3
0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2025-10-24 09:03:24 +00:00

Merge remote-tracking branch 'upstream/master' into gomatrixhosting-testing

This commit is contained in:
PC-Admin
2021-10-19 17:48:23 +08:00
23 changed files with 743 additions and 24 deletions

View File

@@ -1,3 +1,14 @@
# 2021-10-23
## Hangouts bridge no longer updated, superseded by a Googlechat bridge
The mautrix-hangouts bridge is no longer receiving updates upstream and is likely to stop working in the future.
We still retain support for this bridge in the playbook, but you're encouraged to switch away from it.
There's a new [mautrix-googlechat](https://github.com/mautrix/googlechat) bridge that you can [install using the playbook](docs/configuring-playbook-bridge-mautrix-googlechat.md).
Your **Hangouts bridge data will not be migrated**, however. You need to start fresh with the new bridge.
# 2021-08-23
## LinkedIn bridging support via beeper-linkedin

View File

@@ -53,6 +53,8 @@ Using this playbook, you can get the following services configured on your serve
- (optional) the [mautrix-hangouts](https://github.com/mautrix/hangouts) bridge for bridging your Matrix server to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts)
- (optional) the [mautrix-googlechat](https://github.com/mautrix/googlechat) bridge for bridging your Matrix server to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat)
- (optional) the [mautrix-instagram](https://github.com/mautrix/instagram) bridge for bridging your Matrix server to [Instagram](https://instagram.com/)
- (optional) the [mautrix-signal](https://github.com/mautrix/signal) bridge for bridging your Matrix server to [Signal](https://www.signal.org/)

View File

@@ -0,0 +1,58 @@
# Setting up Mautrix Google Chat (optional)
The playbook can install and configure [mautrix-googlechat](https://github.com/mautrix/googlechat) for you.
See the project's [documentation](https://docs.mau.fi/bridges/python/googlechat/index.html) to learn what it does and why it might be useful to you.
To enable the [Google Chat](https://chat.google.com/) bridge just use the following playbook configuration:
```yaml
matrix_mautrix_googlechat_enabled: true
```
## Set up Double Puppeting
If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it.
### Method 1: automatically, by enabling Shared Secret Auth
The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook.
This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
### Method 2: manually, by asking each user to provide a working access token
**Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)).
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
- retrieve a Matrix access token for yourself. You can use the following command:
```
curl \
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-googlechat", "initial_device_display_name": "Mautrix-googlechat"}' \
https://matrix.DOMAIN/_matrix/client/r0/login
```
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
- make sure you don't log out the `Mautrix-googlechat` device some time in the future, as that would break the Double Puppeting feature
## Usage
Once the bot is enabled you need to start a chat with `googlechat bridge bot` with handle `@googlechatbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain).
Send `login` to the bridge bot to receive a link to the portal from which you can enable the bridging. Open the link sent by the bot and follow the instructions.
Automatic login may not work. If it does not, reload the page and select the "Manual login" checkbox before starting. Manual login involves logging into your Google account normally and then manually getting the OAuth token from browser cookies with developer tools.
Once logged in, recent chats should show up as new conversations automatically. Other chats will get portals as you receive messages.
You can learn more about authentication from the bridge's [official documentation on Authentication](https://docs.mau.fi/bridges/python/googlechat/authentication.html).
After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting), if you haven't already done so.

View File

@@ -1,3 +1,5 @@
# The [Mautrix Hangouts Bridge](https://mau.dev/mautrix/hangouts) is no longer maintained. It has changed to a [Google Chat Bridge](https://github.com/mautrix/googlechat). Setup instructions for the Google Chat Bridge can be [found here](configuring-playbook-bridge-mautrix-googlechat.md).
# Setting up Mautrix Hangouts (optional)
The playbook can install and configure [mautrix-hangouts](https://github.com/mautrix/hangouts) for you.

View File

@@ -3,14 +3,12 @@
**[Dimension](https://dimension.t2bot.io) can only be installed after Matrix services are installed and running.**
If you're just installing Matrix services for the first time, please continue with the [Configuration](configuring-playbook.md) / [Installation](installing.md) flow and come back here later.
**Note**: enabling Dimension, means that the `openid` API endpoints will be exposed on the Matrix Federation port (usually `8448`), even if [federation](configuring-playbook-federation.md) is disabled. It's something to be aware of, especially in terms of firewall whitelisting (make sure port `8448` is accessible).
**Note**: This playbook now supports running [Dimension](https://dimension.t2bot.io) in both a federated and [unfederated](https://github.com/turt2live/matrix-dimension/blob/master/docs/unfederated.md) environments. This is handled automatically based on the value of `matrix_synapse_federation_enabled`. Enabling Dimension, means that the `openid` API endpoints will be exposed on the Matrix Federation port (usually `8448`), even if [federation](configuring-playbook-federation.md) is disabled. It's something to be aware of, especially in terms of firewall whitelisting (make sure port `8448` is accessible).
## Prerequisites
This playbook now supports running [Dimension](https://dimension.t2bot.io) in both a federated and an [unfederated](https://github.com/turt2live/matrix-dimension/blob/master/docs/unfederated.md) environment. This is handled automatically based on the value of `matrix_synapse_federation_enabled`.
Other important prerequisite is the `dimension.<your-domain>` DNS record being set up correctly. See [Configuring your DNS server](configuring-dns.md) on how to set up DNS record correctly.
The `dimension.<your-domain>` DNS record must be created. See [Configuring your DNS server](configuring-dns.md) on how to set up DNS record correctly.
## Enable
@@ -45,11 +43,11 @@ To get an access token for the Dimension user, you can follow one of two options
*Through an interactive login*:
1. In a private browsing session (incognito window), open Element.
2. Log in with the `dimension` user and its password.
1. Log in with the `dimension` user and its password.
1. Set the display name and avatar, if required.
2. In the settings page choose "Help & About", scroll down to the bottom and click `Access Token: <click to reveal>`.
3. Copy the highlighted text to your configuration.
4. Close the private browsing session. **Do not log out**. Logging out will invalidate the token, making it not work.
1. In the settings page choose "Help & About", scroll down to the bottom and expand the `Access Token` section.
1. Copy the access token to your configuration.
1. Close the private browsing session. **Do not log out**. Logging out will invalidate the token, making it not work.
*With CURL*
@@ -81,6 +79,8 @@ After these variables have been set, please run the following command to re-run
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
```
After Dimension has been installed you may need to log out and log back in for it to pick up the new integrations manager. Then you can access integrations in Element by opening a room, clicking the Room info button (`i`) button in the top right corner of the screen, and then clicking Add widgets, bridges & bots.
## Jitsi domain

View File

@@ -98,6 +98,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins
- [Setting up Mautrix Hangouts bridging](configuring-playbook-bridge-mautrix-hangouts.md) (optional)
- [Setting up Mautrix Google Chat bridging](configuring-playbook-bridge-mautrix-googlechat.md) (optional)
- [Setting up Mautrix Instagram bridging](configuring-playbook-bridge-mautrix-instagram.md) (optional)
- [Setting up Mautrix Signal bridging](configuring-playbook-bridge-mautrix-signal.md) (optional)

View File

@@ -48,6 +48,8 @@ These services are not part of our default installation, but can be enabled by [
- [mautrix/hangouts](https://mau.dev/mautrix/hangouts/container_registry) - the [mautrix-hangouts](https://github.com/mautrix/hangouts) bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) (optional)
- [mautrix/googlechat](https://mau.dev/mautrix/googlechat/container_registry) - the [mautrix-googlechat](https://github.com/mautrix/googlechat) bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) (optional)
- [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) - the [mautrix-instagram](https://github.com/mautrix/instagram) bridge to [Instagram](https://instagram.com/) (optional)
- [mautrix/signal](https://mau.dev/mautrix/signal/container_registry) - the [mautrix-signal](https://github.com/mautrix/signal) bridge to [Signal](https://www.signal.org/) (optional)

View File

@@ -25,8 +25,10 @@ List of roles where self-building the Docker image is currently possible:
- `matrix-bridge-appservice-webhooks`
- `matrix-bridge-mautrix-facebook`
- `matrix-bridge-mautrix-hangouts`
- `matrix-bridge-mautrix-googlechat`
- `matrix-bridge-mautrix-telegram`
- `matrix-bridge-mautrix-signal`
- `matrix-bridge-mautrix-whatsapp`
- `matrix-bridge-mx-puppet-skype`
- `matrix-bot-mjolnir`
- `matrix-bot-matrix-reminder-bot`

View File

@@ -337,6 +337,47 @@ matrix_mautrix_hangouts_database_password: "{{ matrix_synapse_macaroon_secret_ke
######################################################################
######################################################################
#
# matrix-bridge-mautrix-googlechat
#
######################################################################
# We don't enable bridges by default.
matrix_mautrix_googlechat_enabled: false
matrix_mautrix_googlechat_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
matrix_mautrix_googlechat_systemd_required_services_list: |
{{
['docker.service']
+
(['matrix-synapse.service'] if matrix_synapse_enabled else [])
+
(['matrix-postgres.service'] if matrix_postgres_enabled else [])
+
(['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
}}
matrix_mautrix_googlechat_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'gc.as.token') | to_uuid }}"
matrix_mautrix_googlechat_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'gc.hs.token') | to_uuid }}"
matrix_mautrix_googlechat_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:9007' }}"
matrix_mautrix_googlechat_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
# Postgres is the default, except if not using `matrix_postgres` (internal postgres)
matrix_mautrix_googlechat_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}"
matrix_mautrix_googlechat_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mau.gc.db') | to_uuid }}"
######################################################################
#
# /matrix-bridge-mautrix-googlechat
#
######################################################################
######################################################################
#
# matrix-bridge-mautrix-instagram
@@ -477,6 +518,8 @@ matrix_mautrix_telegram_database_password: "{{ matrix_synapse_macaroon_secret_ke
# We don't enable bridges by default.
matrix_mautrix_whatsapp_enabled: false
matrix_mautrix_whatsapp_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}"
matrix_mautrix_whatsapp_systemd_required_services_list: |
{{
['docker.service']
@@ -1428,6 +1471,12 @@ matrix_postgres_additional_databases: |
'password': matrix_mautrix_hangouts_database_password,
}] if (matrix_mautrix_hangouts_enabled and matrix_mautrix_hangouts_database_engine == 'postgres' and matrix_mautrix_hangouts_database_hostname == 'matrix-postgres') else [])
+
([{
'name': matrix_mautrix_googlechat_database_name,
'username': matrix_mautrix_googlechat_database_username,
'password': matrix_mautrix_googlechat_database_password,
}] if (matrix_mautrix_googlechat_enabled and matrix_mautrix_googlechat_database_engine == 'postgres' and matrix_mautrix_googlechat_database_hostname == 'matrix-postgres') else [])
+
([{
'name': matrix_mautrix_instagram_database_name,
'username': matrix_mautrix_instagram_database_username,

View File

@@ -83,8 +83,8 @@ matrix_host_command_openssl: "/usr/bin/env openssl"
matrix_host_command_systemctl: "/usr/bin/env systemctl"
matrix_host_command_sh: "/usr/bin/env sh"
matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') else 'ntp' }}"
matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') or ansible_distribution == 'Archlinux' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}"
matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}"
matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}"
matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"

View File

@@ -7,7 +7,7 @@ matrix_appservice_slack_container_self_build: false
matrix_appservice_slack_docker_repo: "https://github.com/matrix-org/matrix-appservice-slack.git"
matrix_appservice_slack_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-slack/docker-src"
matrix_appservice_slack_version: release-1.5.0
matrix_appservice_slack_version: release-1.8.0
matrix_appservice_slack_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-slack:{{ matrix_appservice_slack_version }}"
matrix_appservice_slack_docker_image_force_pull: "{{ matrix_appservice_slack_docker_image.endswith(':latest') }}"

View File

@@ -0,0 +1,115 @@
# mautrix-googlechat is a Matrix <-> googlechat bridge
# See: https://github.com/mautrix/googlechat
matrix_mautrix_googlechat_enabled: true
matrix_mautrix_googlechat_container_image_self_build: false
matrix_mautrix_googlechat_container_image_self_build_repo: "https://github.com/mautrix/googlechat.git"
matrix_mautrix_googlechat_version: latest
# See: https://mau.dev/mautrix/googlechat/container_registry
matrix_mautrix_googlechat_docker_image: "{{ matrix_mautrix_googlechat_docker_image_name_prefix }}mautrix/googlechat:{{ matrix_mautrix_googlechat_version }}"
matrix_mautrix_googlechat_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_googlechat_container_image_self_build else 'dock.mau.dev/' }}"
matrix_mautrix_googlechat_docker_image_force_pull: "{{ matrix_mautrix_googlechat_docker_image.endswith(':latest') }}"
matrix_mautrix_googlechat_base_path: "{{ matrix_base_data_path }}/mautrix-googlechat"
matrix_mautrix_googlechat_config_path: "{{ matrix_mautrix_googlechat_base_path }}/config"
matrix_mautrix_googlechat_data_path: "{{ matrix_mautrix_googlechat_base_path }}/data"
matrix_mautrix_googlechat_docker_src_files_path: "{{ matrix_mautrix_googlechat_base_path }}/docker-src"
matrix_mautrix_googlechat_public_endpoint: '/mautrix-googlechat'
matrix_mautrix_googlechat_homeserver_address: "{{ matrix_homeserver_container_url }}"
matrix_mautrix_googlechat_homeserver_domain: '{{ matrix_domain }}'
matrix_mautrix_googlechat_appservice_address: 'http://matrix-mautrix-googlechat:8080'
# Controls whether the matrix-mautrix-googlechat container exposes its HTTP port (tcp/8080 in the container).
#
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9007"), or empty string to not expose.
matrix_mautrix_googlechat_container_http_host_bind_port: ''
# A list of extra arguments to pass to the container
matrix_mautrix_googlechat_container_extra_arguments: []
# List of systemd services that matrix-mautrix-googlechat.service depends on.
matrix_mautrix_googlechat_systemd_required_services_list: ['docker.service']
# List of systemd services that matrix-mautrix-googlechat.service wants
matrix_mautrix_googlechat_systemd_wanted_services_list: []
matrix_mautrix_googlechat_appservice_token: ''
matrix_mautrix_googlechat_homeserver_token: ''
# Database-related configuration fields.
#
# To use SQLite, stick to these defaults.
#
# To use Postgres:
# - change the engine (`matrix_mautrix_googlechat_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_mautrix_googlechat_postgres_*` variables
matrix_mautrix_googlechat_database_engine: 'sqlite'
matrix_mautrix_googlechat_sqlite_database_path_local: "{{ matrix_mautrix_googlechat_data_path }}/mautrix-googlechat.db"
matrix_mautrix_googlechat_sqlite_database_path_in_container: "/data/mautrix-googlechat.db"
matrix_mautrix_googlechat_database_username: 'matrix_mautrix_googlechat'
matrix_mautrix_googlechat_database_password: 'some-password'
matrix_mautrix_googlechat_database_hostname: 'matrix-postgres'
matrix_mautrix_googlechat_database_port: 5432
matrix_mautrix_googlechat_database_name: 'matrix_mautrix_googlechat'
matrix_mautrix_googlechat_database_connection_string: 'postgres://{{ matrix_mautrix_googlechat_database_username }}:{{ matrix_mautrix_googlechat_database_password }}@{{ matrix_mautrix_googlechat_database_hostname }}:{{ matrix_mautrix_googlechat_database_port }}/{{ matrix_mautrix_googlechat_database_name }}'
matrix_mautrix_googlechat_appservice_database: "{{
{
'sqlite': ('sqlite:///' + matrix_mautrix_googlechat_sqlite_database_path_in_container),
'postgres': matrix_mautrix_googlechat_database_connection_string,
}[matrix_mautrix_googlechat_database_engine]
}}"
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
matrix_mautrix_googlechat_login_shared_secret: ''
matrix_mautrix_googlechat_appservice_bot_username: googlechatbot
# Default configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it.
#
# For a more advanced customization, you can extend the default (see `matrix_mautrix_googlechat_configuration_extension_yaml`)
# or completely replace this variable with your own template.
matrix_mautrix_googlechat_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
matrix_mautrix_googlechat_configuration_extension_yaml: |
# Your custom YAML configuration goes here.
# This configuration extends the default starting configuration (`matrix_mautrix_googlechat_configuration_yaml`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_mautrix_googlechat_configuration_yaml`.
matrix_mautrix_googlechat_configuration_extension: "{{ matrix_mautrix_googlechat_configuration_extension_yaml|from_yaml if matrix_mautrix_googlechat_configuration_extension_yaml|from_yaml is mapping else {} }}"
# Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_googlechat_configuration_yaml`.
matrix_mautrix_googlechat_configuration: "{{ matrix_mautrix_googlechat_configuration_yaml|from_yaml|combine(matrix_mautrix_googlechat_configuration_extension, recursive=True) }}"
matrix_mautrix_googlechat_registration_yaml: |
id: googlechat
as_token: "{{ matrix_mautrix_googlechat_appservice_token }}"
hs_token: "{{ matrix_mautrix_googlechat_homeserver_token }}"
namespaces:
users:
- exclusive: true
regex: '^@googlechat_.+:{{ matrix_mautrix_googlechat_homeserver_domain|regex_escape }}$'
- exclusive: true
regex: '^@{{ matrix_mautrix_googlechat_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_googlechat_homeserver_domain|regex_escape }}$'
url: {{ matrix_mautrix_googlechat_appservice_address }}
# See https://github.com/mautrix/signal/issues/43
sender_localpart: _bot_{{ matrix_mautrix_googlechat_appservice_bot_username }}
rate_limited: false
de.sorunome.msc2409.push_ephemeral: true
matrix_mautrix_googlechat_registration: "{{ matrix_mautrix_googlechat_registration_yaml|from_yaml }}"

View File

@@ -0,0 +1,69 @@
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
fail:
msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md"
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_googlechat_container_image_self_build and matrix_mautrix_googlechat_enabled"
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-googlechat.service'] }}"
when: matrix_mautrix_googlechat_enabled|bool
# If the matrix-synapse role is not used, these variables may not exist.
- set_fact:
matrix_synapse_container_extra_arguments: >
{{ matrix_synapse_container_extra_arguments|default([]) }}
+
["--mount type=bind,src={{ matrix_mautrix_googlechat_config_path }}/registration.yaml,dst=/matrix-mautrix-googlechat-registration.yaml,ro"]
matrix_synapse_app_service_config_files: >
{{ matrix_synapse_app_service_config_files|default([]) }}
+
{{ ["/matrix-mautrix-googlechat-registration.yaml"] }}
when: matrix_mautrix_googlechat_enabled|bool
- block:
- name: Fail if matrix-nginx-proxy role already executed
fail:
msg: >-
Trying to append Mautrix googlechat's reverse-proxying configuration to matrix-nginx-proxy,
but it's pointless since the matrix-nginx-proxy role had already executed.
To fix this, please change the order of roles in your plabook,
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-googlechat role.
when: matrix_nginx_proxy_role_executed|default(False)|bool
- name: Generate Mautrix googlechat proxying configuration for matrix-nginx-proxy
set_fact:
matrix_mautrix_googlechat_matrix_nginx_proxy_configuration: |
location {{ matrix_mautrix_googlechat_public_endpoint }} {
{% if matrix_nginx_proxy_enabled|default(False) %}
{# Use the embedded DNS resolver in Docker containers to discover the service #}
resolver 127.0.0.11 valid=5s;
set $backend "matrix-mautrix-googlechat:8080";
proxy_pass http://$backend;
{% else %}
{# Generic configuration for use outside of our container setup #}
proxy_pass http://127.0.0.1:9007;
{% endif %}
}
- name: Register Mautrix googlechat proxying configuration with matrix-nginx-proxy
set_fact:
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
{{
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+
[matrix_mautrix_googlechat_matrix_nginx_proxy_configuration]
}}
tags:
- always
when: matrix_mautrix_googlechat_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
debug:
msg: >-
NOTE: You've enabled the Mautrix googlechat bridge but are not using the matrix-nginx-proxy
reverse proxy.
Please make sure that you're proxying the `{{ matrix_mautrix_googlechat_public_endpoint }}`
URL endpoint to the matrix-mautrix-googlechat container.
You can expose the container's port using the `matrix_mautrix_googlechat_container_http_host_bind_port` variable.
when: "matrix_mautrix_googlechat_enabled|bool and (matrix_nginx_proxy_enabled is not defined or matrix_nginx_proxy_enabled|bool == false)"

View File

@@ -0,0 +1,21 @@
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup|bool and matrix_mautrix_googlechat_enabled|bool"
tags:
- setup-all
- setup-mautrix-googlechat
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup|bool and matrix_mautrix_googlechat_enabled|bool"
tags:
- setup-all
- setup-mautrix-googlechat
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup|bool and not matrix_mautrix_googlechat_enabled|bool"
tags:
- setup-all
- setup-mautrix-googlechat

View File

@@ -0,0 +1,128 @@
---
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed
fail:
msg: >-
The matrix-bridge-mautrix-googlechat role needs to execute before the matrix-synapse role.
when: "matrix_synapse_role_executed|default(False)"
- set_fact:
matrix_mautrix_googlechat_requires_restart: false
- block:
- name: Check if an SQLite database already exists
stat:
path: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}"
register: matrix_mautrix_googlechat_sqlite_database_path_local_stat_result
- block:
- set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}"
dst: "{{ matrix_mautrix_googlechat_database_connection_string }}"
caller: "{{ role_path|basename }}"
engine_variable_name: 'matrix_mautrix_googlechat_database_engine'
engine_old: 'sqlite'
systemd_services_to_stop: ['matrix-mautrix-googlechat.service']
- import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml"
- set_fact:
matrix_mautrix_googlechat_requires_restart: true
when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists|bool"
when: "matrix_mautrix_googlechat_database_engine == 'postgres'"
- name: Ensure Mautrix googlechat image is pulled
docker_image:
name: "{{ matrix_mautrix_googlechat_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_mautrix_googlechat_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_googlechat_docker_image_force_pull }}"
when: not matrix_mautrix_googlechat_container_image_self_build
- name: Ensure Mautrix googlechat paths exist
file:
path: "{{ item.path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- { path: "{{ matrix_mautrix_googlechat_base_path }}", when: true }
- { path: "{{ matrix_mautrix_googlechat_config_path }}", when: true }
- { path: "{{ matrix_mautrix_googlechat_data_path }}", when: true }
- { path: "{{ matrix_mautrix_googlechat_docker_src_files_path }}", when: "{{ matrix_mautrix_googlechat_container_image_self_build }}" }
when: "item.when|bool"
- name: Ensure Mautrix Hangots repository is present on self build
git:
repo: "{{ matrix_mautrix_googlechat_container_image_self_build_repo }}"
dest: "{{ matrix_mautrix_googlechat_docker_src_files_path }}"
force: "yes"
register: matrix_mautrix_googlechat_git_pull_results
when: "matrix_mautrix_googlechat_container_image_self_build|bool"
- name: Ensure Mautrix googlechat Docker image is built
docker_image:
name: "{{ matrix_mautrix_googlechat_docker_image }}"
source: build
force_source: "{{ matrix_mautrix_googlechat_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_googlechat_git_pull_results.changed }}"
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_googlechat_docker_src_files_path }}"
pull: yes
when: "matrix_mautrix_googlechat_container_image_self_build|bool"
- name: Check if an old database file already exists
stat:
path: "{{ matrix_mautrix_googlechat_base_path }}/mautrix-googlechat.db"
register: matrix_mautrix_googlechat_stat_database
- name: (Data relocation) Ensure matrix-mautrix-googlechat.service is stopped
service:
name: matrix-mautrix-googlechat
state: stopped
daemon_reload: yes
failed_when: false
when: "matrix_mautrix_googlechat_stat_database.stat.exists"
- name: (Data relocation) Move mautrix-googlechat database file to ./data directory
command: "mv {{ matrix_mautrix_googlechat_base_path }}/mautrix-googlechat.db {{ matrix_mautrix_googlechat_data_path }}/mautrix-googlechat.db"
when: "matrix_mautrix_googlechat_stat_database.stat.exists"
- name: Ensure mautrix-googlechat config.yaml installed
copy:
content: "{{ matrix_mautrix_googlechat_configuration|to_nice_yaml }}"
dest: "{{ matrix_mautrix_googlechat_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure mautrix-googlechat registration.yaml installed
copy:
content: "{{ matrix_mautrix_googlechat_registration|to_nice_yaml }}"
dest: "{{ matrix_mautrix_googlechat_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure matrix-mautrix-googlechat.service installed
template:
src: "{{ role_path }}/templates/systemd/matrix-mautrix-googlechat.service.j2"
dest: "{{ matrix_systemd_path }}/matrix-mautrix-googlechat.service"
mode: 0644
register: matrix_mautrix_googlechat_systemd_service_result
- name: Ensure systemd reloaded after matrix-mautrix-googlechat.service installation
service:
daemon_reload: yes
when: "matrix_mautrix_googlechat_systemd_service_result.changed"
- name: Ensure matrix-mautrix-googlechat.service restarted, if necessary
service:
name: "matrix-mautrix-googlechat.service"
state: restarted
when: "matrix_mautrix_googlechat_requires_restart|bool"

View File

@@ -0,0 +1,24 @@
---
- name: Check existence of matrix-mautrix-googlechat service
stat:
path: "{{ matrix_systemd_path }}/matrix-mautrix-googlechat.service"
register: matrix_mautrix_googlechat_service_stat
- name: Ensure matrix-mautrix-googlechat is stopped
service:
name: matrix-mautrix-googlechat
state: stopped
daemon_reload: yes
when: "matrix_mautrix_googlechat_service_stat.stat.exists"
- name: Ensure matrix-mautrix-googlechat.service doesn't exist
file:
path: "{{ matrix_systemd_path }}/matrix-mautrix-googlechat.service"
state: absent
when: "matrix_mautrix_googlechat_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-mautrix-googlechat.service removal
service:
daemon_reload: yes
when: "matrix_mautrix_googlechat_service_stat.stat.exists"

View File

@@ -0,0 +1,14 @@
---
- name: Fail if required settings not defined
fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`).
when: "vars[item] == ''"
with_items:
- "matrix_mautrix_googlechat_public_endpoint"
- "matrix_mautrix_googlechat_appservice_token"
- "matrix_mautrix_googlechat_homeserver_token"
- debug:
msg:
- '`matrix_mautrix_googlechat_homeserver_domain` == {{ matrix_mautrix_googlechat_homeserver_domain }}'

View File

@@ -0,0 +1,145 @@
#jinja2: lstrip_blocks: "True"
# Homeserver details
homeserver:
# The address that this appservice can use to connect to the homeserver.
address: {{ matrix_mautrix_googlechat_homeserver_address }}
# The domain of the homeserver (for MXIDs, etc).
domain: {{ matrix_mautrix_googlechat_homeserver_domain }}
# Whether or not to verify the SSL certificate of the homeserver.
# Only applies if address starts with https://
verify_ssl: true
# Application service host/registration related details
# Changing these values requires regeneration of the registration.
appservice:
# The address that the homeserver can use to connect to this appservice.
address: {{ matrix_mautrix_googlechat_appservice_address }}
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
port: 8080
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1
# The full URI to the database. SQLite and Postgres are fully supported.
# Other DBMSes supported by SQLAlchemy may or may not work.
# Format examples:
# SQLite: sqlite:///filename.db
# Postgres: postgres://username:password@hostname/dbname
database: {{ matrix_mautrix_googlechat_appservice_database|to_json }}
# The unique ID of this appservice.
id: googlechat
# Username of the appservice bot.
bot_username: {{ matrix_mautrix_googlechat_appservice_bot_username|to_json }}
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
bot_displayname: googlechat bridge bot
bot_avatar: mxc://maunium.net/FBXZnpfORkBEruORbikmleAy
# Authentication tokens for AS <-> HS communication.
as_token: "{{ matrix_mautrix_googlechat_appservice_token }}"
hs_token: "{{ matrix_mautrix_googlechat_homeserver_token }}"
# Bridge config
bridge:
# Localpart template of MXIDs for googlechat users.
# {userid} is replaced with the user ID of the googlechat user.
username_template: "googlechat_{userid}"
# Displayname template for googlechat users.
# {displayname} is replaced with the display name of the googlechat user
# as defined below in displayname_preference.
# Keys available for displayname_preference are also available here.
displayname_template: '{full_name} (googlechat)'
# Available keys:
# "name" (full name)
# "first_name"
# "last_name"
# "nickname"
# "own_nickname" (user-specific!)
displayname_preference:
- name
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!HO"
# Number of chats to sync (and create portals for) on startup/login.
# Maximum 20, set 0 to disable automatic syncing.
initial_chat_sync: 20
# Whether or not the googlechat users of logged in Matrix users should be
# invited to private chats when the user sends a message from another client.
invite_own_puppet_to_pm: false
# Whether or not to use /sync to get presence, read receipts and typing notifications when using
# your own Matrix account as the Matrix puppet for your googlechat account.
sync_with_custom_puppets: true
# Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, custom puppets will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
login_shared_secret: {{ matrix_mautrix_googlechat_login_shared_secret|to_json }}
# Whether or not to update avatars when syncing all contacts at startup.
update_avatar_initial_sync: true
# End-to-bridge encryption support options. These require matrix-nio to be installed with pip
# and login_shared_secret to be configured in order to get a device for the bridge bot.
#
# Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal
# application service.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: false
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
default: false
# Public website and API configs
web:
# Auth server config
auth:
# Publicly accessible base URL for the login endpoints.
# The prefix below is not implicitly added. This URL and all subpaths should be proxied
# or otherwise pointed to the appservice's webserver to the path specified below (prefix).
# This path should usually include a trailing slash.
# Internal prefix in the appservice web server for the login endpoints.
public: "{{ matrix_homeserver_url }}{{ matrix_mautrix_googlechat_public_endpoint }}/login"
prefix: "{{ matrix_mautrix_googlechat_public_endpoint }}/login"
# Permissions for using the bridge.
# Permitted values:
# user - Use the bridge with puppeting.
# admin - Use and administrate the bridge.
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions:
'{{ matrix_mautrix_googlechat_homeserver_domain }}': user
# Python logging configuration.
#
# See section 16.7.2 of the Python documentation for more info:
# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
logging:
version: 1
formatters:
colored:
(): mautrix_googlechat.util.ColorFormatter
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
normal:
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
handlers:
console:
class: logging.StreamHandler
formatter: colored
loggers:
mau:
level: DEBUG
hangups:
level: DEBUG
aiohttp:
level: INFO
root:
level: DEBUG
handlers: [console]

View File

@@ -0,0 +1,43 @@
#jinja2: lstrip_blocks: "True"
[Unit]
Description=Matrix Mautrix googlechat bridge
{% for service in matrix_mautrix_googlechat_systemd_required_services_list %}
Requires={{ service }}
After={{ service }}
{% endfor %}
{% for service in matrix_mautrix_googlechat_systemd_wanted_services_list %}
Wants={{ service }}
{% endfor %}
DefaultDependencies=no
[Service]
Type=simple
Environment="HOME={{ matrix_systemd_unit_home_path }}"
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
ExecStartPre={{ matrix_host_command_sleep }} 5
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-googlechat \
--log-driver=none \
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--network={{ matrix_docker_network }} \
{% if matrix_mautrix_googlechat_container_http_host_bind_port %}
-p {{ matrix_mautrix_googlechat_container_http_host_bind_port }}:8080 \
{% endif %}
-v {{ matrix_mautrix_googlechat_config_path }}:/config:z \
-v {{ matrix_mautrix_googlechat_data_path }}:/data:z \
{% for arg in matrix_mautrix_googlechat_container_extra_arguments %}
{{ arg }} \
{% endfor %}
{{ matrix_mautrix_googlechat_docker_image }} \
python3 -m mautrix_googlechat -c /config/config.yaml --no-update
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null'
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mautrix-googlechat
[Install]
WantedBy=multi-user.target

View File

@@ -3,14 +3,20 @@
matrix_mautrix_whatsapp_enabled: true
matrix_mautrix_whatsapp_container_image_self_build: false
matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git"
matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
matrix_mautrix_whatsapp_version: latest
# See: https://mau.dev/mautrix/whatsapp/container_registry
matrix_mautrix_whatsapp_docker_image: "dock.mau.dev/mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"
matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"
matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}"
matrix_mautrix_whatsapp_docker_image_force_pull: "{{ matrix_mautrix_whatsapp_docker_image.endswith(':latest') }}"
matrix_mautrix_whatsapp_base_path: "{{ matrix_base_data_path }}/mautrix-whatsapp"
matrix_mautrix_whatsapp_config_path: "{{ matrix_mautrix_whatsapp_base_path }}/config"
matrix_mautrix_whatsapp_data_path: "{{ matrix_mautrix_whatsapp_base_path }}/data"
matrix_mautrix_whatsapp_docker_src_files_path: "{{ matrix_mautrix_whatsapp_base_path }}/docker-src"
matrix_mautrix_whatsapp_homeserver_address: "{{ matrix_homeserver_container_url }}"
matrix_mautrix_whatsapp_homeserver_domain: "{{ matrix_domain }}"

View File

@@ -35,24 +35,49 @@
when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists|bool"
when: "matrix_mautrix_whatsapp_database_engine == 'postgres'"
- name: Ensure Mautrix Whatsapp paths exists
file:
path: "{{ item.path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- { path: "{{ matrix_mautrix_whatsapp_base_path }}", when: true }
- { path: "{{ matrix_mautrix_whatsapp_config_path }}", when: true }
- { path: "{{ matrix_mautrix_whatsapp_data_path }}", when: true }
- { path: "{{ matrix_mautrix_whatsapp_docker_src_files_path }}", when: "{{ matrix_mautrix_whatsapp_container_image_self_build }}" }
when: item.when|bool
- name: Ensure Mautrix Whatsapp image is pulled
docker_image:
name: "{{ matrix_mautrix_whatsapp_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_mautrix_whatsapp_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_whatsapp_docker_image_force_pull }}"
when: not matrix_mautrix_whatsapp_container_image_self_build
- name: Ensure Mautrix Whatsapp paths exists
file:
path: "{{ item }}"
state: directory
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- "{{ matrix_mautrix_whatsapp_base_path }}"
- "{{ matrix_mautrix_whatsapp_config_path }}"
- "{{ matrix_mautrix_whatsapp_data_path }}"
- name: Ensure Mautrix Whatsapp repository is present on self-build
git:
repo: "{{ matrix_mautrix_whatsapp_container_image_self_build_repo }}"
dest: "{{ matrix_mautrix_whatsapp_docker_src_files_path }}"
version: "{{ matrix_mautrix_whatsapp_container_image_self_build_branch }}"
force: "yes"
register: matrix_mautrix_whatsapp_git_pull_results
when: "matrix_mautrix_whatsapp_container_image_self_build|bool"
- name: Ensure Mautrix Whatsapp Docker image is built
docker_image:
name: "{{ matrix_mautrix_whatsapp_docker_image }}"
source: build
force_source: "{{ matrix_mautrix_whatsapp_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_whatsapp_git_pull_results.changed }}"
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_whatsapp_docker_src_files_path }}"
pull: yes
when: "matrix_mautrix_whatsapp_container_image_self_build|bool"
- name: Check if an old database file exists
stat:

View File

@@ -3,7 +3,7 @@ matrix_client_element_enabled: true
matrix_client_element_container_image_self_build: false
matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git"
matrix_client_element_version: v1.9.0
matrix_client_element_version: v1.9.2
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}"
matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"

View File

@@ -21,6 +21,7 @@
- matrix-bridge-beeper-linkedin
- matrix-bridge-mautrix-facebook
- matrix-bridge-mautrix-hangouts
- matrix-bridge-mautrix-googlechat
- matrix-bridge-mautrix-instagram
- matrix-bridge-mautrix-signal
- matrix-bridge-mautrix-telegram