diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 451480afe..f7536c848 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -162,6 +162,8 @@ matrix_homeserver_container_extra_arguments_auto: | + (['--mount type=bind,src=' + matrix_sms_bridge_config_path + '/registration.yaml,dst=/matrix-sms-bridge-registration.yaml,ro'] if matrix_sms_bridge_enabled else []) + + (['--mount type=bind,src=' + matrix_steam_bridge_config_path + '/registration.yaml,dst=/matrix-steam-bridge-registration.yaml,ro'] if matrix_steam_bridge_enabled else []) + + (['--mount type=bind,src=' + matrix_cactus_comments_app_service_config_file + ',dst=/matrix-cactus-comments.yaml,ro'] if matrix_cactus_comments_enabled else []) }} @@ -236,6 +238,8 @@ matrix_homeserver_app_service_config_files_auto: | (['/matrix-sms-bridge-registration.yaml'] if matrix_sms_bridge_enabled else []) + (['/matrix-cactus-comments.yaml'] if matrix_cactus_comments_enabled else []) + + + (['/matrix-steam-bridge-registration.yaml'] if matrix_steam_bridge_enabled else []) }} matrix_addons_homeserver_container_network: "{{ matrix_playbook_reverse_proxy_container_network if matrix_playbook_internal_matrix_client_api_traefik_entrypoint_enabled else matrix_homeserver_container_network }}" @@ -381,6 +385,8 @@ devture_systemd_service_manager_services_list_auto: | + ([{'name': 'matrix-sms-bridge.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'sms']}] if matrix_sms_bridge_enabled else []) + + ([{'name': 'matrix-bridge-steam.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mx-puppet-steam']}] if matrix_mx_puppet_steam_enabled else []) + + ([{'name': 'matrix-cactus-comments.service', 'priority': 2000, 'groups': ['matrix', 'cactus-comments']}] if matrix_cactus_comments_enabled else []) + ([{'name': 'matrix-cactus-comments-client.service', 'priority': 2000, 'groups': ['matrix', 'cactus-comments-client']}] if matrix_cactus_comments_client_enabled else []) @@ -2738,6 +2744,78 @@ matrix_postmoogle_container_additional_networks_auto: |- # ###################################################################### +###################################################################### +# +# matrix-bridge-steam +# +###################################################################### + +# We don't enable bridges by default. +matrix_bridge_steam_enabled: false + +matrix_bridge_steam_systemd_required_services_list_auto: | + {{ + matrix_addons_homeserver_systemd_services_list + + + ([postgres_identifier ~ '.service'] if (postgres_enabled and matrix_bridge_steam_database_hostname == postgres_connection_hostname) else []) + }} + +matrix_bridge_steam_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_bridge_steam_docker_image_registry_prefix_upstream_default }}" + +matrix_bridge_steam_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" + +matrix_bridge_steam_container_network: "{{ matrix_addons_container_network }}" + +matrix_bridge_steam_container_additional_networks_auto: |- + {{ + ( + ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) + + + ([postgres_container_network] if (postgres_enabled and matrix_bridge_steam_database_hostname == postgres_connection_hostname and matrix_bridge_steam_container_network != postgres_container_network) else []) + + + ([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network and matrix_bridge_steam_container_labels_traefik_enabled else []) + ) | unique + }} + +matrix_bridge_steam_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}" +matrix_bridge_steam_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}" +matrix_bridge_steam_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}" +matrix_bridge_steam_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" + +matrix_bridge_steam_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}" +matrix_bridge_steam_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}" + +matrix_bridge_steam_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'steam.as.token', rounds=655555) | to_uuid }}" + +matrix_bridge_steam_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}" +matrix_bridge_steam_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'steam.hs.token', rounds=655555) | to_uuid }}" + +matrix_bridge_steam_provisioning_shared_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'steam.prov', rounds=655555) | to_uuid }}" + +matrix_bridge_steam_double_puppet_secrets_auto: |- + {{ + ({ + matrix_bridge_steam_homeserver_domain: ("as_token:" + matrix_appservice_double_puppet_registration_as_token) + }) + if matrix_appservice_double_puppet_enabled + else {} + }} + +matrix_bridge_steam_metrics_enabled: "{{ prometheus_enabled or matrix_metrics_exposure_enabled }}" + +matrix_bridge_steam_metrics_proxying_enabled: "{{ matrix_bridge_steam_metrics_enabled and matrix_metrics_exposure_enabled }}" +matrix_bridge_steam_metrics_proxying_hostname: "{{ matrix_metrics_exposure_hostname }}" +matrix_bridge_steam_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_path_prefix }}/mautrix-bluesky" + +matrix_bridge_steam_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}" +matrix_bridge_steam_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.twt.db', rounds=655555) | to_uuid if postgres_enabled else '' }}" + +###################################################################### +# +# /matrix-bridge-steam +# +###################################################################### + ###################################################################### # # matrix-bot-matrix-reminder-bot @@ -4367,6 +4445,12 @@ postgres_managed_databases_auto: | 'password': matrix_mx_puppet_groupme_database_password, }] if (matrix_mx_puppet_groupme_enabled and matrix_mx_puppet_groupme_database_engine == 'postgres' and matrix_mx_puppet_groupme_database_hostname == postgres_connection_hostname) else []) + + ([{ + 'name': matrix_bridge_steam_database_name, + 'username': matrix_bridge_steam_database_username, + 'password': matrix_bridge_steam_database_password, + }] if (matrix_bridge_steam_enabled and matrix_bridge_steam_database_engine == 'postgres' and matrix_bridge_steam_database_hostname == postgres_connection_hostname) else []) + + ([{ 'name': matrix_dimension_database_name, 'username': matrix_dimension_database_username, @@ -5282,6 +5366,12 @@ matrix_synapse_admin_config_asManagedUsers_auto: | '^@'+(matrix_wechat_appservice_bot_username | default('') | regex_escape)+':'+(matrix_domain | regex_escape)+'$', '^@_wechat_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$', ] if matrix_wechat_enabled else []) + + + ([ + '^@'+(matrix_bridge_steam_appservice_bot_username | default('') | regex_escape)+':'+(matrix_domain | regex_escape)+'$', + '^@bluesky_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$', + ] if matrix_bridge_steam_enabled else []) + + }} ###################################################################### diff --git a/setup.yml b/setup.yml index 76aa726a4..c83fade82 100644 --- a/setup.yml +++ b/setup.yml @@ -84,6 +84,7 @@ - custom/matrix-bridge-mx-puppet-instagram - custom/matrix-bridge-postmoogle - custom/matrix-bridge-sms + - custom/matrix-bridge-steam - custom/matrix-bridge-heisenbridge - custom/matrix-bridge-hookshot - custom/matrix-bot-matrix-reminder-bot