Compare commits
No commits in common. "main" and "docs" have entirely different histories.
155
.drone.jsonnet
155
.drone.jsonnet
|
@ -1,155 +0,0 @@
|
|||
local PipelineLinting = {
|
||||
kind: 'pipeline',
|
||||
name: 'linting',
|
||||
platform: {
|
||||
os: 'linux',
|
||||
arch: 'amd64',
|
||||
},
|
||||
steps: [
|
||||
{
|
||||
name: 'ansible-later',
|
||||
image: 'thegeeklab/ansible-later',
|
||||
commands: [
|
||||
'ansible-later',
|
||||
],
|
||||
},
|
||||
{
|
||||
name: 'python-format',
|
||||
image: 'python:3.11',
|
||||
environment: {
|
||||
PY_COLORS: 1,
|
||||
},
|
||||
commands: [
|
||||
'pip install -qq yapf',
|
||||
'[ -z "$(find . -type f -name *.py)" ] || (yapf -rd ./)',
|
||||
],
|
||||
},
|
||||
{
|
||||
name: 'python-flake8',
|
||||
image: 'python:3.11',
|
||||
environment: {
|
||||
PY_COLORS: 1,
|
||||
},
|
||||
commands: [
|
||||
'pip install -qq flake8',
|
||||
'flake8',
|
||||
],
|
||||
},
|
||||
],
|
||||
trigger: {
|
||||
ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
|
||||
},
|
||||
};
|
||||
|
||||
local PipelineDeployment(scenario='centos7') = {
|
||||
kind: 'pipeline',
|
||||
name: 'testing-' + scenario,
|
||||
platform: {
|
||||
os: 'linux',
|
||||
arch: 'amd64',
|
||||
},
|
||||
concurrency: {
|
||||
limit: 1,
|
||||
},
|
||||
workspace: {
|
||||
base: '/drone/src',
|
||||
path: '${DRONE_REPO_NAME}',
|
||||
},
|
||||
steps: [
|
||||
{
|
||||
name: 'ansible-molecule',
|
||||
image: 'thegeeklab/molecule:4',
|
||||
environment: {
|
||||
HCLOUD_TOKEN: { from_secret: 'hcloud_token' },
|
||||
},
|
||||
commands: [
|
||||
'molecule test -s ' + scenario,
|
||||
],
|
||||
},
|
||||
],
|
||||
trigger: {
|
||||
ref: ['refs/heads/main', 'refs/tags/**'],
|
||||
},
|
||||
};
|
||||
|
||||
local PipelineDocumentation = {
|
||||
kind: 'pipeline',
|
||||
name: 'documentation',
|
||||
platform: {
|
||||
os: 'linux',
|
||||
arch: 'amd64',
|
||||
},
|
||||
steps: [
|
||||
{
|
||||
name: 'generate',
|
||||
image: 'thegeeklab/ansible-doctor',
|
||||
environment: {
|
||||
ANSIBLE_DOCTOR_LOG_LEVEL: 'INFO',
|
||||
ANSIBLE_DOCTOR_FORCE_OVERWRITE: true,
|
||||
ANSIBLE_DOCTOR_EXCLUDE_FILES: 'molecule/',
|
||||
ANSIBLE_DOCTOR_TEMPLATE: 'hugo-book',
|
||||
ANSIBLE_DOCTOR_ROLE_NAME: '${DRONE_REPO_NAME#*.}',
|
||||
ANSIBLE_DOCTOR_OUTPUT_DIR: '_docs/',
|
||||
},
|
||||
},
|
||||
{
|
||||
name: 'publish',
|
||||
image: 'plugins/gh-pages',
|
||||
settings: {
|
||||
remote_url: 'https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}',
|
||||
netrc_machine: 'gitea.rknet.org',
|
||||
username: { from_secret: 'gitea_username' },
|
||||
password: { from_secret: 'gitea_token' },
|
||||
pages_directory: '_docs/',
|
||||
target_branch: 'docs',
|
||||
},
|
||||
when: {
|
||||
ref: ['refs/heads/main'],
|
||||
},
|
||||
},
|
||||
],
|
||||
depends_on: [
|
||||
'linting',
|
||||
],
|
||||
trigger: {
|
||||
ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
|
||||
},
|
||||
};
|
||||
|
||||
local PipelineNotification = {
|
||||
kind: 'pipeline',
|
||||
name: 'notification',
|
||||
platform: {
|
||||
os: 'linux',
|
||||
arch: 'amd64',
|
||||
},
|
||||
clone: {
|
||||
disable: true,
|
||||
},
|
||||
steps: [
|
||||
{
|
||||
name: 'matrix',
|
||||
image: 'thegeeklab/drone-matrix',
|
||||
settings: {
|
||||
homeserver: { from_secret: 'matrix_homeserver' },
|
||||
roomid: { from_secret: 'matrix_roomid' },
|
||||
template: 'Status: **{{ .Build.Status }}**<br/> Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}<br/> Message: {{ .Commit.Message.Title }}',
|
||||
username: { from_secret: 'matrix_username' },
|
||||
password: { from_secret: 'matrix_password' },
|
||||
},
|
||||
},
|
||||
],
|
||||
depends_on: [
|
||||
'documentation',
|
||||
],
|
||||
trigger: {
|
||||
status: ['success', 'failure'],
|
||||
ref: ['refs/heads/main', 'refs/tags/**'],
|
||||
},
|
||||
};
|
||||
|
||||
[
|
||||
PipelineLinting,
|
||||
PipelineDocumentation,
|
||||
PipelineNotification,
|
||||
]
|
120
.drone.yml
120
.drone.yml
|
@ -1,120 +0,0 @@
|
|||
---
|
||||
kind: pipeline
|
||||
name: linting
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: ansible-later
|
||||
image: thegeeklab/ansible-later
|
||||
commands:
|
||||
- ansible-later
|
||||
|
||||
- name: python-format
|
||||
image: python:3.11
|
||||
commands:
|
||||
- pip install -qq yapf
|
||||
- "[ -z \"$(find . -type f -name *.py)\" ] || (yapf -rd ./)"
|
||||
environment:
|
||||
PY_COLORS: 1
|
||||
|
||||
- name: python-flake8
|
||||
image: python:3.11
|
||||
commands:
|
||||
- pip install -qq flake8
|
||||
- flake8
|
||||
environment:
|
||||
PY_COLORS: 1
|
||||
|
||||
trigger:
|
||||
ref:
|
||||
- refs/heads/main
|
||||
- refs/tags/**
|
||||
- refs/pull/**
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
name: documentation
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: generate
|
||||
image: thegeeklab/ansible-doctor
|
||||
environment:
|
||||
ANSIBLE_DOCTOR_EXCLUDE_FILES: molecule/
|
||||
ANSIBLE_DOCTOR_FORCE_OVERWRITE: true
|
||||
ANSIBLE_DOCTOR_LOG_LEVEL: INFO
|
||||
ANSIBLE_DOCTOR_OUTPUT_DIR: _docs/
|
||||
ANSIBLE_DOCTOR_ROLE_NAME: ${DRONE_REPO_NAME#*.}
|
||||
ANSIBLE_DOCTOR_TEMPLATE: hugo-book
|
||||
|
||||
- name: publish
|
||||
image: plugins/gh-pages
|
||||
settings:
|
||||
netrc_machine: gitea.rknet.org
|
||||
pages_directory: _docs/
|
||||
password:
|
||||
from_secret: gitea_token
|
||||
remote_url: https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}
|
||||
target_branch: docs
|
||||
username:
|
||||
from_secret: gitea_username
|
||||
when:
|
||||
ref:
|
||||
- refs/heads/main
|
||||
|
||||
trigger:
|
||||
ref:
|
||||
- refs/heads/main
|
||||
- refs/tags/**
|
||||
- refs/pull/**
|
||||
|
||||
depends_on:
|
||||
- linting
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
name: notification
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
steps:
|
||||
- name: matrix
|
||||
image: thegeeklab/drone-matrix
|
||||
settings:
|
||||
homeserver:
|
||||
from_secret: matrix_homeserver
|
||||
password:
|
||||
from_secret: matrix_password
|
||||
roomid:
|
||||
from_secret: matrix_roomid
|
||||
template: "Status: **{{ .Build.Status }}**<br/> Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}<br/> Message: {{ .Commit.Message.Title }}"
|
||||
username:
|
||||
from_secret: matrix_username
|
||||
|
||||
trigger:
|
||||
ref:
|
||||
- refs/heads/main
|
||||
- refs/tags/**
|
||||
status:
|
||||
- success
|
||||
- failure
|
||||
|
||||
depends_on:
|
||||
- documentation
|
||||
|
||||
---
|
||||
kind: signature
|
||||
hmac: 2d807141327f24eac8c6cbe9a09c51209acc102b6ce927a13a968e8bec0bba15
|
||||
|
||||
...
|
|
@ -1,13 +0,0 @@
|
|||
# ---> Ansible
|
||||
*.retry
|
||||
filter/plugins/
|
||||
library
|
||||
|
||||
# ---> Python
|
||||
# Byte-compiled / optimized / DLL files
|
||||
__pycache__/
|
||||
*.py[cod]
|
||||
*$py.class
|
||||
|
||||
# ---> Docs
|
||||
/_docs
|
19
.later.yml
19
.later.yml
|
@ -1,19 +0,0 @@
|
|||
---
|
||||
ansible:
|
||||
custom_modules:
|
||||
- iptables_raw
|
||||
- openssl_pkcs12
|
||||
- proxmox_kvm
|
||||
- ucr
|
||||
- corenetworks_dns
|
||||
- corenetworks_token
|
||||
|
||||
rules:
|
||||
exclude_files:
|
||||
- molecule/
|
||||
- "LICENSE*"
|
||||
- "**/*.md"
|
||||
- "**/*.ini"
|
||||
|
||||
exclude_filter:
|
||||
- LINT0009
|
21
LICENSE
21
LICENSE
|
@ -1,21 +0,0 @@
|
|||
MIT License
|
||||
|
||||
Copyright (c) 2022 Robert Kaussow <mail@thegeeklab.de>
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is furnished
|
||||
to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice (including the next
|
||||
paragraph) shall be included in all copies or substantial portions of the
|
||||
Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
|
||||
OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
|
||||
WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
|
||||
OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
12
README.md
12
README.md
|
@ -1,12 +0,0 @@
|
|||
# xoxys.matrix
|
||||
|
||||
[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.matrix?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.matrix)
|
||||
[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
|
||||
|
||||
Setup a [matrix-synapse](https://github.com/matrix-org/synapse) chat server. Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP.
|
||||
|
||||
You can find the full documentation at [https://galaxy.geekdocs.de](https://galaxy.geekdocs.de/roles/cloud/matrix/).
|
||||
|
||||
## License
|
||||
|
||||
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
|
|
@ -1,139 +0,0 @@
|
|||
---
|
||||
matrix_version: "1.52.0"
|
||||
|
||||
matrix_virtualenv_command: /usr/bin/python3 -m venv
|
||||
matrix_virtualenv: "{{ matrix_base_dir }}/env"
|
||||
|
||||
matrix_user: matrix
|
||||
matrix_user_home: "/home/{{ matrix_user }}"
|
||||
matrix_group: "{{ matrix_user }}"
|
||||
matrix_extra_groups: []
|
||||
|
||||
# @var matrix_packages:description: Ensure EPEL repo is available at this server
|
||||
matrix_packages:
|
||||
- "@Development tools"
|
||||
- libtiff-devel
|
||||
- libjpeg-devel
|
||||
- libzip-devel
|
||||
- freetype-devel
|
||||
- lcms2-devel
|
||||
- libwebp-devel
|
||||
- tcl-devel
|
||||
- tk-devel
|
||||
- redhat-rpm-config
|
||||
- libffi-devel
|
||||
- openssl-devel
|
||||
|
||||
matrix_packages_extra: []
|
||||
|
||||
matrix_base_dir: "/opt/matrix"
|
||||
matrix_conf_dir: "{{ matrix_base_dir }}/config"
|
||||
matrix_data_dir: "{{ matrix_base_dir }}/data"
|
||||
matrix_log_dir: "{{ matrix_base_dir }}/log"
|
||||
|
||||
matrix_log_root_level: INFO
|
||||
matrix_log_synapse_level: INFO
|
||||
matrix_log_synapse_sql_level: INFO
|
||||
matrix_log_ldap_level: INFO
|
||||
matrix_log_ldap_auth_level: INFO
|
||||
|
||||
matrix_restart_policy: "on-failure"
|
||||
|
||||
matrix_server_url: example.com
|
||||
matrix_client_url: https://matrix.example.com
|
||||
|
||||
matrix_web_client_location: /path/to/web/root
|
||||
matrix_filter_timeline_limit: -1
|
||||
|
||||
matrix_http_bind_addresses:
|
||||
- "127.0.0.1"
|
||||
matrix_http_bind_port: 8008
|
||||
|
||||
matrix_https_bind_addresses: []
|
||||
matrix_https_bind_port: 8448
|
||||
|
||||
matrix_ldap_auth_enabled: False
|
||||
matrix_ldap_auth_server: ldaps://ldap.example.com:636
|
||||
matrix_ldap_auth_use_starttls: "false"
|
||||
matrix_ldap_auth_basedn: "ou=users,dc=example,dc=com"
|
||||
matrix_ldap_auth_uid_attr: "uid"
|
||||
matrix_ldap_auth_mail_attr: "email"
|
||||
matrix_ldap_auth_name_attr: "cn"
|
||||
# matrix_ldap_auth_binddn: uid=myuser,ou=users,dc=example,dc=com # defaults to not set
|
||||
# matrix_ldap_auth_bind_password: # defaults to not set
|
||||
# matrix_ldap_auth_filter: (objectClass=posixAccount) # defaults to not set
|
||||
|
||||
# @var matrix_db_type:description: Sopported values are `pgsql` and `sqlite`.
|
||||
matrix_db_type: pgsql
|
||||
matrix_db_txn_limit: 0
|
||||
matrix_db_server: localhost
|
||||
matrix_db_port: 5432
|
||||
matrix_db_name: matrix
|
||||
matrix_db_user: pgmatrix
|
||||
matrix_db_password: secure
|
||||
matrix_db_ssl_mode: disable
|
||||
matrix_db_ssl_root_cert: /etc/pki/tls/certs/ca-bundle.trust.crt
|
||||
|
||||
matrix_presence_enabled: False
|
||||
matrix_default_room_version: "6"
|
||||
|
||||
matrix_event_cache_size: "100K"
|
||||
matrix_caches_global_factor: 0.5
|
||||
|
||||
matrix_suppress_key_server_warning: False
|
||||
|
||||
matrix_url_preview_enabled: False
|
||||
|
||||
# List of IP address CIDR ranges that the URL preview spider is denied
|
||||
# from accessing. You should specify any internal services in your
|
||||
# network that you do not want synapse to try to connect to, otherwise
|
||||
# anyone in any Matrix room could cause your synapse to issue arbitrary
|
||||
# GET requests to your internal services, causing serious security issues.
|
||||
# matrix_url_preview_ip_blacklist: # defaults to not set
|
||||
# - '127.0.0.0/8'
|
||||
# - '10.0.0.0/8'
|
||||
# - '172.16.0.0/12'
|
||||
# - '192.168.0.0/16'
|
||||
# - '100.64.0.0/10'
|
||||
# - '169.254.0.0/16'
|
||||
# - '::1/128'
|
||||
# - 'fe80::/64'
|
||||
# - 'fc00::/7'
|
||||
|
||||
# Optional list of URL matches that the URL preview spider is
|
||||
# denied from accessing.
|
||||
# https://docs.python.org/2/library/urlparse.html#urlparse.urlsplit
|
||||
# matrix_url_preview_url_blacklist:
|
||||
# - netloc: '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'
|
||||
# - netloc: '^([A-f0-9:]+:+)+[A-f0-9]+$'
|
||||
matrix_url_preview_max_spider_size: 10M
|
||||
|
||||
# @var matrix_rc_login_address:description: >
|
||||
# Ratelimiting settings for login requests based on the client's IP address.
|
||||
# @end
|
||||
# @var matrix_rc_login_address: >
|
||||
# matrix_rc_login_address:
|
||||
# per_second: 0.17
|
||||
# burst_count: 3
|
||||
# @var
|
||||
|
||||
# @var matrix_rc_login_account:description: >
|
||||
# Ratelimiting settings for login requests based on the account the
|
||||
# client is attempting to log into.
|
||||
# @end
|
||||
# @var matrix_rc_login_account: >
|
||||
# matrix_rc_login_account:
|
||||
# per_second: 0.17
|
||||
# burst_count: 3
|
||||
# @var
|
||||
|
||||
matrix_macaroon_secret_key: "jr;vhMlW=+U8pwBhVE^=6.,M94Gcyg_07Z-nNAsgj4ZZ:ew:HV"
|
||||
matrix_form_secret: "oFP3m&,r^wJ=Tr#=Ruww5+h0e;-DZqcuVGXV4XgRZIAt~Gv2YF"
|
||||
|
||||
# @var matrix_signing_key: $ "_unset_"
|
||||
|
||||
matrix_tls_enabled: False
|
||||
matrix_tls_cert_path: "{{ matrix_base_dir }}/tls/certs/mycert.pem"
|
||||
matrix_tls_key_path: "{{ matrix_base_dir }}/tls/private/mykey.pem"
|
||||
matrix_tls_cert_source: mycert.pem
|
||||
matrix_tls_key_source: mykey.pem
|
|
@ -1,10 +0,0 @@
|
|||
---
|
||||
- name: Restart service
|
||||
service:
|
||||
name: matrix
|
||||
state: restarted
|
||||
daemon_reload: yes
|
||||
enabled: yes
|
||||
listen: __matrix_restart
|
||||
become: True
|
||||
become_user: root
|
|
@ -0,0 +1,593 @@
|
|||
---
|
||||
title: matrix
|
||||
type: docs
|
||||
---
|
||||
|
||||
[![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.matrix) [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.matrix?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.matrix) [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.matrix/src/branch/main/LICENSE)
|
||||
|
||||
Setup a [matrix-synapse](https://github.com/matrix-org/synapse) chat server. Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP.
|
||||
|
||||
<!--more-->
|
||||
|
||||
- [Default Variables](#default-variables)
|
||||
- [matrix_base_dir](#matrix_base_dir)
|
||||
- [matrix_caches_global_factor](#matrix_caches_global_factor)
|
||||
- [matrix_client_url](#matrix_client_url)
|
||||
- [matrix_conf_dir](#matrix_conf_dir)
|
||||
- [matrix_data_dir](#matrix_data_dir)
|
||||
- [matrix_db_name](#matrix_db_name)
|
||||
- [matrix_db_password](#matrix_db_password)
|
||||
- [matrix_db_port](#matrix_db_port)
|
||||
- [matrix_db_server](#matrix_db_server)
|
||||
- [matrix_db_ssl_mode](#matrix_db_ssl_mode)
|
||||
- [matrix_db_ssl_root_cert](#matrix_db_ssl_root_cert)
|
||||
- [matrix_db_txn_limit](#matrix_db_txn_limit)
|
||||
- [matrix_db_type](#matrix_db_type)
|
||||
- [matrix_db_user](#matrix_db_user)
|
||||
- [matrix_default_room_version](#matrix_default_room_version)
|
||||
- [matrix_event_cache_size](#matrix_event_cache_size)
|
||||
- [matrix_extra_groups](#matrix_extra_groups)
|
||||
- [matrix_filter_timeline_limit](#matrix_filter_timeline_limit)
|
||||
- [matrix_form_secret](#matrix_form_secret)
|
||||
- [matrix_group](#matrix_group)
|
||||
- [matrix_http_bind_addresses](#matrix_http_bind_addresses)
|
||||
- [matrix_http_bind_port](#matrix_http_bind_port)
|
||||
- [matrix_https_bind_addresses](#matrix_https_bind_addresses)
|
||||
- [matrix_https_bind_port](#matrix_https_bind_port)
|
||||
- [matrix_ldap_auth_basedn](#matrix_ldap_auth_basedn)
|
||||
- [matrix_ldap_auth_enabled](#matrix_ldap_auth_enabled)
|
||||
- [matrix_ldap_auth_mail_attr](#matrix_ldap_auth_mail_attr)
|
||||
- [matrix_ldap_auth_name_attr](#matrix_ldap_auth_name_attr)
|
||||
- [matrix_ldap_auth_server](#matrix_ldap_auth_server)
|
||||
- [matrix_ldap_auth_uid_attr](#matrix_ldap_auth_uid_attr)
|
||||
- [matrix_ldap_auth_use_starttls](#matrix_ldap_auth_use_starttls)
|
||||
- [matrix_log_dir](#matrix_log_dir)
|
||||
- [matrix_log_ldap_auth_level](#matrix_log_ldap_auth_level)
|
||||
- [matrix_log_ldap_level](#matrix_log_ldap_level)
|
||||
- [matrix_log_root_level](#matrix_log_root_level)
|
||||
- [matrix_log_synapse_level](#matrix_log_synapse_level)
|
||||
- [matrix_log_synapse_sql_level](#matrix_log_synapse_sql_level)
|
||||
- [matrix_macaroon_secret_key](#matrix_macaroon_secret_key)
|
||||
- [matrix_packages](#matrix_packages)
|
||||
- [matrix_packages_extra](#matrix_packages_extra)
|
||||
- [matrix_presence_enabled](#matrix_presence_enabled)
|
||||
- [matrix_rc_login_account](#matrix_rc_login_account)
|
||||
- [matrix_rc_login_address](#matrix_rc_login_address)
|
||||
- [matrix_restart_policy](#matrix_restart_policy)
|
||||
- [matrix_server_url](#matrix_server_url)
|
||||
- [matrix_signing_key](#matrix_signing_key)
|
||||
- [matrix_suppress_key_server_warning](#matrix_suppress_key_server_warning)
|
||||
- [matrix_tls_cert_path](#matrix_tls_cert_path)
|
||||
- [matrix_tls_cert_source](#matrix_tls_cert_source)
|
||||
- [matrix_tls_enabled](#matrix_tls_enabled)
|
||||
- [matrix_tls_key_path](#matrix_tls_key_path)
|
||||
- [matrix_tls_key_source](#matrix_tls_key_source)
|
||||
- [matrix_url_preview_enabled](#matrix_url_preview_enabled)
|
||||
- [matrix_url_preview_max_spider_size](#matrix_url_preview_max_spider_size)
|
||||
- [matrix_user](#matrix_user)
|
||||
- [matrix_user_home](#matrix_user_home)
|
||||
- [matrix_version](#matrix_version)
|
||||
- [matrix_virtualenv](#matrix_virtualenv)
|
||||
- [matrix_virtualenv_command](#matrix_virtualenv_command)
|
||||
- [matrix_web_client_location](#matrix_web_client_location)
|
||||
- [Discovered Tags](#discovered-tags)
|
||||
- [Dependencies](#dependencies)
|
||||
|
||||
---
|
||||
|
||||
## Default Variables
|
||||
|
||||
### matrix_base_dir
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_base_dir: /opt/matrix
|
||||
```
|
||||
|
||||
### matrix_caches_global_factor
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_caches_global_factor: 0.5
|
||||
```
|
||||
|
||||
### matrix_client_url
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_client_url: https://matrix.example.com
|
||||
```
|
||||
|
||||
### matrix_conf_dir
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_conf_dir: '{{ matrix_base_dir }}/config'
|
||||
```
|
||||
|
||||
### matrix_data_dir
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_data_dir: '{{ matrix_base_dir }}/data'
|
||||
```
|
||||
|
||||
### matrix_db_name
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_db_name: matrix
|
||||
```
|
||||
|
||||
### matrix_db_password
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_db_password: secure
|
||||
```
|
||||
|
||||
### matrix_db_port
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_db_port: 5432
|
||||
```
|
||||
|
||||
### matrix_db_server
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_db_server: localhost
|
||||
```
|
||||
|
||||
### matrix_db_ssl_mode
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_db_ssl_mode: disable
|
||||
```
|
||||
|
||||
### matrix_db_ssl_root_cert
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_db_ssl_root_cert: /etc/pki/tls/certs/ca-bundle.trust.crt
|
||||
```
|
||||
|
||||
### matrix_db_txn_limit
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_db_txn_limit: 0
|
||||
```
|
||||
|
||||
### matrix_db_type
|
||||
|
||||
Sopported values are `pgsql` and `sqlite`.
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_db_type: pgsql
|
||||
```
|
||||
|
||||
### matrix_db_user
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_db_user: pgmatrix
|
||||
```
|
||||
|
||||
### matrix_default_room_version
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_default_room_version: '6'
|
||||
```
|
||||
|
||||
### matrix_event_cache_size
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_event_cache_size: 100K
|
||||
```
|
||||
|
||||
### matrix_extra_groups
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_extra_groups: []
|
||||
```
|
||||
|
||||
### matrix_filter_timeline_limit
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_filter_timeline_limit: -1
|
||||
```
|
||||
|
||||
### matrix_form_secret
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_form_secret: oFP3m&,r^wJ=Tr#=Ruww5+h0e;-DZqcuVGXV4XgRZIAt~Gv2YF
|
||||
```
|
||||
|
||||
### matrix_group
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_group: '{{ matrix_user }}'
|
||||
```
|
||||
|
||||
### matrix_http_bind_addresses
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_http_bind_addresses:
|
||||
- 127.0.0.1
|
||||
```
|
||||
|
||||
### matrix_http_bind_port
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_http_bind_port: 8008
|
||||
```
|
||||
|
||||
### matrix_https_bind_addresses
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_https_bind_addresses: []
|
||||
```
|
||||
|
||||
### matrix_https_bind_port
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_https_bind_port: 8448
|
||||
```
|
||||
|
||||
### matrix_ldap_auth_basedn
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_ldap_auth_basedn: ou=users,dc=example,dc=com
|
||||
```
|
||||
|
||||
### matrix_ldap_auth_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_ldap_auth_enabled: false
|
||||
```
|
||||
|
||||
### matrix_ldap_auth_mail_attr
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_ldap_auth_mail_attr: email
|
||||
```
|
||||
|
||||
### matrix_ldap_auth_name_attr
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_ldap_auth_name_attr: cn
|
||||
```
|
||||
|
||||
### matrix_ldap_auth_server
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_ldap_auth_server: ldaps://ldap.example.com:636
|
||||
```
|
||||
|
||||
### matrix_ldap_auth_uid_attr
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_ldap_auth_uid_attr: uid
|
||||
```
|
||||
|
||||
### matrix_ldap_auth_use_starttls
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_ldap_auth_use_starttls: 'false'
|
||||
```
|
||||
|
||||
### matrix_log_dir
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_log_dir: '{{ matrix_base_dir }}/log'
|
||||
```
|
||||
|
||||
### matrix_log_ldap_auth_level
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_log_ldap_auth_level: INFO
|
||||
```
|
||||
|
||||
### matrix_log_ldap_level
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_log_ldap_level: INFO
|
||||
```
|
||||
|
||||
### matrix_log_root_level
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_log_root_level: INFO
|
||||
```
|
||||
|
||||
### matrix_log_synapse_level
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_log_synapse_level: INFO
|
||||
```
|
||||
|
||||
### matrix_log_synapse_sql_level
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_log_synapse_sql_level: INFO
|
||||
```
|
||||
|
||||
### matrix_macaroon_secret_key
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_macaroon_secret_key: jr;vhMlW=+U8pwBhVE^=6.,M94Gcyg_07Z-nNAsgj4ZZ:ew:HV
|
||||
```
|
||||
|
||||
### matrix_packages
|
||||
|
||||
Ensure EPEL repo is available at this server
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_packages:
|
||||
- '@Development tools'
|
||||
- libtiff-devel
|
||||
- libjpeg-devel
|
||||
- libzip-devel
|
||||
- freetype-devel
|
||||
- lcms2-devel
|
||||
- libwebp-devel
|
||||
- tcl-devel
|
||||
- tk-devel
|
||||
- redhat-rpm-config
|
||||
- libffi-devel
|
||||
- openssl-devel
|
||||
```
|
||||
|
||||
### matrix_packages_extra
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_packages_extra: []
|
||||
```
|
||||
|
||||
### matrix_presence_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_presence_enabled: false
|
||||
```
|
||||
|
||||
### matrix_rc_login_account
|
||||
|
||||
Ratelimiting settings for login requests based on the account the client is attempting to log into.
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_rc_login_account:
|
||||
per_second: 0.17
|
||||
burst_count: 3
|
||||
```
|
||||
|
||||
### matrix_rc_login_address
|
||||
|
||||
Ratelimiting settings for login requests based on the client's IP address.
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_rc_login_address:
|
||||
per_second: 0.17
|
||||
burst_count: 3
|
||||
```
|
||||
|
||||
### matrix_restart_policy
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_restart_policy: on-failure
|
||||
```
|
||||
|
||||
### matrix_server_url
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_server_url: example.com
|
||||
```
|
||||
|
||||
### matrix_signing_key
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_signing_key: _unset_
|
||||
```
|
||||
|
||||
### matrix_suppress_key_server_warning
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_suppress_key_server_warning: false
|
||||
```
|
||||
|
||||
### matrix_tls_cert_path
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_tls_cert_path: '{{ matrix_base_dir }}/tls/certs/mycert.pem'
|
||||
```
|
||||
|
||||
### matrix_tls_cert_source
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_tls_cert_source: mycert.pem
|
||||
```
|
||||
|
||||
### matrix_tls_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_tls_enabled: false
|
||||
```
|
||||
|
||||
### matrix_tls_key_path
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_tls_key_path: '{{ matrix_base_dir }}/tls/private/mykey.pem'
|
||||
```
|
||||
|
||||
### matrix_tls_key_source
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_tls_key_source: mykey.pem
|
||||
```
|
||||
|
||||
### matrix_url_preview_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_url_preview_enabled: false
|
||||
```
|
||||
|
||||
### matrix_url_preview_max_spider_size
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_url_preview_max_spider_size: 10M
|
||||
```
|
||||
|
||||
### matrix_user
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_user: matrix
|
||||
```
|
||||
|
||||
### matrix_user_home
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_user_home: /home/{{ matrix_user }}
|
||||
```
|
||||
|
||||
### matrix_version
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_version: 1.52.0
|
||||
```
|
||||
|
||||
### matrix_virtualenv
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_virtualenv: '{{ matrix_base_dir }}/env'
|
||||
```
|
||||
|
||||
### matrix_virtualenv_command
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_virtualenv_command: /usr/bin/python3 -m venv
|
||||
```
|
||||
|
||||
### matrix_web_client_location
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
matrix_web_client_location: /path/to/web/root
|
||||
```
|
||||
|
||||
## Discovered Tags
|
||||
|
||||
tls_renewal
|
||||
:
|
||||
|
||||
|
||||
## Dependencies
|
||||
|
||||
None.
|
|
@ -1,29 +0,0 @@
|
|||
# Standards: 0.2
|
||||
---
|
||||
galaxy_info:
|
||||
# @meta author:value: [Robert Kaussow](https://gitea.rknet.org/xoxys)
|
||||
author: Robert Kaussow <mail@thegeeklab.de>
|
||||
namespace: xoxys
|
||||
role_name: matrix
|
||||
# @meta description: >
|
||||
# [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.matrix)
|
||||
# [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.matrix?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.matrix)
|
||||
# [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.matrix/src/branch/main/LICENSE)
|
||||
#
|
||||
# Setup a [matrix-synapse](https://github.com/matrix-org/synapse) chat server. Matrix is an
|
||||
# ambitious new ecosystem for open federated Instant Messaging and VoIP.
|
||||
# @end
|
||||
description: Setup a matrix-synapse chat server
|
||||
license: MIT
|
||||
min_ansible_version: 2.10
|
||||
platforms:
|
||||
- name: EL
|
||||
versions:
|
||||
- 7
|
||||
galaxy_tags:
|
||||
- matrix
|
||||
- synapse
|
||||
- chat
|
||||
dependencies: []
|
||||
collections:
|
||||
- community.general
|
12
setup.cfg
12
setup.cfg
|
@ -1,12 +0,0 @@
|
|||
[flake8]
|
||||
ignore = D100, D101, D102, D103, D105, D107, E402, W503
|
||||
max-line-length = 99
|
||||
inline-quotes = double
|
||||
exclude = .git,.tox,__pycache__,build,dist,tests,*.pyc,*.egg-info,.cache,.eggs,env*
|
||||
|
||||
[yapf]
|
||||
based_on_style = google
|
||||
column_limit = 99
|
||||
dedent_closing_brackets = true
|
||||
coalesce_brackets = true
|
||||
split_before_logical_operator = true
|
|
@ -1,76 +0,0 @@
|
|||
---
|
||||
- name: Prepare base folders
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
owner: "{{ matrix_user }}"
|
||||
group: "{{ matrix_user }}"
|
||||
mode: 0750
|
||||
loop:
|
||||
- "{{ matrix_base_dir }}"
|
||||
- "{{ matrix_conf_dir }}"
|
||||
- "{{ matrix_data_dir }}"
|
||||
- "{{ matrix_log_dir }}"
|
||||
become: True
|
||||
become_user: root
|
||||
|
||||
- block:
|
||||
- name: Upgrade python dependencies
|
||||
pip:
|
||||
name: "{{ item }}"
|
||||
virtualenv: "{{ matrix_virtualenv }}"
|
||||
virtualenv_command: "{{ matrix_virtualenv_command }}"
|
||||
extra_args: --upgrade
|
||||
loop:
|
||||
- pip
|
||||
- setuptools
|
||||
|
||||
- name: Install Synapse in virtualenv
|
||||
pip:
|
||||
name: matrix-synapse[all]
|
||||
version: "{{ matrix_version }}"
|
||||
virtualenv: "{{ matrix_virtualenv }}"
|
||||
virtualenv_command: "{{ matrix_virtualenv_command }}"
|
||||
notify: __matrix_restart
|
||||
|
||||
- name: Install ldap3 auth provider
|
||||
pip:
|
||||
name: "matrix-synapse-ldap3"
|
||||
virtualenv: "{{ matrix_virtualenv }}"
|
||||
virtualenv_command: "{{ matrix_virtualenv_command }}"
|
||||
when: matrix_ldap_auth_enabled | bool
|
||||
|
||||
- name: Deploy existing signing key
|
||||
copy:
|
||||
content: "{{ matrix_signing_key }}"
|
||||
dest: "{{ matrix_conf_dir }}/{{ matrix_server_url }}.signing.key"
|
||||
mode: 0600
|
||||
when: matrix_signing_key is defined
|
||||
|
||||
- name: Create new signing key if not provided
|
||||
shell: '{{ matrix_virtualenv }}/bin/python -c "from signedjson import key; file = open(''{{ matrix_conf_dir }}/{{ matrix_server_url }}.signing.key'',''w''); key.write_signing_keys(file, [key.generate_signing_key(''first'')]); file.close()"'
|
||||
args:
|
||||
creates: "{{ matrix_conf_dir }}/{{ matrix_server_url }}.signing.key"
|
||||
notify: __matrix_restart
|
||||
|
||||
- name: Deploy global config files
|
||||
template:
|
||||
src: "opt/matrix/config/{{ item }}.j2"
|
||||
dest: "{{ matrix_conf_dir }}/{{ item }}"
|
||||
mode: 0600
|
||||
loop:
|
||||
- "homeserver.yml"
|
||||
- "logging.config"
|
||||
notify: __matrix_restart
|
||||
become: True
|
||||
become_user: "{{ matrix_user }}"
|
||||
|
||||
- block:
|
||||
- name: Deploy systemd unit file
|
||||
template:
|
||||
src: "etc/systemd/system/matrix.service.j2"
|
||||
dest: "/etc/systemd/system/matrix.service"
|
||||
mode: 0644
|
||||
notify: __matrix_restart
|
||||
become: True
|
||||
become_user: root
|
|
@ -1,7 +0,0 @@
|
|||
---
|
||||
- include_tasks: prepare.yml
|
||||
- include_tasks: install.yml
|
||||
- import_tasks: tls.yml
|
||||
when: matrix_tls_enabled | bool
|
||||
tags: tls_renewal
|
||||
- include_tasks: post_tasks.yml
|
|
@ -1,9 +0,0 @@
|
|||
---
|
||||
- name: Ensure matrix service is up and running
|
||||
service:
|
||||
state: started
|
||||
daemon_reload: yes
|
||||
enabled: yes
|
||||
name: matrix
|
||||
become: True
|
||||
become_user: root
|
|
@ -1,22 +0,0 @@
|
|||
---
|
||||
- block:
|
||||
- name: Create group '{{ matrix_group }}'
|
||||
group:
|
||||
name: "{{ matrix_group }}"
|
||||
state: present
|
||||
|
||||
- name: Create user '{{ matrix_user }}'
|
||||
user:
|
||||
comment: matrix
|
||||
name: "{{ matrix_user }}"
|
||||
home: "{{ matrix_user_home }}"
|
||||
group: "{{ matrix_group }}"
|
||||
groups: "{{ matrix_extra_groups | join(',') }}"
|
||||
|
||||
- name: Install dependencies
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
loop: "{{ matrix_packages_extra + matrix_packages }}"
|
||||
become: True
|
||||
become_user: root
|
|
@ -1,33 +0,0 @@
|
|||
---
|
||||
- block:
|
||||
- name: Create tls folder structure
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
owner: "{{ matrix_user }}"
|
||||
group: "{{ matrix_group }}"
|
||||
recurse: True
|
||||
loop:
|
||||
- "{{ matrix_tls_cert_path | dirname }}"
|
||||
- "{{ matrix_tls_key_path | dirname }}"
|
||||
become: True
|
||||
become_user: root
|
||||
|
||||
- block:
|
||||
- name: Copy certs and private key
|
||||
copy:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
mode: "{{ item.mode }}"
|
||||
loop:
|
||||
- src: "{{ matrix_tls_key_source }}"
|
||||
dest: "{{ matrix_tls_key_path }}"
|
||||
mode: "0600"
|
||||
- src: "{{ matrix_tls_cert_source }}"
|
||||
dest: "{{ matrix_tls_cert_path }}"
|
||||
mode: "0650"
|
||||
loop_control:
|
||||
label: "{{ item.dest }}"
|
||||
notify: __matrix_restart
|
||||
become: True
|
||||
become_user: "{{ matrix_user }}"
|
|
@ -1,18 +0,0 @@
|
|||
#jinja2: lstrip_blocks: True
|
||||
{{ ansible_managed | comment }}
|
||||
[Unit]
|
||||
Description=Synapse Matrix homeserver
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Restart={{ matrix_restart_policy }}
|
||||
|
||||
User={{ matrix_user }}
|
||||
Group={{ matrix_group }}
|
||||
WorkingDirectory={{ matrix_base_dir }}
|
||||
|
||||
ExecStart={{ matrix_base_dir }}/env/bin/python -m synapse.app.homeserver --config-path={{ matrix_conf_dir }}/homeserver.yml
|
||||
SyslogIdentifier=matrix-synapse
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,223 +0,0 @@
|
|||
#jinja2: lstrip_blocks: True
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
## Server ##
|
||||
server_name: "{{ matrix_server_url }}"
|
||||
pid_file: /var/run/homeserver.pid
|
||||
public_baseurl: "{{ matrix_client_url }}"
|
||||
|
||||
presence:
|
||||
enabled: {{ matrix_presence_enabled | bool | lower }}
|
||||
|
||||
require_auth_for_profile_requests: false
|
||||
allow_public_rooms_without_auth: true
|
||||
allow_public_rooms_over_federation: true
|
||||
matrix_default_room_version: "{{ matrix_default_room_version }}"
|
||||
filter_timeline_limit: {{ matrix_filter_timeline_limit }}
|
||||
block_non_admin_invites: false
|
||||
enable_search: true
|
||||
|
||||
listeners:
|
||||
{% if matrix_https_bind_addresses is defined and matrix_https_bind_addresses | length > 0 %}
|
||||
- type: http
|
||||
port: {{ matrix_https_bind_port }}
|
||||
bind_addresses:
|
||||
{{ matrix_https_bind_addresses | to_nice_yaml | indent(6) }}
|
||||
{% if matrix_tls_enabled %}
|
||||
tls: true
|
||||
{% endif %}
|
||||
x_forwarded: false
|
||||
|
||||
resources:
|
||||
- names: [client, federation]
|
||||
compress: false
|
||||
{% endif %}
|
||||
{% if matrix_http_bind_addresses is defined and matrix_http_bind_addresses | length > 0 %}
|
||||
|
||||
- type: http
|
||||
port: {{ matrix_http_bind_port }}
|
||||
tls: false
|
||||
bind_addresses:
|
||||
{{ matrix_http_bind_addresses | to_nice_yaml | indent(6) }}
|
||||
x_forwarded: true
|
||||
|
||||
resources:
|
||||
- names: [client, federation]
|
||||
compress: false
|
||||
{% endif %}
|
||||
{% if matrix_tls_enabled %}
|
||||
|
||||
## TLS ##
|
||||
tls_certificate_path: "{{ matrix_tls_cert_path }}"
|
||||
tls_private_key_path: "{{ matrix_tls_key_path }}"
|
||||
|
||||
federation_verify_certificates: true
|
||||
federation_client_minimum_tls_version: 1.2
|
||||
federation_certificate_verification_whitelist: []
|
||||
{% endif %}
|
||||
|
||||
## Caching ##
|
||||
event_cache_size: "{{ matrix_event_cache_size }}"
|
||||
caches:
|
||||
global_factor: {{ matrix_caches_global_factor }}
|
||||
|
||||
## Database ##
|
||||
database:
|
||||
{% if matrix_db_type == "pgsql" %}
|
||||
name: psycopg2
|
||||
txn_limit: {{ matrix_db_txn_limit }}
|
||||
args:
|
||||
user: {{ matrix_db_user }}
|
||||
password: {{ matrix_db_password }}
|
||||
dbname: {{ matrix_db_name }}
|
||||
host: {{ matrix_db_server }}
|
||||
port: {{ matrix_db_port }}
|
||||
sslmode: {{ matrix_db_ssl_mode }}
|
||||
sslrootcert: {{ matrix_db_ssl_root_cert }}
|
||||
cp_min: 5
|
||||
cp_max: 10
|
||||
{% else %}
|
||||
name: "sqlite3"
|
||||
args:
|
||||
database: "{{ matrix_data_dir }}/homeserver.db"
|
||||
{% endif %}
|
||||
|
||||
## Logging ##
|
||||
|
||||
# A yaml python logging config file
|
||||
log_config: "{{ matrix_conf_dir }}/logging.config"
|
||||
|
||||
## Ratelimiting ##
|
||||
rc_message:
|
||||
per_second: 0.2
|
||||
burst_count: 10
|
||||
|
||||
rc_registration:
|
||||
per_second: 0.17
|
||||
burst_count: 3
|
||||
|
||||
rc_login:
|
||||
address:
|
||||
per_second: {{ matrix_rc_login_address.per_second | default(0.17) }}
|
||||
burst_count: {{ matrix_rc_login_address.burst_count | default(3) }}
|
||||
account:
|
||||
per_second: {{ matrix_rc_login_account.per_second | default(0.17) }}
|
||||
burst_count: {{ matrix_rc_login_account.burst_count | default(3) }}
|
||||
failed_attempts:
|
||||
per_second: 0.17
|
||||
burst_count: 3
|
||||
|
||||
rc_federation:
|
||||
window_size: 1000
|
||||
sleep_limit: 10
|
||||
sleep_delay: 500
|
||||
reject_limit: 50
|
||||
concurrent: 3
|
||||
|
||||
## Media Store ##
|
||||
media_store_path: "{{ matrix_data_dir }}/media_store"
|
||||
max_upload_size: 10M
|
||||
max_image_pixels: 32M
|
||||
dynamic_thumbnails: false
|
||||
thumbnail_sizes:
|
||||
- width: 32
|
||||
height: 32
|
||||
method: crop
|
||||
- width: 96
|
||||
height: 96
|
||||
method: crop
|
||||
- width: 320
|
||||
height: 240
|
||||
method: scale
|
||||
- width: 640
|
||||
height: 480
|
||||
method: scale
|
||||
- width: 800
|
||||
height: 600
|
||||
method: scale
|
||||
|
||||
url_preview_enabled: {{ 'true' if matrix_url_preview_enabled else 'false' }}
|
||||
|
||||
{% if matrix_url_preview_ip_blacklist is defined %}
|
||||
url_preview_ip_range_blacklist:
|
||||
{{ matrix_url_preview_ip_blacklist | to_nice_yaml | indent(2) }}
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_url_preview_url_blacklist is defined %}
|
||||
url_preview_url_blacklist:
|
||||
{{ matrix_url_preview_url_blacklist | to_nice_yaml | indent(2) }}
|
||||
{% endif %}
|
||||
|
||||
max_spider_size: "{{ matrix_url_preview_max_spider_size }}"
|
||||
|
||||
## Captcha ##
|
||||
enable_registration_captcha: false
|
||||
|
||||
## Registration ##
|
||||
enable_registration: false
|
||||
bcrypt_rounds: 12
|
||||
allow_guest_access: false
|
||||
default_identity_server: https://matrix.org
|
||||
|
||||
## Metrics ###
|
||||
enable_metrics: false
|
||||
report_stats: false
|
||||
|
||||
## API Configuration ##
|
||||
macaroon_secret_key: "{{ matrix_macaroon_secret_key }}"
|
||||
form_secret: "{{ matrix_form_secret }}"
|
||||
|
||||
## Signing Keys ##
|
||||
signing_key_path: "{{ matrix_conf_dir }}/{{ matrix_server_url }}.signing.key"
|
||||
key_refresh_interval: 1d
|
||||
|
||||
suppress_key_server_warning: {{ matrix_suppress_key_server_warning | bool | lower }}
|
||||
trusted_key_servers:
|
||||
- server_name: "matrix.org"
|
||||
|
||||
password_config:
|
||||
enabled: true
|
||||
{% if matrix_ldap_auth_enabled %}
|
||||
|
||||
password_providers:
|
||||
- module: "ldap_auth_provider.LdapAuthProvider"
|
||||
config:
|
||||
enabled: true
|
||||
uri: "{{ matrix_ldap_auth_server }}"
|
||||
start_tls: "{{ matrix_ldap_auth_use_starttls }}"
|
||||
base: "{{ matrix_ldap_auth_basedn }}"
|
||||
attributes:
|
||||
uid: "{{ matrix_ldap_auth_uid_attr }}"
|
||||
mail: "{{ matrix_ldap_auth_mail_attr }}"
|
||||
name: "{{ matrix_ldap_auth_name_attr }}"
|
||||
{% if matrix_ldap_auth_binddn is defined %}
|
||||
bind_dn: "{{ matrix_ldap_auth_binddn }}"
|
||||
{% endif %}
|
||||
{% if matrix_ldap_auth_bind_password is defined %}
|
||||
bind_password: "{{ matrix_ldap_auth_bind_password }}"
|
||||
{% endif %}
|
||||
{% if matrix_ldap_auth_filter is defined %}
|
||||
filter: "{{ matrix_ldap_auth_filter }}"
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
## Rooms ##
|
||||
enable_group_creation: false
|
||||
enable_room_list_search: true
|
||||
|
||||
alias_creation_rules:
|
||||
- user_id: "*"
|
||||
alias: "*"
|
||||
room_id: "*"
|
||||
action: allow
|
||||
|
||||
room_list_publication_rules:
|
||||
- user_id: "*"
|
||||
alias: "*"
|
||||
room_id: "*"
|
||||
action: allow
|
||||
|
||||
## Opentracing ##
|
||||
|
||||
opentracing:
|
||||
enabled: false
|
|
@ -1,47 +0,0 @@
|
|||
#jinja2: lstrip_blocks: True
|
||||
{{ ansible_managed | comment }}
|
||||
version: 1
|
||||
|
||||
formatters:
|
||||
precise:
|
||||
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
|
||||
|
||||
filters:
|
||||
context:
|
||||
(): synapse.util.logcontext.LoggingContextFilter
|
||||
request: ""
|
||||
|
||||
handlers:
|
||||
file:
|
||||
class: logging.handlers.RotatingFileHandler
|
||||
formatter: precise
|
||||
filename: {{ matrix_log_dir }}/homeserver.log
|
||||
maxBytes: 104857600
|
||||
backupCount: 10
|
||||
filters: [context]
|
||||
encoding: utf8
|
||||
console:
|
||||
class: logging.StreamHandler
|
||||
formatter: precise
|
||||
filters: [context]
|
||||
|
||||
loggers:
|
||||
synapse:
|
||||
level: {{ matrix_log_synapse_level }}
|
||||
|
||||
synapse.storage.SQL:
|
||||
# beware: increasing this to DEBUG will make synapse log sensitive
|
||||
# information such as access tokens.
|
||||
level: {{ matrix_log_synapse_sql_level }}
|
||||
{% if matrix_ldap_auth_enabled %}
|
||||
|
||||
ldap3:
|
||||
level: {{ matrix_log_ldap_level }}
|
||||
|
||||
ldap_auth_provider:
|
||||
level: {{ matrix_log_ldap_auth_level }}
|
||||
{% endif %}
|
||||
|
||||
root:
|
||||
level: {{ matrix_log_root_level }}
|
||||
handlers: [file, console]
|
Loading…
Reference in New Issue