
        deadline: 120s
    # The prefix for commands. Only required in non-management rooms.
    command_prefix: "!wa"
    # Messages sent upon joining a management room.
    # Markdown is supported. The defaults are listed below.
    management_room_text:
        # Sent when joining a room.
        welcome: "Hello, I'm a WhatsApp bridge bot."
        # Sent when joining a management room and the user is already logged in.
        welcome_connected: "Use `help` for help."
        # Sent when joining a management room and the user is not logged in.
        welcome_unconnected: "Use `help` for help or `login` to log in."
        # Optional extra text sent when joining a management room.
        additional_help: ""
    # End-to-bridge encryption support options.
    #
    # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
    encryption:
        # Allow encryption, work in group chat rooms with e2ee enabled
        allow: false
        # Default to encryption, force-enable encryption in all portals the bridge creates
        # This will cause the bridge bot to be in private chats for the encryption to work properly.
        default: false
        # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
        appservice: false
        # Require encryption, drop any unencrypted messages.
        require: false
        # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
        # You must use a client that supports requesting keys from other users to use this feature.
        allow_key_sharing: false
        # Should users mentions be in the event wire content to enable the server to send push notifications?
        plaintext_mentions: false
        # Options for deleting megolm sessions from the bridge.
        delete_keys:
            # Beeper-specific: delete outbound sessions when hungryserv confirms
            # that the user has uploaded the key to key backup.
            delete_outbound_on_ack: false
            # Don't store outbound sessions in the inbound table.
            dont_store_outbound: false
            # Ratchet megolm sessions forward after decrypting messages.
            ratchet_on_decrypt: false
            # Delete fully used keys (index >= max_messages) after decrypting messages.
            delete_fully_used_on_decrypt: false
            # Delete previous megolm sessions from same device when receiving a new one.
            delete_prev_on_new_session: false
            # Delete megolm sessions received from a device when the device is deleted.
            delete_on_device_delete: false
            # Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
            periodically_delete_expired: false
            # Delete inbound megolm sessions that don't have the received_at field used for
            # automatic ratcheting and expired session deletion. This is meant as a migration
            # to delete old keys prior to the bridge update.
            delete_outdated_inbound: false
        # What level of device verification should be required from users?
        #
        # Valid levels:
        #   unverified - Send keys to all device in the room.
        #   cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
        #   cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
        #   cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
        #                           Note that creating user signatures from the bridge bot is not currently possible.
        #   verified - Require manual per-device verification
        #              (currently only possible by modifying the `trust` column in the `crypto_device` database table).
        verification_levels:
            # Minimum level for which the bridge should send keys to when bridging messages from WhatsApp to Matrix.
            receive: unverified
            # Minimum level that the bridge should accept for incoming Matrix messages.
            send: unverified
            # Minimum level that the bridge should require for accepting key requests.
            share: cross-signed-tofu
        # Options for Megolm room key rotation. These options allow you to
        # configure the m.room.encryption event content. See:
        # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
        # more information about that event.
        rotation:
            # Enable custom Megolm room key rotation settings. Note that these
            # settings will only apply to rooms created after this option is
            # set.
            enable_custom: false
            # The maximum number of milliseconds a session should be used
            # before changing it. The Matrix spec recommends 604800000 (a week)
            # as the default.
            milliseconds: 604800000
            # The maximum number of messages that should be sent with a given a
            # session before changing it. The Matrix spec recommends 100 as the
            # default.
            messages: 100
            # Disable rotating keys when a user's devices change?
            # You should not enable this option unless you understand all the implications.
            disable_device_change_key_rotation: false
    # Settings for provisioning API
    provisioning:
        # Prefix for the provisioning API paths.
        prefix: /_matrix/provision
        # Shared secret for authentication. If set to "generate", a random secret will be generated,
        # or if set to "disable", the provisioning API will be disabled.
        shared_secret: kY8Ez6M80YBpvGtMz5R1Mb1c7deb8d9zxmlvqwTv0HGCKPVqcrTmHu90Wi04828z
        # Enable debug API at /debug with provisioning authentication.
        debug_endpoints: false
    # Permissions for using the bridge.
    # Permitted values:
    #    relay - Talk through the relaybot (if enabled), no access otherwise
    #     user - Access to use the bridge to chat with a WhatsApp account.
    #    admin - User level and some additional administration tools
    # Permitted keys:
    #        * - All Matrix users
    #   domain - All users on that homeserver
    #     mxid - Specific user
    permissions:
        "*": relay
        "example.com": user
        "@admin:example.com": admin
    # Settings for relay mode
    relay:
        # Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any
        # authenticated user into a relaybot for that chat.
        enabled: false
        # Should only admins be allowed to set themselves as relay users?
        admin_only: true
        # The formats to use when sending messages to WhatsApp via the relaybot.
        message_formats:
            m.text: "<b>{{ .Sender.Displayname }}</b>: {{ .Message }}"
            m.notice: "<b>{{ .Sender.Displayname }}</b>: {{ .Message }}"
            m.emote: "* <b>{{ .Sender.Displayname }}</b> {{ .Message }}"
            m.file: "<b>{{ .Sender.Displayname }}</b> sent a file"
            m.image: "<b>{{ .Sender.Displayname }}</b> sent an image"
            m.audio: "<b>{{ .Sender.Displayname }}</b> sent an audio file"
            m.video: "<b>{{ .Sender.Displayname }}</b> sent a video"
            m.location: "<b>{{ .Sender.Displayname }}</b> sent a location"
 # Logging config. See https://github.com/tulir/zeroconfig for details.
 logging:
    min_level: debug
    writers:
        - type: stdout
          format: pretty-colored
--- a/roles/docker-matrix/vars/main.yml
+++ b/roles/docker-matrix/vars/main.yml
@ -1,2 +1,2 @@
 ---
-docker_compose_instance_directory: "{{path_docker_compose_instances}}matrix/"
+local_repository_directory: "{{role_path}}/matrix-docker-ansible-deploy"
--- a/servers.yml
+++ b/servers.yml
@ -205,10 +205,12 @@
  roles:
   -  role: docker-matrix
      vars:
-        synapse_domain:   "{{domain_matrix_synapse}}"
+        domains:
-        synapse_http_port: 8021
+          - "{{domain_matrix_element}}"
          - "{{domain_matrix_synapse}}"
        element_domain:   "{{domain_matrix_element}}"
-        element_http_port: 8022
+        synapse_domain:   "{{domain_matrix_synapse}}"
        http_port: 8021
 - name: setup akaunting hosts
  hosts: akaunting
Author	SHA1	Message	Date
Kevin Veen-Birkenbach	a85085d687	Changed element domain to fitt to new matrix setup	2023-12-21 20:42:33 +01:00
Kevin Veen-Birkenbach	4ae523f4f8	Solved bug	2023-12-21 20:29:44 +01:00
Kevin Veen-Birkenbach	ab7be15c63	Matrix debugging	2023-12-21 19:50:19 +01:00
Kevin Veen-Birkenbach	3dbebec9a7	Merge branch 'master' of github.com:kevinveenbirkenbach/cymais	2023-12-21 18:06:30 +01:00
Kevin Veen-Birkenbach	9923590151	Added password	2023-12-21 17:50:51 +01:00
Kevin Veen-Birkenbach	156f52a1c4	Implemented draft for matrix-docker-ansible-deploy	2023-12-21 17:32:54 +01:00
`@ -1,2 +1,2 @@`
	`---`	`---`
	`docker_compose_instance_directory: "{{path_docker_compose_instances}}matrix/"`	`local_repository_directory: "{{role_path}}/matrix-docker-ansible-deploy"`