mirror of
				https://github.com/spantaleev/matrix-docker-ansible-deploy.git
				synced 2025-10-26 10:03:25 +00:00 
			
		
		
		
	Merge remote-tracking branch 'github/master'
This commit is contained in:
		| @@ -4,7 +4,7 @@ | |||||||
| matrix_mautrix_telegram_enabled: true | matrix_mautrix_telegram_enabled: true | ||||||
|  |  | ||||||
| # See: https://mau.dev/tulir/mautrix-telegram/container_registry | # See: https://mau.dev/tulir/mautrix-telegram/container_registry | ||||||
| matrix_mautrix_telegram_docker_image: "dock.mau.dev/tulir/mautrix-telegram:v0.8.2" | matrix_mautrix_telegram_docker_image: "dock.mau.dev/tulir/mautrix-telegram:v0.9.0" | ||||||
| matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}" | matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}" | ||||||
|  |  | ||||||
| matrix_mautrix_telegram_base_path: "{{ matrix_base_data_path }}/mautrix-telegram" | matrix_mautrix_telegram_base_path: "{{ matrix_base_data_path }}/mautrix-telegram" | ||||||
|   | |||||||
| @@ -51,7 +51,7 @@ matrix_jitsi_jibri_recorder_password: '' | |||||||
|  |  | ||||||
| matrix_jitsi_enable_lobby: false | matrix_jitsi_enable_lobby: false | ||||||
|  |  | ||||||
| matrix_jitsi_container_image_tag: "stable-5142" | matrix_jitsi_container_image_tag: "stable-4857" | ||||||
|  |  | ||||||
| matrix_jitsi_web_docker_image: "docker.io/jitsi/web:{{ matrix_jitsi_container_image_tag }}" | matrix_jitsi_web_docker_image: "docker.io/jitsi/web:{{ matrix_jitsi_container_image_tag }}" | ||||||
| matrix_jitsi_web_docker_image_force_pull: "{{ matrix_jitsi_web_docker_image.endswith(':latest') }}" | matrix_jitsi_web_docker_image_force_pull: "{{ matrix_jitsi_web_docker_image.endswith(':latest') }}" | ||||||
|   | |||||||
| @@ -24,7 +24,7 @@ | |||||||
|   docker_image: |   docker_image: | ||||||
|     name: "{{ matrix_synapse_admin_docker_image }}" |     name: "{{ matrix_synapse_admin_docker_image }}" | ||||||
|     source: build |     source: build | ||||||
|     force_source: "{{ matrix_synapse_admin_git_pull_results }}" |     force_source: "{{ matrix_synapse_admin_git_pull_results.changed }}" | ||||||
|     build: |     build: | ||||||
|       dockerfile: Dockerfile |       dockerfile: Dockerfile | ||||||
|       path: "{{ matrix_synapse_admin_docker_src_files_path }}" |       path: "{{ matrix_synapse_admin_docker_src_files_path }}" | ||||||
|   | |||||||
| @@ -5,7 +5,7 @@ matrix_synapse_enabled: true | |||||||
|  |  | ||||||
| matrix_synapse_container_image_self_build: false | matrix_synapse_container_image_self_build: false | ||||||
|  |  | ||||||
| matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:v1.22.1" | matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:v1.23.0" | ||||||
| matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else 'docker.io/' }}" | matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else 'docker.io/' }}" | ||||||
| matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" | matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" | ||||||
|  |  | ||||||
| @@ -59,7 +59,7 @@ matrix_synapse_systemd_required_services_list: ['docker.service'] | |||||||
| # List of systemd services that matrix-synapse.service wants | # List of systemd services that matrix-synapse.service wants | ||||||
| matrix_synapse_systemd_wanted_services_list: [] | matrix_synapse_systemd_wanted_services_list: [] | ||||||
|  |  | ||||||
| matrix_synapse_in_container_python_packages_path: "/usr/local/lib/python3.7/site-packages" | matrix_synapse_in_container_python_packages_path: "/usr/local/lib/python3.8/site-packages" | ||||||
|  |  | ||||||
| # Specifies which template files to use when configuring Synapse. | # Specifies which template files to use when configuring Synapse. | ||||||
| # If you'd like to have your own different configuration, feel free to copy and paste | # If you'd like to have your own different configuration, feel free to copy and paste | ||||||
|   | |||||||
| @@ -1482,10 +1482,8 @@ trusted_key_servers: {{ matrix_synapse_trusted_key_servers|to_json }} | |||||||
|  |  | ||||||
| ## Single sign-on integration ## | ## Single sign-on integration ## | ||||||
|  |  | ||||||
| # Enable SAML2 for registration and login. Uses pysaml2. | # The following settings can be used to make Synapse use a single sign-on | ||||||
| # | # provider for authentication, instead of its internal password database. | ||||||
| # At least one of `sp_config` or `config_path` must be set in this section to |  | ||||||
| # enable SAML login. |  | ||||||
| # | # | ||||||
| # You will probably also want to set the following options to `false` to | # You will probably also want to set the following options to `false` to | ||||||
| # disable the regular login/registration flows: | # disable the regular login/registration flows: | ||||||
| @@ -1494,6 +1492,11 @@ trusted_key_servers: {{ matrix_synapse_trusted_key_servers|to_json }} | |||||||
| # | # | ||||||
| # You will also want to investigate the settings under the "sso" configuration | # You will also want to investigate the settings under the "sso" configuration | ||||||
| # section below. | # section below. | ||||||
|  |  | ||||||
|  | # Enable SAML2 for registration and login. Uses pysaml2. | ||||||
|  | # | ||||||
|  | # At least one of `sp_config` or `config_path` must be set in this section to | ||||||
|  | # enable SAML login. | ||||||
| # | # | ||||||
| # Once SAML support is enabled, a metadata file will be exposed at | # Once SAML support is enabled, a metadata file will be exposed at | ||||||
| # https://<server>:<port>/_matrix/saml2/metadata.xml, which you may be able to | # https://<server>:<port>/_matrix/saml2/metadata.xml, which you may be able to | ||||||
| @@ -1509,35 +1512,59 @@ saml2_config: | |||||||
|   # so it is not normally necessary to specify them unless you need to |   # so it is not normally necessary to specify them unless you need to | ||||||
|   # override them. |   # override them. | ||||||
|   # |   # | ||||||
|   #sp_config: |   sp_config: | ||||||
|   #  # point this to the IdP's metadata. You can use either a local file or |     # Point this to the IdP's metadata. You must provide either a local | ||||||
|   #  # (preferably) a URL. |     # file via the `local` attribute or (preferably) a URL via the | ||||||
|  |     # `remote` attribute. | ||||||
|  |     # | ||||||
|     #metadata: |     #metadata: | ||||||
|   #    #local: ["saml2/idp.xml"] |     #  local: ["saml2/idp.xml"] | ||||||
|     #  remote: |     #  remote: | ||||||
|     #    - url: https://our_idp/metadata.xml |     #    - url: https://our_idp/metadata.xml | ||||||
|  |  | ||||||
|  |     # By default, the user has to go to our login page first. If you'd like | ||||||
|  |     # to allow IdP-initiated login, set 'allow_unsolicited: true' in a | ||||||
|  |     # 'service.sp' section: | ||||||
|     # |     # | ||||||
|   #  # By default, the user has to go to our login page first. If you'd like |     #service: | ||||||
|   #  # to allow IdP-initiated login, set 'allow_unsolicited: true' in a |     #  sp: | ||||||
|   #  # 'service.sp' section: |     #    allow_unsolicited: true | ||||||
|   #  # |  | ||||||
|   #  #service: |     # The examples below are just used to generate our metadata xml, and you | ||||||
|   #  #  sp: |     # may well not need them, depending on your setup. Alternatively you | ||||||
|   #  #    allow_unsolicited: true |     # may need a whole lot more detail - see the pysaml2 docs! | ||||||
|   # |  | ||||||
|   #  # The examples below are just used to generate our metadata xml, and you |  | ||||||
|   #  # may well not need them, depending on your setup. Alternatively you |  | ||||||
|   #  # may need a whole lot more detail - see the pysaml2 docs! |  | ||||||
|   # |  | ||||||
|     #description: ["My awesome SP", "en"] |     #description: ["My awesome SP", "en"] | ||||||
|     #name: ["Test SP", "en"] |     #name: ["Test SP", "en"] | ||||||
|   # |  | ||||||
|  |     #ui_info: | ||||||
|  |     #  display_name: | ||||||
|  |     #    - lang: en | ||||||
|  |     #      text: "Display Name is the descriptive name of your service." | ||||||
|  |     #  description: | ||||||
|  |     #    - lang: en | ||||||
|  |     #      text: "Description should be a short paragraph explaining the purpose of the service." | ||||||
|  |     #  information_url: | ||||||
|  |     #    - lang: en | ||||||
|  |     #      text: "https://example.com/terms-of-service" | ||||||
|  |     #  privacy_statement_url: | ||||||
|  |     #    - lang: en | ||||||
|  |     #      text: "https://example.com/privacy-policy" | ||||||
|  |     #  keywords: | ||||||
|  |     #    - lang: en | ||||||
|  |     #      text: ["Matrix", "Element"] | ||||||
|  |     #  logo: | ||||||
|  |     #    - lang: en | ||||||
|  |     #      text: "https://example.com/logo.svg" | ||||||
|  |     #      width: "200" | ||||||
|  |     #      height: "80" | ||||||
|  |  | ||||||
|     #organization: |     #organization: | ||||||
|     #  name: Example com |     #  name: Example com | ||||||
|     #  display_name: |     #  display_name: | ||||||
|     #    - ["Example co", "en"] |     #    - ["Example co", "en"] | ||||||
|     #  url: "http://example.com" |     #  url: "http://example.com" | ||||||
|   # |  | ||||||
|     #contact_person: |     #contact_person: | ||||||
|     #  - given_name: Bob |     #  - given_name: Bob | ||||||
|     #    sur_name: "the Sysadmin" |     #    sur_name: "the Sysadmin" | ||||||
| @@ -1617,37 +1644,11 @@ saml2_config: | |||||||
|   #  - attribute: department |   #  - attribute: department | ||||||
|   #    value: "sales" |   #    value: "sales" | ||||||
|  |  | ||||||
|   # Directory in which Synapse will try to find the template files below. |  | ||||||
|   # If not set, default templates from within the Synapse package will be used. |  | ||||||
|   # |  | ||||||
|   # DO NOT UNCOMMENT THIS SETTING unless you want to customise the templates. |  | ||||||
|   # If you *do* uncomment it, you will need to make sure that all the templates |  | ||||||
|   # below are in the directory. |  | ||||||
|   # |  | ||||||
|   # Synapse will look for the following templates in this directory: |  | ||||||
|   # |  | ||||||
|   # * HTML page to display to users if something goes wrong during the |  | ||||||
|   #   authentication process: 'saml_error.html'. |  | ||||||
|   # |  | ||||||
|   #   When rendering, this template is given the following variables: |  | ||||||
|   #     * code: an HTML error code corresponding to the error that is being |  | ||||||
|   #       returned (typically 400 or 500) |  | ||||||
|   # |  | ||||||
|   #     * msg: a textual message describing the error. |  | ||||||
|   # |  | ||||||
|   #   The variables will automatically be HTML-escaped. |  | ||||||
|   # |  | ||||||
|   # You can see the default templates at: |  | ||||||
|   # https://github.com/matrix-org/synapse/tree/master/synapse/res/templates |  | ||||||
|   # |  | ||||||
|   #template_dir: "res/templates" |  | ||||||
|  |  | ||||||
|  | # Enable OpenID Connect (OIDC) / OAuth 2.0 for registration and login. | ||||||
| # OpenID Connect integration. The following settings can be used to make Synapse |  | ||||||
| # use an OpenID Connect Provider for authentication, instead of its internal |  | ||||||
| # password database. |  | ||||||
| # | # | ||||||
| # See https://github.com/matrix-org/synapse/blob/master/docs/openid.md. | # See https://github.com/matrix-org/synapse/blob/master/docs/openid.md | ||||||
|  | # for some example configurations. | ||||||
| # | # | ||||||
| oidc_config: | oidc_config: | ||||||
|   # Uncomment the following to enable authorization against an OpenID Connect |   # Uncomment the following to enable authorization against an OpenID Connect | ||||||
| @@ -1770,17 +1771,47 @@ oidc_config: | |||||||
|       # |       # | ||||||
|       #display_name_template: "{% raw %}{{ user.given_name }} {{ user.last_name }}{% endraw %}" |       #display_name_template: "{% raw %}{{ user.given_name }} {{ user.last_name }}{% endraw %}" | ||||||
|  |  | ||||||
|  |       # Jinja2 templates for extra attributes to send back to the client during | ||||||
|  |       # login. | ||||||
| # Enable CAS for registration and login. |       # | ||||||
|  |       # Note that these are non-standard and clients will ignore them without modifications. | ||||||
|  |       # | ||||||
|  |       #extra_attributes: | ||||||
|  |         #birthdate: "{% raw %}{{ user.birthdate }}{% endraw %}" | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # Enable Central Authentication Service (CAS) for registration and login. | ||||||
|  | # | ||||||
|  | cas_config: | ||||||
|  |   # Uncomment the following to enable authorization against a CAS server. | ||||||
|  |   # Defaults to false. | ||||||
|   # |   # | ||||||
| #cas_config: |  | ||||||
|   #enabled: true |   #enabled: true | ||||||
|  |  | ||||||
|  |   # The URL of the CAS authorization endpoint. | ||||||
|  |   # | ||||||
|   #server_url: "https://cas-server.com" |   #server_url: "https://cas-server.com" | ||||||
|  |  | ||||||
|  |   # The public URL of the homeserver. | ||||||
|  |   # | ||||||
|   #service_url: "https://homeserver.domain.com:8448" |   #service_url: "https://homeserver.domain.com:8448" | ||||||
| #   #displayname_attribute: name |  | ||||||
| #   #required_attributes: |   # The attribute of the CAS response to use as the display name. | ||||||
| #   #    name: value |   # | ||||||
|  |   # If unset, no displayname will be set. | ||||||
|  |   # | ||||||
|  |   #displayname_attribute: name | ||||||
|  |  | ||||||
|  |   # It is possible to configure Synapse to only allow logins if CAS attributes | ||||||
|  |   # match particular values. All of the keys in the mapping below must exist | ||||||
|  |   # and the values must match the given value. Alternately if the given value | ||||||
|  |   # is None then any value is allowed (the attribute just must exist). | ||||||
|  |   # All of the listed attributes must match for the login to be permitted. | ||||||
|  |   # | ||||||
|  |   #required_attributes: | ||||||
|  |   #  userGroup: "staff" | ||||||
|  |   #  department: None | ||||||
|  |  | ||||||
|  |  | ||||||
| # Additional settings to use with single-sign on systems such as OpenID Connect, | # Additional settings to use with single-sign on systems such as OpenID Connect, | ||||||
| @@ -1880,7 +1911,7 @@ sso: | |||||||
| # and issued at ("iat") claims are validated if present. | # and issued at ("iat") claims are validated if present. | ||||||
| # | # | ||||||
| # Note that this is a non-standard login type and client support is | # Note that this is a non-standard login type and client support is | ||||||
| # expected to be non-existant. | # expected to be non-existent. | ||||||
| # | # | ||||||
| # See https://github.com/matrix-org/synapse/blob/master/docs/jwt.md. | # See https://github.com/matrix-org/synapse/blob/master/docs/jwt.md. | ||||||
| # | # | ||||||
| @@ -2411,7 +2442,7 @@ alias_creation_rules: {{ matrix_synapse_alias_creation_rules|to_json }} | |||||||
| # | # | ||||||
| # Options for the rules include: | # Options for the rules include: | ||||||
| # | # | ||||||
| #   user_id: Matches agaisnt the creator of the alias | #   user_id: Matches against the creator of the alias | ||||||
| #   room_id: Matches against the room ID being published | #   room_id: Matches against the room ID being published | ||||||
| #   alias: Matches against any current local or canonical aliases | #   alias: Matches against any current local or canonical aliases | ||||||
| #            associated with the room | #            associated with the room | ||||||
| @@ -2459,7 +2490,7 @@ opentracing: | |||||||
|     # This is a list of regexes which are matched against the server_name of the |     # This is a list of regexes which are matched against the server_name of the | ||||||
|     # homeserver. |     # homeserver. | ||||||
|     # |     # | ||||||
|     # By defult, it is empty, so no servers are matched. |     # By default, it is empty, so no servers are matched. | ||||||
|     # |     # | ||||||
|     #homeserver_whitelist: |     #homeserver_whitelist: | ||||||
|     #  - ".*" |     #  - ".*" | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user