cqrenet/matrix-docker-ansible-deploy
4
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2026-06-14 23:51:08 +00:00
Code Issues Wiki Activity
Files
36f3d4c4a5cfe2da57d1c07589f00e6000ea3c94
matrix-docker-ansible-deploy/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml
T
Slavi Pantaleev 45c3b751d9 Switch mautrix-signal back to the v0 versioning scheme (v0.2605.0) 
mautrix publishes each release under two tag schemes: v0.YYMM.PATCH
(also used for git tags, due to Go's module path requirements for
major versions >= 2) and a calver vYY.MM[.PATCH] scheme that exists
only on the Docker registry.

We switched mautrix-signal to the calver scheme in 3564155a7, which
left it silently stuck at v26.02.2: the calver tags have an
inconsistent number of components (v26.02.2 vs v26.05), and Renovate's
docker versioning only offers updates between tags with the same
number of dot-separated parts. It also broke self-building, which uses
the version as a git ref, and calver tags do not exist in git.

Going back to the v0 scheme (used by all other mautrix bridges) fixes
both problems and upgrades signal from the February release to the
current May one.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-10 23:58:30 +03:00

251 lines
14 KiB
YAML
Raw Blame History

# SPDX-FileCopyrightText: 2020 - 2021 Sabine Laszakovits
# SPDX-FileCopyrightText: 2020 - 2024 MDAD project contributors
# SPDX-FileCopyrightText: 2021 - 2025 Slavi Pantaleev
# SPDX-FileCopyrightText: 2021 Wolfgang Winter
# SPDX-FileCopyrightText: 2022 - 2024 Nikita Chernyi
# SPDX-FileCopyrightText: 2022 László Várady
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2022 Matthew Cengia
# SPDX-FileCopyrightText: 2023 - 2024 Pierre 'McFly' Marty
# SPDX-FileCopyrightText: 2023 Adrien le Maire
# SPDX-FileCopyrightText: 2023 Samuel Meenzen
# SPDX-FileCopyrightText: 2023 Yousef Amar
# SPDX-FileCopyrightText: 2024 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
# mautrix-signal is a Matrix <-> Signal bridge
# Project source code URL: https://github.com/mautrix/signal
matrix_mautrix_signal_enabled: true
matrix_mautrix_signal_container_image_self_build: false
matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/signal.git"
matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/signal
matrix_mautrix_signal_version: v0.2605.0
# See: https://mau.dev/mautrix/signal/container_registry
matrix_mautrix_signal_container_image: "{{ matrix_mautrix_signal_container_image_registry_prefix }}mautrix/signal:{{ matrix_mautrix_signal_container_image_tag }}"
matrix_mautrix_signal_container_image_tag: "{{ matrix_mautrix_signal_version }}"
matrix_mautrix_signal_container_image_registry_prefix: "{{ 'localhost/' if matrix_mautrix_signal_container_image_self_build else matrix_mautrix_signal_container_image_registry_prefix_upstream }}"
matrix_mautrix_signal_container_image_registry_prefix_upstream: "{{ matrix_mautrix_signal_container_image_registry_prefix_upstream_default }}"
matrix_mautrix_signal_container_image_registry_prefix_upstream_default: "dock.mau.dev/"
matrix_mautrix_signal_base_path: "{{ matrix_base_data_path }}/mautrix-signal"
matrix_mautrix_signal_config_path: "{{ matrix_mautrix_signal_base_path }}/config"
matrix_mautrix_signal_data_path: "{{ matrix_mautrix_signal_base_path }}/data"
matrix_mautrix_signal_container_src_files_path: "{{ matrix_mautrix_signal_base_path }}/docker-src"
matrix_mautrix_signal_homeserver_address: ""
matrix_mautrix_signal_homeserver_domain: "{{ matrix_domain }}"
# Whether asynchronous uploads via MSC2246 should be enabled for media.
# Requires a homeserver that supports MSC2246 (https://github.com/matrix-org/matrix-spec-proposals/pull/2246).
matrix_mautrix_signal_homeserver_async_media: false
matrix_mautrix_signal_appservice_address: "http://matrix-mautrix-signal:8080"
matrix_mautrix_signal_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
matrix_mautrix_signal_self_sign_enabled: "{{ matrix_bridges_self_sign_enabled }}"
matrix_mautrix_signal_extev_polls: false
matrix_mautrix_signal_command_prefix: "!signal"
# Displayname template for Signal users.
# {{.ProfileName}} - The Signal profile name set by the user.
# {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances.
# {{.Nickname}} - The nickname set for the user in the native Signal app. This is not safe on multi-user instances.
# {{.PhoneNumber}} - The phone number of the user.
# {{.UUID}} - The UUID of the Signal user.
# {{.AboutEmoji}} - The emoji set by the user in their profile.
matrix_mautrix_signal_network_displayname_template: '{% raw %}{{or .ProfileName .PhoneNumber "Unknown user"}} (Signal){% endraw %}'
matrix_mautrix_signal_bridge_permissions: |
{{
{'*': 'relay', matrix_mautrix_signal_homeserver_domain: 'user'}
| combine({matrix_admin: 'admin'} if matrix_admin else {})
}}
# Enable bridge relay functionality
matrix_mautrix_signal_bridge_relay_enabled: "{{ matrix_bridges_relay_enabled }}"
# Only allow admins on this home server to set themselves as a relay user
matrix_mautrix_signal_bridge_relay_admin_only: true
matrix_mautrix_signal_container_network: ""
matrix_mautrix_signal_container_additional_networks: "{{ matrix_mautrix_signal_container_additional_networks_auto + matrix_mautrix_signal_container_additional_networks_custom }}"
matrix_mautrix_signal_container_additional_networks_auto: []
matrix_mautrix_signal_container_additional_networks_custom: []
# matrix_mautrix_signal_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
# See `../templates/labels.j2` for details.
#
# To inject your own other container labels, see `matrix_mautrix_signal_container_labels_additional_labels`.
matrix_mautrix_signal_container_labels_traefik_enabled: true
matrix_mautrix_signal_container_labels_traefik_docker_network: "{{ matrix_mautrix_signal_container_network }}"
matrix_mautrix_signal_container_labels_traefik_entrypoints: web-secure
matrix_mautrix_signal_container_labels_traefik_tls_certResolver: default # noqa var-naming
# Controls whether labels will be added that expose mautrix-instagram's metrics
matrix_mautrix_signal_container_labels_metrics_enabled: "{{ matrix_mautrix_signal_metrics_enabled and matrix_mautrix_signal_metrics_proxying_enabled }}"
matrix_mautrix_signal_container_labels_metrics_traefik_rule: "Host(`{{ matrix_mautrix_signal_metrics_proxying_hostname }}`) && PathPrefix(`{{ matrix_mautrix_signal_metrics_proxying_path_prefix }}`)"
matrix_mautrix_signal_container_labels_metrics_traefik_priority: 0
matrix_mautrix_signal_container_labels_metrics_traefik_entrypoints: "{{ matrix_mautrix_signal_container_labels_traefik_entrypoints }}"
matrix_mautrix_signal_container_labels_metrics_traefik_tls: "{{ matrix_mautrix_signal_container_labels_metrics_traefik_entrypoints != 'web' }}"
matrix_mautrix_signal_container_labels_metrics_traefik_tls_certResolver: "{{ matrix_mautrix_signal_container_labels_traefik_tls_certResolver }}" # noqa var-naming
matrix_mautrix_signal_container_labels_metrics_middleware_basic_auth_enabled: false
# See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users
matrix_mautrix_signal_container_labels_metrics_middleware_basic_auth_users: ''
# matrix_mautrix_signal_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
# See `../templates/labels.j2` for details.
#
# Example:
# matrix_mautrix_signal_container_labels_additional_labels: |
# my.label=1
# another.label="here"
matrix_mautrix_signal_container_labels_additional_labels: ''
# A list of extra arguments to pass to the container
matrix_mautrix_signal_container_extra_arguments: []
# List of systemd services that matrix-mautrix-signal.service depends on.
matrix_mautrix_signal_systemd_required_services_list: "{{ matrix_mautrix_signal_systemd_required_services_list_default + matrix_mautrix_signal_systemd_required_services_list_auto + matrix_mautrix_signal_systemd_required_services_list_custom }}"
matrix_mautrix_signal_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
matrix_mautrix_signal_systemd_required_services_list_auto: []
matrix_mautrix_signal_systemd_required_services_list_custom: []
# List of systemd services that matrix-mautrix-signal.service wants
matrix_mautrix_signal_systemd_wanted_services_list: []
matrix_mautrix_signal_appservice_token: ''
matrix_mautrix_signal_homeserver_token: ''
matrix_mautrix_signal_appservice_bot_username: signalbot
# Minimum severity of journal log messages.
# Valid values: fatal, error, warn, info, debug, trace
matrix_mautrix_signal_logging_level: 'warn'
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
matrix_mautrix_signal_federate_rooms: true
matrix_mautrix_signal_backfill_enabled: true
matrix_mautrix_signal_backfill_max_initial_messages: 50
matrix_mautrix_signal_backfill_max_catchup_messages: 500
matrix_mautrix_signal_backfill_unread_hours_threshold: 720
matrix_mautrix_signal_backfill_threads_max_initial_messages: 50
# Whether or not metrics endpoint should be enabled.
# Enabling them is usually enough for a local (in-container) Prometheus to consume them.
# If metrics need to be consumed by another (external) Prometheus server, consider exposing them via `matrix_mautrix_signal_metrics_proxying_enabled`.
matrix_mautrix_signal_metrics_enabled: false
# Controls whether metrics should be exposed on a public URL.
matrix_mautrix_signal_metrics_proxying_enabled: false
matrix_mautrix_signal_metrics_proxying_hostname: ''
matrix_mautrix_signal_metrics_proxying_path_prefix: ''
# Database-related configuration fields.
#
# To use SQLite, stick to these defaults.
#
# To use Postgres:
# - change the engine (`matrix_mautrix_signal_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_mautrix_signal_database_*` variables
matrix_mautrix_signal_database_engine: 'sqlite'
matrix_mautrix_signal_sqlite_database_path_local: "{{ matrix_mautrix_signal_data_path }}/mautrix-signal.db"
matrix_mautrix_signal_sqlite_database_path_in_container: "/data/mautrix-signal.db?_txlock=immediate"
matrix_mautrix_signal_database_username: 'matrix_mautrix_signal'
matrix_mautrix_signal_database_password: 'some-password'
matrix_mautrix_signal_database_hostname: ''
matrix_mautrix_signal_database_port: 5432
matrix_mautrix_signal_database_name: 'matrix_mautrix_signal'
matrix_mautrix_signal_database_sslmode: disable
matrix_mautrix_signal_database_connection_string: 'postgresql://{{ matrix_mautrix_signal_database_username }}:{{ matrix_mautrix_signal_database_password }}@{{ matrix_mautrix_signal_database_hostname }}:{{ matrix_mautrix_signal_database_port }}/{{ matrix_mautrix_signal_database_name }}?sslmode={{ matrix_mautrix_signal_database_sslmode }}'
matrix_mautrix_signal_appservice_database_type: "{{ {
'sqlite': 'sqlite3-fk-wal',
'postgres': 'postgres',
}[matrix_mautrix_signal_database_engine] }}"
matrix_mautrix_signal_appservice_database_uri: "{{ {
'sqlite': matrix_mautrix_signal_sqlite_database_path_in_container,
'postgres': matrix_mautrix_signal_database_connection_string,
}[matrix_mautrix_signal_database_engine] }}"
matrix_mautrix_signal_double_puppet_secrets: "{{ matrix_mautrix_signal_double_puppet_secrets_auto | combine(matrix_mautrix_signal_double_puppet_secrets_custom) }}"
matrix_mautrix_signal_double_puppet_secrets_auto: {}
matrix_mautrix_signal_double_puppet_secrets_custom: {}
# Default mautrix-signal configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it.
#
# For a more advanced customization, you can extend the default (see `matrix_mautrix_signal_configuration_extension_yaml`)
# or completely replace this variable with your own template.
matrix_mautrix_signal_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
matrix_mautrix_signal_configuration_extension_yaml: |
# Your custom YAML configuration goes here.
# This configuration extends the default starting configuration (`matrix_mautrix_signal_configuration_yaml`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_mautrix_signal_configuration_yaml`.
matrix_mautrix_signal_configuration_extension: "{{ matrix_mautrix_signal_configuration_extension_yaml | from_yaml if matrix_mautrix_signal_configuration_extension_yaml | from_yaml is mapping else {} }}"
# Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_signal_configuration_yaml`.
matrix_mautrix_signal_configuration: "{{ matrix_mautrix_signal_configuration_yaml | from_yaml | combine(matrix_mautrix_signal_configuration_extension, recursive=True) }}"
matrix_mautrix_signal_registration_yaml: |
id: signal
url: {{ matrix_mautrix_signal_appservice_address }}
as_token: "{{ matrix_mautrix_signal_appservice_token }}"
hs_token: "{{ matrix_mautrix_signal_homeserver_token }}"
# See https://github.com/mautrix/signal/issues/43
sender_localpart: _bot_{{ matrix_mautrix_signal_appservice_bot_username }}
rate_limited: false
namespaces:
users:
- regex: '^@signal_[-a-f0-9]+:{{ matrix_mautrix_signal_homeserver_domain | regex_escape }}$'
exclusive: true
- exclusive: true
regex: '^@{{ matrix_mautrix_signal_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_signal_homeserver_domain | regex_escape }}$'
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
io.element.msc4190: {{ matrix_mautrix_signal_msc4190_enabled | to_json }}
matrix_mautrix_signal_registration: "{{ matrix_mautrix_signal_registration_yaml | from_yaml }}"
# Enable End-to-bridge encryption
matrix_mautrix_signal_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
matrix_mautrix_signal_bridge_encryption_default: "{{ matrix_bridges_encryption_default }}"
matrix_mautrix_signal_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"
matrix_mautrix_signal_bridge_personal_filtering_spaces: true
matrix_mautrix_signal_network_note_to_self_avatar: "mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL"
matrix_mautrix_signal_provisioning_shared_secret: ''
matrix_mautrix_signal_public_media_signing_key: ''
# matrix_mautrix_signal_restart_necessary controls whether the service
# will be restarted (when true) or merely started (when false) by the
# systemd service manager role (when conditional restart is enabled).
#
# This value is automatically computed during installation based on whether
# any configuration files, the systemd service file, or the container image changed.
# The default of `false` means "no restart needed" — appropriate when the role's
# installation tasks haven't run (e.g., due to --tags skipping them).
matrix_mautrix_signal_restart_necessary: false
Reference in New Issue View Git Blame Copy Permalink