mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-25 12:06:18 +00:00
Merge branch 'master' into pr-jitsi-matrix-authentication
This commit is contained in:
commit
01ccec2dbe
4
.github/workflows/matrix.yml
vendored
4
.github/workflows/matrix.yml
vendored
@ -13,7 +13,7 @@ jobs:
|
||||
- name: Check out
|
||||
uses: actions/checkout@v3
|
||||
- name: Run yamllint
|
||||
uses: frenck/action-yamllint@v1.3.1
|
||||
uses: frenck/action-yamllint@v1.4.0
|
||||
ansible-lint:
|
||||
name: ansible-lint
|
||||
runs-on: ubuntu-latest
|
||||
@ -21,6 +21,6 @@ jobs:
|
||||
- name: Check out
|
||||
uses: actions/checkout@v3
|
||||
- name: Run ansible-lint
|
||||
uses: ansible-community/ansible-lint-action@v6.10.2
|
||||
uses: ansible-community/ansible-lint-action@v6.11.0
|
||||
with:
|
||||
path: roles/custom
|
||||
|
113
CHANGELOG.md
113
CHANGELOG.md
@ -1,3 +1,112 @@
|
||||
# 2023-02-10
|
||||
|
||||
## Draupnir moderation tool (bot) support
|
||||
|
||||
Thanks to [FSG-Cat](https://github.com/FSG-Cat), the playbook can now install and configure the [Draupnir](https://github.com/Gnuxie/Draupnir) moderation tool (bot). Draupnir is a fork of [Mjolnir](docs/configuring-playbook-bot-mjolnir.md) (which the playbook has supported for a long time) maintained by Mjolnir's former lead developer.
|
||||
|
||||
Additional details are available in [Setting up Draupnir](docs/configuring-playbook-bot-draupnir.md).
|
||||
|
||||
|
||||
# 2023-02-05
|
||||
|
||||
## The matrix-prometheus-postgres-exporter role lives independently now
|
||||
|
||||
**TLDR**: the `matrix-prometheus-postgres-exporter` role is now included from another repository. Some variables have been renamed. All functionality remains intact.
|
||||
|
||||
The `matrix-prometheus-postgres-exporter` role (which configures [Prometheus Postgres Exporter](https://github.com/prometheus-community/postgres_exporter)) has been extracted from the playbook and now lives in its own repository at https://gitlab.com/etke.cc/roles/prometheus_postgres_exporter.
|
||||
|
||||
It's still part of the playbook, but is now installed via `ansible-galaxy` (by running `just roles` / `make roles`). Some variables have been renamed (`matrix_prometheus_postgres_exporter_` -> `prometheus_postgres_exporter_`, etc.). The playbook will report all variables that you need to rename to get upgraded. All functionality remains intact.
|
||||
|
||||
The `matrix-prometheus-services-proxy-connect` role has bee adjusted to help integrate the new `prometheus_postgres_exporter` role with our own services (`matrix-nginx-proxy`)
|
||||
|
||||
Other roles which aren't strictly related to Matrix are likely to follow this fate of moving to their own repositories. Extracting them out allows other Ansible playbooks to make use of these roles easily.
|
||||
|
||||
|
||||
# 2023-01-26
|
||||
|
||||
## Coturn can now use host-networking
|
||||
|
||||
Large Coturn deployments (with a huge range of ports specified via `matrix_coturn_turn_udp_min_port` and `matrix_coturn_turn_udp_max_port`) experience a huge slowdown with how Docker publishes all these ports (setting up firewall forwarding rules), which leads to a very slow Coturn service startup and shutdown.
|
||||
|
||||
Such deployments don't need to run Coturn within a private container network anymore. Coturn can now run with host-networking by using configuration like this:
|
||||
|
||||
```yaml
|
||||
matrix_coturn_docker_network: host
|
||||
```
|
||||
|
||||
With such a configuration, **Docker no longer needs to configure thousands of firewall forwarding rules** each time Coturn starts and stops.
|
||||
This, however, means that **you will need to ensure these ports are open** in your firewall yourself.
|
||||
|
||||
Thanks to us [tightening Coturn security](#backward-compatibility-tightening-coturn-security-can-lead-to-connectivity-issues), running Coturn with host-networking should be safe and not expose neither other services running on the host, nor other services running on the local network.
|
||||
|
||||
|
||||
## (Backward Compatibility) Tightening Coturn security can lead to connectivity issues
|
||||
|
||||
**TLDR**: users who run and access their Matrix server on a private network (likely a small minority of users) may experience connectivity issues with our new default Coturn blocklists. They may need to override `matrix_coturn_denied_peer_ips` and remove some IP ranges from it.
|
||||
|
||||
Inspired by [this security article](https://www.rtcsec.com/article/cve-2020-26262-bypass-of-coturns-access-control-protection/), we've decided to make use of Coturn's `denied-peer-ip` functionality to prevent relaying network traffic to certain private IP subnets. This ensures that your Coturn server won't accidentally try to forward traffic to certain services running on your local networks. We run Coturn in a container and in a private container network by default, which should prevent such access anyway, but having additional block layers in place is better.
|
||||
|
||||
If you access your Matrix server from a local network and need Coturn to relay to private IP addresses, you may observe that relaying is now blocked due to our new default `denied-peer-ip` lists (specified in `matrix_coturn_denied_peer_ips`). If you experience such connectivity problems, consider overriding this setting in your `vars.yml` file and removing certain networks from it.
|
||||
|
||||
We've also added `no-multicast-peers` to the default Coturn configuration, but we don't expect this to cause trouble for most people.
|
||||
|
||||
|
||||
# 2023-01-21
|
||||
|
||||
## The matrix-prometheus-node-exporter role lives independently now
|
||||
|
||||
**TLDR**: the `matrix-prometheus-node-exporter` role is now included from another repository. Some variables have been renamed. All functionality remains intact.
|
||||
|
||||
The `matrix-prometheus-node-exporter` role (which configures [Prometheus node exporter](https://github.com/prometheus/node_exporter)) has been extracted from the playbook and now lives in its own repository at https://gitlab.com/etke.cc/roles/prometheus_node_exporter.
|
||||
|
||||
It's still part of the playbook, but is now installed via `ansible-galaxy` (by running `just roles` / `make roles`). Some variables have been renamed (`matrix_prometheus_node_exporter_` -> `prometheus_node_exporter_`, etc.). The playbook will report all variables that you need to rename to get upgraded. All functionality remains intact.
|
||||
|
||||
A new `matrix-prometheus-services-proxy-connect` role was added to the playbook to help integrate the new `prometheus_node_exporter` role with our own services (`matrix-nginx-proxy`)
|
||||
|
||||
Other roles which aren't strictly related to Matrix are likely to follow this fate of moving to their own repositories. Extracting them out allows other Ansible playbooks to make use of these roles easily.
|
||||
|
||||
|
||||
# 2023-01-13
|
||||
|
||||
## Support for running commands via just
|
||||
|
||||
We've previously used [make](https://www.gnu.org/software/make/) for easily running some playbook commands (e.g. `make roles` which triggers `ansible-galaxy`, see [Makefile](Makefile)).
|
||||
Our `Makefile` is still around and you can still run these commands.
|
||||
|
||||
In addition, we've added support for running commands via [just](https://github.com/casey/just) - a more modern command-runner alternative to `make`. Instead of `make roles`, you can now run `just roles` to accomplish the same.
|
||||
|
||||
Our [justfile](justfile) already defines some additional helpful **shortcut** commands that weren't part of our `Makefile`. Here are some examples:
|
||||
|
||||
- `just install-all` to trigger the much longer `ansible-playbook -i inventory/hosts setup.yml --tags=install-all,ensure-matrix-users-created,start` command
|
||||
- `just install-all --ask-vault-pass` - commands also support additional arguments (`--ask-vault-pass` will be appended to the above installation command)
|
||||
- `just run-tags install-mautrix-slack,start` - to run specific playbook tags
|
||||
- `just start-all` - (re-)starts all services
|
||||
- `just stop-group postgres` - to stop only the Postgres service
|
||||
- `just register-user john secret-password yes` - registers a `john` user with the `secret-password` password and admin access (admin = `yes`)
|
||||
|
||||
Additional helpful commands and shortcuts may be defined in the future.
|
||||
|
||||
This is all completely optional. If you find it difficult to [install `just`](https://github.com/casey/just#installation) or don't find any of this convenient, feel free to run all commands manually.
|
||||
|
||||
|
||||
# 2023-01-11
|
||||
|
||||
## mautrix-slack support
|
||||
|
||||
Thanks to [Cody Neiman](https://github.com/xangelix)'s efforts, the playbook now supports bridging to [Slack](https://slack.com/) via the [mautrix-slack](https://mau.dev/mautrix/slack) bridge. See our [Setting up Mautrix Slack bridging](docs/configuring-playbook-bridge-mautrix-slack.md) documentation page for getting started.
|
||||
|
||||
**Note**: this is a new Slack bridge. The playbook still retains Slack bridging via [matrix-appservice-slack](docs/configuring-playbook-bridge-appservice-slack.md) and [mx-puppet-slack](docs/configuring-playbook-bridge-mx-puppet-slack.md). You're free to use the bridge that serves you better, or even all three of them (for different users and use-cases).
|
||||
|
||||
|
||||
# 2023-01-10
|
||||
|
||||
## ChatGPT support
|
||||
|
||||
Thanks to [@bertybuttface](https://github.com/bertybuttface), the playbook can now help you set up [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) - a bot through which you can talk to the [ChatGPT](https://openai.com/blog/chatgpt/) model.
|
||||
|
||||
See our [Setting up matrix-bot-chatgpt](docs/configuring-playbook-bot-chatgpt.md) documentation to get started.
|
||||
|
||||
|
||||
# 2022-11-30
|
||||
|
||||
## matrix-postgres-backup has been replaced by the com.devture.ansible.role.postgres_backup external role
|
||||
@ -353,7 +462,7 @@ matrix_homeserver_implementation: conduit
|
||||
|
||||
Thanks to [MdotAmaan](https://github.com/MdotAmaan)'s efforts, the playbook now supports bridging to [Discord](https://discordapp.com/) via the [mautrix-discord](https://mau.dev/mautrix/discord) bridge. See our [Setting up Mautrix Discord bridging](docs/configuring-playbook-bridge-mautrix-discord.md) documentation page for getting started.
|
||||
|
||||
**Note**: this is a new Discord bridge. The playbook still retains Discord bridging via [matrix-appservice-discord](docs/configuring-playbook-bridge-appservice-discord.md) and [mx-puppet-discord](docs/configuring-playbook-bridge-mx-puppet-discord.md). You're free too use the bridge that serves you better, or even all three of them (for different users and use-cases).
|
||||
**Note**: this is a new Discord bridge. The playbook still retains Discord bridging via [matrix-appservice-discord](docs/configuring-playbook-bridge-appservice-discord.md) and [mx-puppet-discord](docs/configuring-playbook-bridge-mx-puppet-discord.md). You're free to use the bridge that serves you better, or even all three of them (for different users and use-cases).
|
||||
|
||||
|
||||
# 2022-07-27
|
||||
@ -434,7 +543,7 @@ See our [Setting up the ntfy push notifications server](docs/configuring-playboo
|
||||
|
||||
**If you're using node-exporter** (`matrix_prometheus_node_exporter_enabled: true`) and would like to collect its metrics from an external Prometheus server, see `matrix_prometheus_node_exporter_metrics_proxying_enabled` described in our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation. You will be able to collect its metrics from `https://matrix.DOMAIN/metrics/node-exporter`.
|
||||
|
||||
**If you're using [postgres-exporter](docs/configuring-playbook-prometheus-postgres.md)** (`matrix_prometheus_postgres_exporter_enabled: true`) and would like to collect its metrics from an external Prometheus server, see `matrix_prometheus_postgres_exporter_metrics_proxying_enabled` described in our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation. You will be able to collect its metrics from `https://matrix.DOMAIN/metrics/postgres-exporter`.
|
||||
**If you're using [postgres-exporter](docs/configuring-playbook-prometheus-postgres.md)** (`prometheus_postgres_exporter_enabled: true`) and would like to collect its metrics from an external Prometheus server, see `matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_metrics_proxying_enabled` described in our [Collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) documentation. You will be able to collect its metrics from `https://matrix.DOMAIN/metrics/postgres-exporter`.
|
||||
|
||||
**If you're using Synapse** and would like to collect its metrics from an external Prometheus server, you may find that:
|
||||
|
||||
|
@ -89,7 +89,8 @@ Bridges can be used to connect your matrix installation with third-party communi
|
||||
|
||||
| Name | Default? | Description | Documentation |
|
||||
| ---- | -------- | ----------- | ------------- |
|
||||
[mautrix-discord](https://github.com/mautrix/discord) | x | Bridge for bridging your Matrix server to [Discord](https://discord.com/) | [Link](docs/configuring-playbook-bridge-mautrix-discord.md) |
|
||||
| [mautrix-discord](https://github.com/mautrix/discord) | x | Bridge for bridging your Matrix server to [Discord](https://discord.com/) | [Link](docs/configuring-playbook-bridge-mautrix-discord.md) |
|
||||
| [mautrix-slack](https://github.com/mautrix/slack) | x | Bridge for bridging your Matrix server to [Slack](https://slack.com/) | [Link](docs/configuring-playbook-bridge-mautrix-slack.md) |
|
||||
| [mautrix-telegram](https://github.com/mautrix/telegram) | x | Bridge for bridging your Matrix server to [Telegram](https://telegram.org/) | [Link](docs/configuring-playbook-bridge-mautrix-telegram.md) |
|
||||
| [mautrix-whatsapp](https://github.com/mautrix/whatsapp) | x | Bridge for bridging your Matrix server to [WhatsApp](https://www.whatsapp.com/) | [Link](docs/configuring-playbook-bridge-mautrix-whatsapp.md) |
|
||||
| [mautrix-facebook](https://github.com/mautrix/facebook) | x | Bridge for bridging your Matrix server to [Facebook](https://facebook.com/) | [Link](docs/configuring-playbook-bridge-mautrix-facebook.md) |
|
||||
@ -130,6 +131,7 @@ Bots provide various additional functionality to your installation.
|
||||
| [Go-NEB](https://github.com/matrix-org/go-neb) | x | A multi functional bot written in Go | [Link](docs/configuring-playbook-bot-go-neb.md) |
|
||||
| [Mjolnir](https://github.com/matrix-org/mjolnir) | x | A moderation tool for Matrix | [Link](docs/configuring-playbook-bot-mjolnir.md) |
|
||||
| [Buscarron](https://gitlab.com/etke.cc/buscarron) | x | Web forms (HTTP POST) to matrix | [Link](docs/configuring-playbook-bot-buscarron.md) |
|
||||
| [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) | x | ChatGPT from matrix | [Link](docs/configuring-playbook-bot-chatgpt.md) |
|
||||
|
||||
### Administration
|
||||
|
||||
|
62
docs/configuring-playbook-bot-chatgpt.md
Normal file
62
docs/configuring-playbook-bot-chatgpt.md
Normal file
@ -0,0 +1,62 @@
|
||||
# Setting up ChatGPT (optional)
|
||||
|
||||
The playbook can install and configure [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) for you.
|
||||
|
||||
Talk to [ChatGPT](https://openai.com/blog/chatgpt/) via your favourite Matrix client!
|
||||
|
||||
|
||||
## 1. Register the bot account
|
||||
|
||||
The playbook does not automatically create users for you. The bot requires an access token to be able to connect to your homeserver.
|
||||
|
||||
You **need to register the bot user manually** before setting up the bot.
|
||||
|
||||
Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`.
|
||||
|
||||
You can use the playbook to [register a new user](registering-users.md):
|
||||
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.chatgpt password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user
|
||||
```
|
||||
|
||||
|
||||
## 2. Get an access token
|
||||
|
||||
Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
|
||||
|
||||
|
||||
## 3. Adjusting the playbook configuration
|
||||
|
||||
Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs):
|
||||
|
||||
```yaml
|
||||
matrix_bot_chatgpt_enabled: true
|
||||
|
||||
# Obtain a new API key from https://platform.openai.com/account/api-keys
|
||||
matrix_bot_chatgpt_openai_api_key: ''
|
||||
|
||||
# This is the default username
|
||||
# matrix_bot_chatgpt_matrix_bot_username_localpart: 'bot.chatgpt'
|
||||
|
||||
# Matrix access token (from bot user above)
|
||||
# see: https://webapps.stackexchange.com/questions/131056/how-to-get-an-access-token-for-element-riot-matrix
|
||||
matrix_bot_chatgpt_matrix_access_token: ''
|
||||
```
|
||||
|
||||
You will need to get tokens for ChatGPT.
|
||||
|
||||
|
||||
## 4. Installing
|
||||
|
||||
After configuring the playbook, run the [installation](installing.md) command again:
|
||||
|
||||
```sh
|
||||
ansible-playbook -i inventory/hosts setup.yml --tags=install-all,start
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
To use the bot, invite the `@bot.chatgpt:DOMAIN` to the room you specified in a config, after that start speaking to it, use the prefix if you configured one or mention the bot.
|
||||
|
||||
You can also refer to the upstream [documentation](https://github.com/matrixgpt/matrix-chatgpt-bot).
|
114
docs/configuring-playbook-bot-draupnir.md
Normal file
114
docs/configuring-playbook-bot-draupnir.md
Normal file
@ -0,0 +1,114 @@
|
||||
# Setting up draupnir (optional)
|
||||
|
||||
The playbook can install and configure the [draupnir](https://github.com/Gnuxie/Draupnir) moderation bot for you.
|
||||
|
||||
See the project's [documentation](https://github.com/Gnuxie/Draupnir) to learn what it does and why it might be useful to you.
|
||||
|
||||
If your migrating from Mjolnir skip to step 5b.
|
||||
|
||||
## 1. Register the bot account
|
||||
|
||||
The playbook does not automatically create users for you. The bot requires an access token to be able to connect to your homeserver.
|
||||
|
||||
You **need to register the bot user manually** before setting up the bot.
|
||||
|
||||
Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`.
|
||||
|
||||
You can use the playbook to [register a new user](registering-users.md):
|
||||
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.draupnir password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user
|
||||
```
|
||||
|
||||
If you would like draupnir to be able to deactivate users, move aliases, shutdown rooms, etc then it must be a server admin so you need to change `admin=no` to `admin=yes` in the command above.
|
||||
|
||||
|
||||
## 2. Get an access token
|
||||
|
||||
Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
|
||||
|
||||
|
||||
## 3. Make sure the account is free from rate limiting
|
||||
|
||||
You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step draupnir will crash. This can be done using Synapse's [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). This can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps.
|
||||
|
||||
1. Copy the statement below into a text editor.
|
||||
|
||||
```
|
||||
INSERT INTO ratelimit_override VALUES ('@bot.draupnir:DOMAIN', 0, 0);
|
||||
```
|
||||
|
||||
1. Change the username (`@bot.draupnir:DOMAIN`) to the username you used when you registered the bot's account. You must change `DOMAIN` to your server's domain.
|
||||
|
||||
1. Get a database terminal by following these steps: [maintenance-postgres.md#getting-a-database-terminal](maintenance-postgres.md#getting-a-database-terminal)
|
||||
|
||||
1. Connect to Synapse's database by typing `\connect synapse` into the database terminal
|
||||
|
||||
1. Paste in the `INSERT INTO` command that you edited and press enter.
|
||||
|
||||
You can run `SELECT * FROM ratelimit_override;` to see if it worked. If the output looks like this:
|
||||
|
||||
```
|
||||
user_id | messages_per_second | burst_count
|
||||
-----------------------+---------------------+-------------
|
||||
@bot.draupnir:raim.ist | 0 | 0`
|
||||
```
|
||||
then you did it correctly.
|
||||
|
||||
|
||||
## 4. Create a management room
|
||||
|
||||
Using your own account, create a new invite only room that you will use to manage the bot. This is the room where you will see the status of the bot and where you will send commands to the bot, such as the command to ban a user from another room. Anyone in this room can control the bot so it is important that you only invite trusted users to this room. The room must be unencrypted since the playbook does not support installing Pantalaimon yet.
|
||||
|
||||
Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then coping the internal room ID. The room ID will look something like `!QvgVuKq0ha8glOLGMG:DOMAIN`.
|
||||
|
||||
Finally invite the `@bot.draupnir:DOMAIN` account you created earlier into the room.
|
||||
|
||||
|
||||
## 5a. Adjusting the playbook configuration
|
||||
|
||||
Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs):
|
||||
|
||||
You must replace `ACCESS_TOKEN_FROM_STEP_2_GOES_HERE` and `ROOM_ID_FROM_STEP_4_GOES_HERE` with the your own values.
|
||||
|
||||
```yaml
|
||||
matrix_bot_draupnir_enabled: true
|
||||
|
||||
matrix_bot_draupnir_access_token: "ACCESS_TOKEN_FROM_STEP_2_GOES_HERE"
|
||||
|
||||
matrix_bot_draupnir_management_room: "ROOM_ID_FROM_STEP_4_GOES_HERE"
|
||||
```
|
||||
|
||||
## 5b. Migrating from Mjolnir (Only required if migrating.)
|
||||
|
||||
Replace your matrix_bot_mjolnir config with matrix_bot_draupnir config. Also disable mjolnir if you're doing migration.
|
||||
That is all you need to do due to that Draupnir can complete migration on its own.
|
||||
|
||||
## 6. Installing
|
||||
|
||||
After configuring the playbook, run the [installation](installing.md) command:
|
||||
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
You can refer to the upstream [documentation](https://github.com/Gnuxie/Draupnir) for additional ways to use and configure draupnir. Check out their [quickstart guide](https://github.com/matrix-org/draupnir/blob/main/docs/moderators.md#quick-usage) for some basic commands you can give to the bot.
|
||||
|
||||
You can configure additional options by adding the `matrix_bot_draupnir_configuration_extension_yaml` variable to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file.
|
||||
|
||||
For example to change draupnir's `recordIgnoredInvites` option to `true` you would add the following to your `vars.yml` file.
|
||||
|
||||
```yaml
|
||||
matrix_bot_draupnir_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_bot_draupnir_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_bot_draupnir_configuration_yaml`.
|
||||
recordIgnoredInvites: true
|
||||
```
|
@ -1,6 +1,6 @@
|
||||
# Setting up Appservice Slack (optional)
|
||||
|
||||
**Note**: bridging to [Slack](https://slack.com) can also happen via the [mx-puppet-slack](configuring-playbook-bridge-mx-puppet-slack.md) bridge supported by the playbook.
|
||||
**Note**: bridging to [Slack](https://slack.com) can also happen via the [mx-puppet-slack](configuring-playbook-bridge-mx-puppet-slack.md) and [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) bridges supported by the playbook.
|
||||
|
||||
The playbook can install and configure [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) for you.
|
||||
|
||||
|
77
docs/configuring-playbook-bridge-mautrix-slack.md
Normal file
77
docs/configuring-playbook-bridge-mautrix-slack.md
Normal file
@ -0,0 +1,77 @@
|
||||
# Setting up Mautrix Slack (optional)
|
||||
|
||||
**Note**: bridging to [Slack](https://slack.com/) can also happen via the [mx-puppet-slack](configuring-playbook-bridge-mx-puppet-slack.md) and [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) bridges supported by the playbook.
|
||||
- For using as a Bot we recommend the [Appservice Slack](configuring-playbook-bridge-appservice-slack.md), because it supports plumbing.
|
||||
- For personal use with a slack account we recommend the `mautrix-slack` bridge (the one being discussed here), because it is the most fully-featured and stable of the 3 Slack bridges supported by the playbook.
|
||||
|
||||
The playbook can install and configure [mautrix-slack](https://github.com/mautrix/slack) for you.
|
||||
|
||||
See the project's [documentation](https://docs.mau.fi/bridges/go/slack/index.html) to learn what it does and why it might be useful to you.
|
||||
|
||||
Note that as of Oct 2022, support for multiple Matrix users using the bot is incomplete. Different users do not yet share the bridged channels. Everyone gets their own copy.
|
||||
|
||||
See the [features and roadmap](https://github.com/mautrix/slack/blob/main/ROADMAP.md) for more information.
|
||||
|
||||
|
||||
## Prerequisites
|
||||
|
||||
For using this bridge, you would need to authenticate by **providing your username and password** (legacy) or by using a **token login**. See more information in the [docs](https://docs.mau.fi/bridges/go/slack/authentication.html).
|
||||
|
||||
Note that neither of these methods are officially supported by Slack. [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) uses a Slack bot account which is the only officially supported method for bridging a Slack channel.
|
||||
|
||||
|
||||
## Installing
|
||||
|
||||
To enable the bridge, add this to your `vars.yml` file:
|
||||
|
||||
```yaml
|
||||
matrix_mautrix_slack_enabled: true
|
||||
```
|
||||
|
||||
You may optionally wish to add some [Additional configuration](#additional-configuration), or to [prepare for double-puppeting](#set-up-double-puppeting) before the initial installation.
|
||||
|
||||
After adjusting your `vars.yml` file, re-run the playbook and restart all services: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start`
|
||||
|
||||
To make use of the bridge, see [Usage](#usage) below.
|
||||
|
||||
|
||||
### Additional configuration
|
||||
|
||||
There are some additional options you may wish to configure with the bridge.
|
||||
|
||||
Take a look at:
|
||||
|
||||
- `roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
|
||||
- `roles/custom/matrix-bridge-mautrix-slack/templates/config.yaml.j2` for the bridge's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_mautrix_slack_configuration_extension_yaml` variable
|
||||
|
||||
|
||||
### Set up Double Puppeting
|
||||
|
||||
If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it.
|
||||
|
||||
#### Method 1: automatically, by enabling Shared Secret Auth
|
||||
|
||||
The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook.
|
||||
|
||||
This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
|
||||
|
||||
#### Method 2: manually, by asking each user to provide a working access token
|
||||
|
||||
**Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)).
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
- make sure you don't log out the `Mautrix-Slack` device some time in the future, as that would break the Double Puppeting feature
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
1. Start a chat with `@slackbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain).
|
||||
2. If you would like to login to Slack using a token, send the `login-token` command, otherwise, send the `login-password` command. Read [here](https://docs.mau.fi/bridges/go/slack/authentication.html) on how to retrieve your token and cookie token.
|
||||
3. The bot should respond with "Successfully logged into <email> for team <workspace>"
|
||||
4. Now that you're logged in, you can send a `help` command to the bot again, to see additional commands you have access to.
|
||||
5. Slack channels should automatically begin bridging if you authenticated using a token. Otherwise, you must wait to receive a message in the channel if you used password authentication.
|
@ -11,6 +11,19 @@ matrix_mautrix_whatsapp_enabled: true
|
||||
```
|
||||
Whatsapp multidevice beta is required, now it is enough if Whatsapp is connected to the Internet every 2 weeks.
|
||||
|
||||
The relay bot functionality is off by default. If you would like to enable the relay bot, add the following to your `vars.yml` file:
|
||||
```yaml
|
||||
matrix_mautrix_whatsapp_bridge_relay_enabled: true
|
||||
```
|
||||
|
||||
By default, only admins are allowed to set themselves as relay users. To allow anyone on your homeserver to set themselves as relay users add this to your `vars.yml` file:
|
||||
```yaml
|
||||
matrix_mautrix_whatsapp_bridge_relay_admin_only: false
|
||||
```
|
||||
|
||||
If you want to activate the relay bot in a room, use `!whatsapp set-relay`.
|
||||
Use `!whatsapp unset-relay` to deactivate.
|
||||
|
||||
## Enable backfilling history
|
||||
This requires a server with MSC2716 support, which is currently an experimental feature in synapse.
|
||||
Note that as of Synapse 1.46, there are still some bugs with the implementation, especially if using event persistence workers.
|
||||
|
@ -1,8 +1,7 @@
|
||||
# Setting up MX Puppet Slack (optional)
|
||||
|
||||
**Note**: bridging to [Slack](https://slack.com) can also happen via the
|
||||
[matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md)
|
||||
bridge supported by the playbook.
|
||||
[matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) and [mautrix-slack](configuring-playbook-bridge-mautrix-slack.md) bridges supported by the playbook.
|
||||
|
||||
The playbook can install and configure [Beeper](https://www.beeper.com/)-maintained fork of
|
||||
[mx-puppet-slack](https://gitlab.com/beeper/mx-puppet-monorepo) for you.
|
||||
|
@ -10,10 +10,10 @@ Remember to add `stats.<your-domain>` to DNS as described in [Configuring DNS](c
|
||||
matrix_prometheus_enabled: true
|
||||
|
||||
# You can remove this, if unnecessary.
|
||||
matrix_prometheus_node_exporter_enabled: true
|
||||
prometheus_node_exporter_enabled: true
|
||||
|
||||
# You can remove this, if unnecessary.
|
||||
matrix_prometheus_postgres_exporter_enabled: true
|
||||
prometheus_postgres_exporter_enabled: true
|
||||
|
||||
# You can remove this, if unnecessary.
|
||||
matrix_prometheus_nginxlog_exporter_enabled: true
|
||||
@ -40,8 +40,8 @@ The retention policy of Prometheus metrics is [15 days by default](https://prome
|
||||
Name | Description
|
||||
-----|----------
|
||||
`matrix_prometheus_enabled`|[Prometheus](https://prometheus.io) is a time series database. It holds all the data we're going to talk about.
|
||||
`matrix_prometheus_node_exporter_enabled`|[Node Exporter](https://prometheus.io/docs/guides/node-exporter/) is an addon of sorts to Prometheus that collects generic system information such as CPU, memory, filesystem, and even system temperatures
|
||||
`matrix_prometheus_postgres_exporter_enabled`|[Postgres Exporter](configuring-playbook-prometheus-postgres.md) is an addon of sorts to expose Postgres database metrics to Prometheus.
|
||||
`prometheus_node_exporter_enabled`|[Node Exporter](https://prometheus.io/docs/guides/node-exporter/) is an addon of sorts to Prometheus that collects generic system information such as CPU, memory, filesystem, and even system temperatures
|
||||
`prometheus_postgres_exporter_enabled`|[Postgres Exporter](configuring-playbook-prometheus-postgres.md) is an addon of sorts to expose Postgres database metrics to Prometheus.
|
||||
`matrix_prometheus_nginxlog_exporter_enabled`|[NGINX Log Exporter](configuring-playbook-prometheus-nginxlog.md) is an addon of sorts to expose NGINX logs to Prometheus.
|
||||
`matrix_grafana_enabled`|[Grafana](https://grafana.com/) is the visual component. It shows (on the `stats.<your-domain>` subdomain) the dashboards with the graphs that we're interested in
|
||||
`matrix_grafana_anonymous_access`|By default you need to log in to see graphs. If you want to publicly share your graphs (e.g. when asking for help in [`#synapse:matrix.org`](https://matrix.to/#/#synapse:matrix.org?via=matrix.org&via=privacytools.io&via=mozilla.org)) you'll want to enable this option.
|
||||
@ -52,7 +52,7 @@ Name | Description
|
||||
|
||||
Metrics and resulting graphs can contain a lot of information. This includes system specs but also usage patterns. This applies especially to small personal/family scale homeservers. Someone might be able to figure out when you wake up and go to sleep by looking at the graphs over time. Think about this before enabling anonymous access. And you should really not forget to change your Grafana password.
|
||||
|
||||
Most of our docker containers run with limited system access, but the `prometheus-node-exporter` has access to the host network stack and (readonly) root filesystem. This is required to report on them. If you don't like that, you can set `matrix_prometheus_node_exporter_enabled: false` (which is actually the default). You will still get Synapse metrics with this container disabled. Both of the dashboards will always be enabled, so you can still look at historical data after disabling either source.
|
||||
Most of our docker containers run with limited system access, but the `prometheus-node-exporter` has access to the host network stack and (readonly) root filesystem. This is required to report on them. If you don't like that, you can set `prometheus_node_exporter_enabled: false` (which is actually the default). You will still get Synapse metrics with this container disabled. Both of the dashboards will always be enabled, so you can still look at historical data after disabling either source.
|
||||
|
||||
|
||||
## Collecting metrics to an external Prometheus server
|
||||
@ -74,11 +74,11 @@ Name | Description
|
||||
`matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content`|Set this to the Basic Authentication credentials (raw `htpasswd` file content) used to protect `/metrics/*`. This htpasswd-file needs to be generated with the `htpasswd` tool and can include multiple username/password pairs. If you only need one credential, use `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username` and `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_password` instead.
|
||||
`matrix_synapse_metrics_enabled`|Set this to `true` to make Synapse expose metrics (locally, on the container network)
|
||||
`matrix_synapse_metrics_proxying_enabled`|Set this to `true` to expose Synapse's metrics on `https://matrix.DOMAIN/metrics/synapse/main-process` and `https://matrix.DOMAIN/metrics/synapse/worker/TYPE-ID` (only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`). Read [below](#collecting-synapse-worker-metrics-to-an-external-prometheus-server) if you're running a Synapse worker setup (`matrix_synapse_workers_enabled: true`).
|
||||
`matrix_prometheus_node_exporter_enabled`|Set this to `true` to enable the node (general system stats) exporter (locally, on the container network)
|
||||
`matrix_prometheus_node_exporter_metrics_proxying_enabled`|Set this to `true` to expose the node (general system stats) metrics on `https://matrix.DOMAIN/metrics/node-exporter` (only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`)
|
||||
`matrix_prometheus_postgres_exporter_enabled`|Set this to `true` to enable the [Postgres exporter](configuring-playbook-prometheus-postgres.md) (locally, on the container network)
|
||||
`prometheus_node_exporter_enabled`|Set this to `true` to enable the node (general system stats) exporter (locally, on the container network)
|
||||
`matrix_prometheus_services_proxy_connect_prometheus_node_exporter_metrics_proxying_enabled`|Set this to `true` to expose the node (general system stats) metrics on `https://matrix.DOMAIN/metrics/node-exporter` (only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`)
|
||||
`prometheus_postgres_exporter_enabled`|Set this to `true` to enable the [Postgres exporter](configuring-playbook-prometheus-postgres.md) (locally, on the container network)
|
||||
`matrix_prometheus_nginxlog_exporter_enabled`|Set this to `true` to enable the [NGINX Log exporter](configuring-playbook-prometheus-nginxlog.md) (locally, on the container network)
|
||||
`matrix_prometheus_postgres_exporter_metrics_proxying_enabled`|Set this to `true` to expose the [Postgres exporter](configuring-playbook-prometheus-postgres.md) metrics on `https://matrix.DOMAIN/metrics/postgres-exporter` (only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`)
|
||||
`matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_metrics_proxying_enabled`|Set this to `true` to expose the [Postgres exporter](configuring-playbook-prometheus-postgres.md) metrics on `https://matrix.DOMAIN/metrics/postgres-exporter` (only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`)
|
||||
`matrix_bridge_hookshot_metrics_enabled`|Set this to `true` to make [Hookshot](configuring-playbook-bridge-hookshot.md) expose metrics (locally, on the container network)
|
||||
`matrix_bridge_hookshot_metrics_proxying_enabled`|Set this to `true` to expose the [Hookshot](configuring-playbook-bridge-hookshot.md) metrics on `https://matrix.DOMAIN/metrics/hookshot` (only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`)
|
||||
`matrix_SERVICE_metrics_proxying_enabled`|Various other services/roles may provide similar `_metrics_enabled` and `_metrics_proxying_enabled` variables for exposing their metrics. Refer to each role for details. Only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`
|
||||
|
@ -6,17 +6,17 @@ You can enable this with the following settings in your configuration file (`inv
|
||||
|
||||
|
||||
```yaml
|
||||
matrix_prometheus_postgres_exporter_enabled: true
|
||||
prometheus_postgres_exporter_enabled: true
|
||||
```
|
||||
|
||||
## What does it do?
|
||||
|
||||
Name | Description
|
||||
-----|----------
|
||||
`matrix_prometheus_postgres_exporter_enabled`|Enable the postgres prometheus exporter. This sets up the docker container, connects it to the database and adds a 'job' to the prometheus config which tells prometheus about this new exporter. The default is 'false'
|
||||
`matrix_prometheus_postgres_exporter_database_username`| The 'username' for the user that the exporter uses to connect to the database. The default is 'matrix_prometheus_postgres_exporter'
|
||||
`matrix_prometheus_postgres_exporter_database_password`| The 'password' for the user that the exporter uses to connect to the database. By default, this is auto-generated by the playbook
|
||||
`matrix_prometheus_postgres_exporter_metrics_proxying_enabled`|If set to `true`, exposes the Postgres exporter metrics on `https://matrix.DOMAIN/metrics/postgres-exporter` for usage with an [external Prometheus server](configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) (only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`)
|
||||
`prometheus_postgres_exporter_enabled`|Enable the postgres prometheus exporter. This sets up the docker container, connects it to the database and adds a 'job' to the prometheus config which tells prometheus about this new exporter. The default is 'false'
|
||||
`prometheus_postgres_exporter_database_username`| The 'username' for the user that the exporter uses to connect to the database. The default is 'matrix_prometheus_postgres_exporter'
|
||||
`prometheus_postgres_exporter_database_password`| The 'password' for the user that the exporter uses to connect to the database. By default, this is auto-generated by the playbook
|
||||
`matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_metrics_proxying_enabled`|If set to `true`, exposes the Postgres exporter metrics on `https://matrix.DOMAIN/metrics/postgres-exporter` for usage with an [external Prometheus server](configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server) (only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`)
|
||||
|
||||
|
||||
## More information
|
||||
|
@ -3,8 +3,6 @@
|
||||
If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service),
|
||||
you can use the [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) media provider module for Synapse.
|
||||
|
||||
**`synapse-s3-storage-provider` support is very new and still relatively untested. Using it may cause data loss.**
|
||||
|
||||
An alternative (which has worse performance) is to use [Goofys to mount the S3 store to the local filesystem](configuring-playbook-s3-goofys.md).
|
||||
|
||||
|
||||
@ -68,11 +66,11 @@ This launches a Synapse container, which has access to the local media store, Po
|
||||
|
||||
Then use the following commands (`$` values come from environment variables - they're **not placeholders** that you need to substitute):
|
||||
|
||||
- `s3_media_upload update-db $UPDATE_DB_DURATION` - create a local SQLite database (`cache.db`) with a list of media repository files (from the `synapse` Postgres database) eligible for operating on
|
||||
1. `s3_media_upload update-db $UPDATE_DB_DURATION` - create a local SQLite database (`cache.db`) with a list of media repository files (from the `synapse` Postgres database) eligible for operating on
|
||||
- `$UPDATE_DB_DURATION` is influenced by the `matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count` variable (defaults to `0`)
|
||||
- `$UPDATE_DB_DURATION` defaults to `0d` (0 days), which means **include files which haven't been accessed for more than 0 days** (that is, **all files will be included**).
|
||||
- `s3_media_upload check-deleted $MEDIA_PATH` - check whether files in the local cache still exist in the local media repository directory
|
||||
- `s3_media_upload upload $MEDIA_PATH $BUCKET --delete --storage-class $STORAGE_CLASS --endpoint-url $ENDPOINT` - uploads locally-stored files to S3 and deletes them from the local media repository directory
|
||||
2. `s3_media_upload check-deleted $MEDIA_PATH` - check whether files in the local cache still exist in the local media repository directory
|
||||
3. `s3_media_upload upload $MEDIA_PATH $BUCKET --delete --storage-class $STORAGE_CLASS --endpoint-url $ENDPOINT` - uploads locally-stored files to S3 and deletes them from the local media repository directory
|
||||
|
||||
The `s3_media_upload upload` command may take a lot of time to complete.
|
||||
|
||||
@ -93,13 +91,21 @@ To migrate your existing local data to S3, we recommend to:
|
||||
|
||||
#### Copying data to Amazon S3
|
||||
|
||||
Generally, you need to use the `aws s3` tool.
|
||||
To copy to AWS S3, start a container on the Matrix server like this:
|
||||
|
||||
This documentation section could use an improvement. Ideally, we'd come up with a guide like the one used in [Copying data to Backblaze B2](#copying-data-to-backblaze-b2) - running `aws s3` in a container, etc.
|
||||
```sh
|
||||
docker run -it --rm \
|
||||
-w /work \
|
||||
--env-file=/matrix/synapse/ext/s3-storage-provider/env \
|
||||
--mount type=bind,src=/matrix/synapse/storage/media-store,dst=/work,ro \
|
||||
--entrypoint=/bin/sh \
|
||||
docker.io/amazon/aws-cli:2.9.16 \
|
||||
-c 'aws s3 sync /work/. s3://$BUCKET/'
|
||||
```
|
||||
|
||||
#### Copying data to Backblaze B2
|
||||
|
||||
To copy to Backblaze B2, start a container like this:
|
||||
To copy to Backblaze B2, start a container on the Matrix server like this:
|
||||
|
||||
```sh
|
||||
docker run -it --rm \
|
||||
@ -109,7 +115,7 @@ docker run -it --rm \
|
||||
--env='B2_BUCKET_NAME=YOUR_BUCKET_NAME_GOES_HERE' \
|
||||
--mount type=bind,src=/matrix/synapse/storage/media-store,dst=/work,ro \
|
||||
--entrypoint=/bin/sh \
|
||||
tianon/backblaze-b2:3.6.0 \
|
||||
docker.io/tianon/backblaze-b2:3.6.0 \
|
||||
-c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer'
|
||||
```
|
||||
|
||||
|
@ -106,6 +106,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins
|
||||
|
||||
- [Setting up Mautrix Telegram bridging](configuring-playbook-bridge-mautrix-telegram.md) (optional)
|
||||
|
||||
- [Setting up Mautrix Slack bridging](configuring-playbook-bridge-mautrix-slack.md) (optional)
|
||||
|
||||
- [Setting up Mautrix Whatsapp bridging](configuring-playbook-bridge-mautrix-whatsapp.md) (optional)
|
||||
|
||||
- [Setting up Mautrix Facebook bridging](configuring-playbook-bridge-mautrix-facebook.md) (optional)
|
||||
@ -161,6 +163,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins
|
||||
|
||||
### Bots
|
||||
|
||||
- [Setting up matrix-bot-chatgpt](configuring-playbook-bot-chatgpt.md) - a bot through which you can talk to the [ChatGPT](https://openai.com/blog/chatgpt/) model(optional)
|
||||
|
||||
- [Setting up matrix-reminder-bot](configuring-playbook-bot-matrix-reminder-bot.md) - a bot to remind you about stuff (optional)
|
||||
|
||||
- [Setting up matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md) - a bot to create and manage registration tokens to invite users (optional)
|
||||
@ -173,6 +177,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins
|
||||
|
||||
- [Setting up Mjolnir](configuring-playbook-bot-mjolnir.md) - a moderation tool/bot (optional)
|
||||
|
||||
- [Setting up Draupnir](configuring-playbook-bot-draupnir.md) - a moderation tool/bot (optional), forked from Mjolnir and maintained by its former leader developer
|
||||
|
||||
- [Setting up Buscarron](configuring-playbook-bot-buscarron.md) - a bot you can use to send any form (HTTP POST, HTML) to a (encrypted) Matrix room (optional)
|
||||
|
||||
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure.
|
||||
|
||||
**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `make roles`. `make roles` is a shortcut (a `roles` target defined in [`Makefile`](Makefile) and executed by the [`make`](https://www.gnu.org/software/make/) utility) which ultimately runs [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) to download Ansible roles. If you don't have `make`, you can also manually run the `roles` commands seen in the `Makefile`.
|
||||
**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `just roles`. `just roles` is a shortcut (a `roles` target defined in [`justfile`](../justfile) and executed by the [`just`](https://github.com/casey/just) utility) which ultimately runs [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) to download Ansible roles. If you don't have `just`, you can also manually run the `roles` commands seen in the `justfile`.
|
||||
|
||||
|
||||
## Playbook tags introduction
|
||||
@ -57,7 +57,7 @@ Proceed to [Maintaining your setup in the future](#2-maintaining-your-setup-in-t
|
||||
If you will be importing data into your newly created Matrix server, install it, but **do not** start its services just yet.
|
||||
Starting its services or messing with its database now will affect your data import later on.
|
||||
|
||||
To do the installation **without** starting services, run only the `setup-all` tag:
|
||||
To do the installation **without** starting services, run only the `install-all` tag:
|
||||
|
||||
```sh
|
||||
ansible-playbook -i inventory/hosts setup.yml --tags=install-all
|
||||
@ -88,6 +88,8 @@ Feel free to **re-run the setup command any time** you think something is off wi
|
||||
|
||||
Note that if you remove components from `vars.yml`, or if we switch some component from being installed by default to not being installed by default anymore, you'd need to run the setup command with `--tags=setup-all` instead of `--tags=install-all`. See [Playbook tags introduction](#playbook-tags-introduction)
|
||||
|
||||
A way to invoke these `ansible-playbook` commands with less typing in the future is to use [just](https://github.com/casey/just) to run them: `just install-all` or `just setup-all`. See [our `justfile`](../justfile) for more information.
|
||||
|
||||
|
||||
## 3. Finalize the installation
|
||||
|
||||
|
@ -10,8 +10,8 @@ To upgrade services:
|
||||
|
||||
- take a look at [the changelog](../CHANGELOG.md) to see if there have been any backward-incompatible changes that you need to take care of
|
||||
|
||||
- download the upstream Ansible roles used by the playbook by running `make roles`
|
||||
- download the upstream Ansible roles used by the playbook by running `just roles`
|
||||
|
||||
- re-run the [playbook setup](installing.md) and restart all serivces: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start`
|
||||
- re-run the [playbook setup](installing.md) and restart all services: `just setup-all`
|
||||
|
||||
**Note**: major version upgrades to the internal PostgreSQL database are not done automatically. To upgrade it, refer to the [upgrading PostgreSQL guide](maintenance-postgres.md#upgrading-postgresql).
|
||||
|
@ -22,7 +22,7 @@ If your distro runs within an [LXC container](https://linuxcontainers.org/), you
|
||||
|
||||
- [`git`](https://git-scm.com/) is the recommended way to download the playbook to your computer. `git` may also be required on the server if you will be [self-building](self-building.md) components.
|
||||
|
||||
- [`make`](https://www.gnu.org/software/make/) for running `make roles`, etc. (see [`Makefile`](../Makefile)), although you can also run these commands manually (without `make`)
|
||||
- [`just`](https://github.com/casey/just) for running `just roles`, etc. (see [`justfile`](../justfile)), although you can also run these commands manually
|
||||
|
||||
- An HTTPS-capable web server at the base domain name (`<your-domain>`) which is capable of serving static files. Unless you decide to [Serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md) or alternatively, to use DNS SRV records for [Server Delegation](howto-server-delegation.md).
|
||||
|
||||
|
@ -16,13 +16,21 @@ Table of contents:
|
||||
|
||||
You can do it via this Ansible playbook (make sure to edit the `<your-username>` and `<your-password>` part below):
|
||||
|
||||
```sh
|
||||
just register-user <your-username> <your-password> <admin access: yes or no>
|
||||
|
||||
# Example: `just register-user john secret-password yes`
|
||||
```
|
||||
|
||||
**or** by invoking `ansible-playbook` manually:
|
||||
|
||||
```sh
|
||||
ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=<your-username> password=<your-password> admin=<yes|no>' --tags=register-user
|
||||
```
|
||||
|
||||
**or** using the command-line after **SSH**-ing to your server (requires that [all services have been started](#starting-the-services)):
|
||||
|
||||
```
|
||||
```sh
|
||||
/matrix/synapse/bin/register-user <your-username> <your-password> <admin access: 0 or 1>
|
||||
```
|
||||
|
||||
|
@ -53,6 +53,8 @@ matrix_homeserver_container_extra_arguments_auto: |
|
||||
+
|
||||
(['--mount type=bind,src=' + matrix_mautrix_discord_config_path + '/registration.yaml,dst=/matrix-mautrix-discord-registration.yaml,ro'] if matrix_mautrix_discord_enabled else [])
|
||||
+
|
||||
(['--mount type=bind,src=' + matrix_mautrix_slack_config_path + '/registration.yaml,dst=/matrix-mautrix-slack-registration.yaml,ro'] if matrix_mautrix_slack_enabled else [])
|
||||
+
|
||||
(['--mount type=bind,src=' + matrix_mautrix_facebook_config_path + '/registration.yaml,dst=/matrix-mautrix-facebook-registration.yaml,ro'] if matrix_mautrix_facebook_enabled else [])
|
||||
+
|
||||
(['--mount type=bind,src=' + matrix_mautrix_googlechat_config_path + '/registration.yaml,dst=/matrix-mautrix-googlechat-registration.yaml,ro'] if matrix_mautrix_googlechat_enabled else [])
|
||||
@ -108,6 +110,8 @@ matrix_homeserver_app_service_config_files_auto: |
|
||||
+
|
||||
(['/matrix-mautrix-discord-registration.yaml'] if matrix_mautrix_discord_enabled else [])
|
||||
+
|
||||
(['/matrix-mautrix-slack-registration.yaml'] if matrix_mautrix_slack_enabled else [])
|
||||
+
|
||||
(['/matrix-mautrix-facebook-registration.yaml'] if matrix_mautrix_facebook_enabled else [])
|
||||
+
|
||||
(['/matrix-mautrix-googlechat-registration.yaml'] if matrix_mautrix_googlechat_enabled else [])
|
||||
@ -185,8 +189,12 @@ devture_systemd_service_manager_services_list_auto: |
|
||||
+
|
||||
([{'name': 'matrix-bot-mjolnir.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'mjolnir']}] if matrix_bot_mjolnir_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-bot-draupnir.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'draupnir']}] if matrix_bot_draupnir_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-bot-postmoogle.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'postmoogle']}] if matrix_bot_postmoogle_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-bot-chatgpt.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'chatgpt']}] if matrix_bot_chatgpt_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-appservice-discord.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'appservice-discord']}] if matrix_appservice_discord_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-appservice-irc.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'appservice-irc']}] if matrix_appservice_irc_enabled else [])
|
||||
@ -209,6 +217,8 @@ devture_systemd_service_manager_services_list_auto: |
|
||||
+
|
||||
([{'name': 'matrix-mautrix-discord.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-discord']}] if matrix_mautrix_discord_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-mautrix-slack.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-slack']}] if matrix_mautrix_slack_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-mautrix-facebook.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-facebook']}] if matrix_mautrix_facebook_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-mautrix-googlechat.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-googlechat']}] if matrix_mautrix_googlechat_enabled else [])
|
||||
@ -283,7 +293,7 @@ devture_systemd_service_manager_services_list_auto: |
|
||||
+
|
||||
([{'name': 'matrix-nginx-proxy.service', 'priority': 3000, 'groups': ['matrix', 'nginx', 'reverse-proxies']}] if matrix_nginx_proxy_enabled else [])
|
||||
+
|
||||
(matrix_ssl_renewal_systemd_units_list | selectattr('applicable') | selectattr('enableable'))
|
||||
(matrix_ssl_renewal_systemd_units_list | selectattr('applicable') | selectattr('enableable') | list )
|
||||
+
|
||||
([{'name': 'matrix-ntfy.service', 'priority': 800, 'groups': ['matrix', 'ntfy']}] if matrix_ntfy_enabled else [])
|
||||
+
|
||||
@ -293,11 +303,11 @@ devture_systemd_service_manager_services_list_auto: |
|
||||
+
|
||||
([{'name': 'matrix-prometheus.service', 'priority': 4000, 'groups': ['matrix', 'monitoring', 'prometheus', 'prometheus-core']}] if matrix_prometheus_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-prometheus-node-exporter.service', 'priority': 3900, 'groups': ['matrix', 'monitoring', 'prometheus', 'prometheus-node-exporters']}] if matrix_prometheus_node_exporter_enabled else [])
|
||||
([{'name': (prometheus_node_exporter_identifier + '.service'), 'priority': 3900, 'groups': ['matrix', 'monitoring', 'prometheus', 'prometheus-exporters']}] if prometheus_node_exporter_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-prometheus-postgres-exporter.service', 'priority': 3900, 'groups': ['matrix', 'monitoring', 'prometheus', 'prometheus-node-exporters']}] if matrix_prometheus_postgres_exporter_enabled else [])
|
||||
([{'name': (prometheus_postgres_exporter_identifier + '.service'), 'priority': 3900, 'groups': ['matrix', 'monitoring', 'prometheus', 'prometheus-exporters']}] if prometheus_postgres_exporter_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-prometheus-nginxlog-exporter.service', 'priority': 3900, 'groups': ['matrix', 'monitoring', 'prometheus', 'prometheus-node-exporters']}] if matrix_prometheus_nginxlog_exporter_enabled else [])
|
||||
([{'name': 'matrix-prometheus-nginxlog-exporter.service', 'priority': 3900, 'groups': ['matrix', 'monitoring', 'prometheus', 'prometheus-exporters']}] if matrix_prometheus_nginxlog_exporter_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-redis', 'priority': 750, 'groups': ['matrix', 'redis']}] if matrix_redis_enabled else [])
|
||||
+
|
||||
@ -727,6 +737,46 @@ matrix_mautrix_discord_database_password: "{{ '%s' | format(matrix_homeserver_ge
|
||||
######################################################################
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-bridge-mautrix-slack
|
||||
#
|
||||
######################################################################
|
||||
|
||||
# We don't enable bridges by default.
|
||||
matrix_mautrix_slack_enabled: false
|
||||
|
||||
matrix_mautrix_slack_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}"
|
||||
|
||||
matrix_mautrix_slack_systemd_required_services_list: |
|
||||
{{
|
||||
['docker.service']
|
||||
+
|
||||
['matrix-' + matrix_homeserver_implementation + '.service']
|
||||
+
|
||||
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
||||
+
|
||||
(['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
|
||||
}}
|
||||
|
||||
matrix_mautrix_slack_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mauslack.as.tok', rounds=655555) | to_uuid }}"
|
||||
|
||||
matrix_mautrix_slack_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mauslack.hs.tok', rounds=655555) | to_uuid }}"
|
||||
|
||||
matrix_mautrix_slack_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
||||
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_mautrix_slack_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
|
||||
matrix_mautrix_slack_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
|
||||
matrix_mautrix_slack_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mauslack.db', rounds=655555) | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-bridge-mautrix-slack
|
||||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-bridge-mautrix-facebook
|
||||
@ -761,6 +811,12 @@ matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_pro
|
||||
|
||||
matrix_mautrix_facebook_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}"
|
||||
|
||||
# People using an external Prometheus server will need to toggle all of these to be able to consume metrics remotely:
|
||||
# - `matrix_mautrix_facebook_metrics_enabled`
|
||||
# - `matrix_mautrix_facebook_proxying_metrics_enabled`
|
||||
# - `matrix_nginx_proxy_proxy_matrix_metrics_enabled`
|
||||
matrix_mautrix_facebook_metrics_enabled: "{{ matrix_prometheus_enabled }}"
|
||||
|
||||
# We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
|
||||
# and point them to a migration path.
|
||||
matrix_mautrix_facebook_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
|
||||
@ -888,6 +944,12 @@ matrix_mautrix_instagram_login_shared_secret: "{{ matrix_synapse_ext_password_pr
|
||||
|
||||
matrix_mautrix_instagram_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}"
|
||||
|
||||
# People using an external Prometheus server will need to toggle all of these to be able to consume metrics remotely:
|
||||
# - `matrix_mautrix_instagram_metrics_enabled`
|
||||
# - `matrix_mautrix_instagram_proxying_metrics_enabled`
|
||||
# - `matrix_nginx_proxy_proxy_matrix_metrics_enabled`
|
||||
matrix_mautrix_instagram_metrics_enabled: "{{ matrix_prometheus_enabled }}"
|
||||
|
||||
# We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
|
||||
# and point them to a migration path.
|
||||
matrix_mautrix_instagram_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
|
||||
@ -933,6 +995,12 @@ matrix_mautrix_signal_appservice_token: "{{ '%s' | format(matrix_homeserver_gene
|
||||
|
||||
matrix_mautrix_signal_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
||||
|
||||
# People using an external Prometheus server will need to toggle all of these to be able to consume metrics remotely:
|
||||
# - `matrix_mautrix_signal_metrics_enabled`
|
||||
# - `matrix_mautrix_signal_proxying_metrics_enabled`
|
||||
# - `matrix_nginx_proxy_proxy_matrix_metrics_enabled`
|
||||
matrix_mautrix_signal_metrics_enabled: "{{ matrix_prometheus_enabled }}"
|
||||
|
||||
matrix_mautrix_signal_database_engine: 'postgres'
|
||||
matrix_mautrix_signal_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
|
||||
matrix_mautrix_signal_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.signal.db', rounds=655555) | to_uuid }}"
|
||||
@ -1057,6 +1125,12 @@ matrix_mautrix_whatsapp_homeserver_token: "{{ '%s' | format(matrix_homeserver_ge
|
||||
|
||||
matrix_mautrix_whatsapp_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
||||
|
||||
# People using an external Prometheus server will need to toggle all of these to be able to consume metrics remotely:
|
||||
# - `matrix_mautrix_twitter_metrics_enabled`
|
||||
# - `matrix_mautrix_twitter_proxying_metrics_enabled`
|
||||
# - `matrix_nginx_proxy_proxy_matrix_metrics_enabled`
|
||||
matrix_mautrix_twitter_metrics_enabled: "{{ matrix_prometheus_enabled }}"
|
||||
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_mautrix_whatsapp_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
|
||||
matrix_mautrix_whatsapp_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
|
||||
@ -1616,6 +1690,24 @@ matrix_bot_postmoogle_database_password: "{{ '%s' | format(matrix_homeserver_gen
|
||||
######################################################################
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-bot-chatgpt
|
||||
#
|
||||
######################################################################
|
||||
|
||||
# We don't enable bots by default.
|
||||
matrix_bot_chatgpt_enabled: false
|
||||
|
||||
matrix_bot_chatgpt_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-bot-chatgpt
|
||||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-bot-go-neb
|
||||
@ -1671,6 +1763,34 @@ matrix_bot_mjolnir_systemd_required_services_list: |
|
||||
#
|
||||
######################################################################
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-bot-draupnir
|
||||
#
|
||||
######################################################################
|
||||
|
||||
# We don't enable bots by default.
|
||||
matrix_bot_draupnir_enabled: false
|
||||
|
||||
matrix_bot_draupnir_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
|
||||
|
||||
matrix_bot_draupnir_systemd_required_services_list: |
|
||||
{{
|
||||
['docker.service']
|
||||
+
|
||||
['matrix-' + matrix_homeserver_implementation + '.service']
|
||||
+
|
||||
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
||||
+
|
||||
(['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
|
||||
}}
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-bot-draupnir
|
||||
#
|
||||
######################################################################
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-backup-borg
|
||||
@ -2227,7 +2347,7 @@ matrix_ssl_domains_to_obtain_certificates_for: |
|
||||
+
|
||||
([matrix_server_fqn_ntfy] if matrix_ntfy_enabled else [])
|
||||
+
|
||||
([matrix_bot_postmoogle_domain] if matrix_bot_postmoogle_enabled else [])
|
||||
(matrix_bot_postmoogle_domains if matrix_bot_postmoogle_enabled else [])
|
||||
+
|
||||
([matrix_domain] if matrix_nginx_proxy_base_domain_serving_enabled else [])
|
||||
+
|
||||
@ -2455,6 +2575,12 @@ devture_postgres_managed_databases_auto: |
|
||||
'password': matrix_mautrix_discord_database_password,
|
||||
}] if (matrix_mautrix_discord_enabled and matrix_mautrix_discord_database_engine == 'postgres' and matrix_mautrix_discord_database_hostname == devture_postgres_connection_hostname) else [])
|
||||
+
|
||||
([{
|
||||
'name': matrix_mautrix_slack_database_name,
|
||||
'username': matrix_mautrix_slack_database_username,
|
||||
'password': matrix_mautrix_slack_database_password,
|
||||
}] if (matrix_mautrix_slack_enabled and matrix_mautrix_slack_database_engine == 'postgres' and matrix_mautrix_slack_database_hostname == devture_postgres_connection_hostname) else [])
|
||||
+
|
||||
([{
|
||||
'name': matrix_mx_puppet_slack_database_name,
|
||||
'username': matrix_mx_puppet_slack_database_username,
|
||||
@ -2504,10 +2630,10 @@ devture_postgres_managed_databases_auto: |
|
||||
}] if (matrix_etherpad_enabled and matrix_etherpad_database_engine == 'postgres' and matrix_etherpad_database_hostname == devture_postgres_connection_hostname) else [])
|
||||
+
|
||||
([{
|
||||
'name': matrix_prometheus_postgres_exporter_database_name,
|
||||
'username': matrix_prometheus_postgres_exporter_database_username,
|
||||
'password': matrix_prometheus_postgres_exporter_database_password,
|
||||
}] if (matrix_prometheus_postgres_exporter_enabled and matrix_prometheus_postgres_exporter_database_hostname == devture_postgres_connection_hostname) else [])
|
||||
'name': prometheus_postgres_exporter_database_name,
|
||||
'username': prometheus_postgres_exporter_database_username,
|
||||
'password': prometheus_postgres_exporter_database_password,
|
||||
}] if (prometheus_postgres_exporter_enabled and prometheus_postgres_exporter_database_hostname == devture_postgres_connection_hostname) else [])
|
||||
|
||||
}}
|
||||
|
||||
@ -2866,15 +2992,67 @@ matrix_synapse_admin_container_image_self_build: "{{ matrix_architecture not in
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-prometheus-node-exporter
|
||||
# etke/prometheus_node_exporter
|
||||
#
|
||||
######################################################################
|
||||
|
||||
matrix_prometheus_node_exporter_enabled: false
|
||||
prometheus_node_exporter_enabled: false
|
||||
|
||||
prometheus_node_exporter_identifier: matrix-prometheus-node-exporter
|
||||
|
||||
prometheus_node_exporter_base_path: "{{ matrix_base_data_path }}/prometheus-node-exporter"
|
||||
|
||||
prometheus_node_exporter_uid: "{{ matrix_user_uid }}"
|
||||
prometheus_node_exporter_gid: "{{ matrix_user_gid }}"
|
||||
|
||||
prometheus_node_exporter_server_fqn: "{{ matrix_server_fqn_matrix }}"
|
||||
|
||||
prometheus_node_exporter_container_network: "{{ matrix_docker_network }}"
|
||||
|
||||
prometheus_node_exporter_container_labels_traefik_enabled: false
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-prometheus-node-exporter
|
||||
# /etke/prometheus_node_exporter
|
||||
#
|
||||
######################################################################
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# etke/prometheus_postgres_exporter
|
||||
#
|
||||
######################################################################
|
||||
|
||||
prometheus_postgres_exporter_enabled: false
|
||||
|
||||
prometheus_postgres_exporter_identifier: matrix-prometheus-postgres-exporter
|
||||
|
||||
prometheus_postgres_exporter_base_path: "{{ matrix_base_data_path }}/prometheus-postgres-exporter"
|
||||
|
||||
prometheus_postgres_exporter_uid: "{{ matrix_user_uid }}"
|
||||
prometheus_postgres_exporter_gid: "{{ matrix_user_gid }}"
|
||||
|
||||
prometheus_postgres_exporter_server_fqn: "{{ matrix_server_fqn_matrix }}"
|
||||
|
||||
prometheus_postgres_exporter_container_network: "{{ matrix_docker_network }}"
|
||||
|
||||
prometheus_postgres_exporter_container_labels_traefik_enabled: false
|
||||
|
||||
prometheus_postgres_exporter_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
|
||||
prometheus_postgres_exporter_database_username: matrix_prometheus_postgres_exporter
|
||||
prometheus_postgres_exporter_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'prometheus.pg.db', rounds=655555) | to_uuid }}"
|
||||
prometheus_postgres_exporter_database_name: matrix_prometheus_postgres_exporter
|
||||
|
||||
prometheus_postgres_exporter_systemd_required_services_list: |
|
||||
{{
|
||||
['docker.service']
|
||||
+
|
||||
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
||||
}}
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /etke/prometheus_postgres_exporter
|
||||
#
|
||||
######################################################################
|
||||
|
||||
@ -2910,11 +3088,11 @@ matrix_prometheus_scraper_synapse_targets: ['matrix-synapse:{{ matrix_synapse_me
|
||||
matrix_prometheus_scraper_synapse_workers_enabled_list: "{{ matrix_synapse_workers_enabled_list }}"
|
||||
matrix_prometheus_scraper_synapse_rules_synapse_tag: "{{ matrix_synapse_docker_image_tag }}"
|
||||
|
||||
matrix_prometheus_scraper_node_enabled: "{{ matrix_prometheus_node_exporter_enabled }}"
|
||||
matrix_prometheus_scraper_node_targets: "{{ ['matrix-prometheus-node-exporter:9100'] if matrix_prometheus_node_exporter_enabled else [] }}"
|
||||
matrix_prometheus_scraper_node_enabled: "{{ prometheus_node_exporter_enabled }}"
|
||||
matrix_prometheus_scraper_node_targets: "{{ [prometheus_node_exporter_identifier + ':9100'] if prometheus_node_exporter_enabled else [] }}"
|
||||
|
||||
matrix_prometheus_scraper_postgres_enabled: "{{ matrix_prometheus_postgres_exporter_enabled }}"
|
||||
matrix_prometheus_scraper_postgres_targets: "{{ ['matrix-prometheus-postgres-exporter:'+ matrix_prometheus_postgres_exporter_port | string] if matrix_prometheus_scraper_postgres_enabled else [] }}"
|
||||
matrix_prometheus_scraper_postgres_enabled: "{{ prometheus_postgres_exporter_enabled }}"
|
||||
matrix_prometheus_scraper_postgres_targets: "{{ [prometheus_postgres_exporter_identifier + ':' + prometheus_postgres_exporter_port | string] if matrix_prometheus_scraper_postgres_enabled else [] }}"
|
||||
|
||||
matrix_prometheus_scraper_hookshot_enabled: "{{ matrix_hookshot_metrics_enabled|default(false) }}"
|
||||
matrix_prometheus_scraper_hookshot_targets: "{{ [matrix_hookshot_container_url | string +':'+ matrix_hookshot_metrics_port | string] if matrix_hookshot_metrics_enabled else [] }}"
|
||||
@ -2929,29 +3107,6 @@ matrix_prometheus_scraper_nginxlog_server_port: "{{ (matrix_prometheus_nginxlog_
|
||||
#
|
||||
######################################################################
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-prometheus-postgres-exporter
|
||||
#
|
||||
######################################################################
|
||||
|
||||
matrix_prometheus_postgres_exporter_enabled: false
|
||||
matrix_prometheus_postgres_exporter_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
|
||||
matrix_prometheus_postgres_exporter_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'prometheus.pg.db', rounds=655555) | to_uuid }}"
|
||||
|
||||
matrix_prometheus_postgres_exporter_systemd_required_services_list: |
|
||||
{{
|
||||
['docker.service']
|
||||
+
|
||||
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
||||
}}
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-prometheus-postgres-exporter
|
||||
#
|
||||
######################################################################
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-grafana
|
||||
@ -2969,9 +3124,9 @@ matrix_grafana_dashboard_download_urls: |
|
||||
{{
|
||||
(matrix_synapse_grafana_dashboard_urls if matrix_homeserver_implementation == 'synapse' and matrix_synapse_metrics_enabled else [])
|
||||
+
|
||||
(matrix_prometheus_node_exporter_dashboard_urls if matrix_prometheus_node_exporter_enabled else [])
|
||||
(prometheus_node_exporter_dashboard_urls if prometheus_node_exporter_enabled else [])
|
||||
+
|
||||
(matrix_prometheus_postgres_exporter_dashboard_urls if matrix_prometheus_postgres_exporter_enabled else [])
|
||||
(prometheus_postgres_exporter_dashboard_urls if prometheus_postgres_exporter_enabled else [])
|
||||
+
|
||||
(matrix_prometheus_nginxlog_exporter_dashboard_urls if matrix_prometheus_nginxlog_exporter_enabled else [])
|
||||
}}
|
||||
@ -2985,13 +3140,6 @@ matrix_grafana_default_home_dashboard_path: |-
|
||||
}[matrix_homeserver_implementation]
|
||||
}}
|
||||
|
||||
matrix_grafana_systemd_wanted_services_list: |
|
||||
{{
|
||||
[]
|
||||
+
|
||||
(['matrix-prometheus-postgres-exporter.service'] if matrix_prometheus_postgres_exporter_enabled else [])
|
||||
}}
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-grafana
|
||||
|
44
justfile
Normal file
44
justfile
Normal file
@ -0,0 +1,44 @@
|
||||
# Shows help
|
||||
default:
|
||||
@just --list --justfile {{ justfile() }}
|
||||
|
||||
# Pulls external Ansible roles
|
||||
roles:
|
||||
rm -rf roles/galaxy
|
||||
ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force
|
||||
|
||||
# Runs ansible-lint against all roles in the playbook
|
||||
lint:
|
||||
ansible-lint
|
||||
|
||||
# Runs the playbook with --tags=install-all,ensure-matrix-users-created,start and optional arguments
|
||||
install-all *extra_args: (run-tags "install-all,ensure-matrix-users-created,start" extra_args)
|
||||
|
||||
# Runs the playbook with --tags=setup-all,ensure-matrix-users-created,start and optional arguments
|
||||
setup-all *extra_args: (run-tags "setup-all,ensure-matrix-users-created,start" extra_args)
|
||||
|
||||
# Runs the playbook with the given list of arguments
|
||||
run +extra_args:
|
||||
time ansible-playbook -i inventory/hosts setup.yml {{ extra_args }}
|
||||
|
||||
# Runs the playbook with the given list of comma-separated tags and optional arguments
|
||||
run-tags tags *extra_args:
|
||||
just --justfile {{ justfile() }} run --tags={{ tags }} {{ extra_args }}
|
||||
|
||||
# Runs the playbook in user-registration mode
|
||||
register-user username password admin_yes_or_no *extra_args:
|
||||
time ansible-playbook -i inventory/hosts setup.yml --tags=register-user --extra-vars="username={{ username }} password={{ password }} admin={{ admin_yes_or_no }}" {{ extra_args }}
|
||||
|
||||
# Starts all services
|
||||
start-all *extra_args: (run-tags "start-all" extra_args)
|
||||
|
||||
# Starts a specific service group
|
||||
start-group group *extra_args:
|
||||
@just --justfile {{ justfile() }} run-tags start-group --extra-vars="group={{ group }}" {{ extra_args }}
|
||||
|
||||
# Stops all services
|
||||
stop-all *extra_args: (run-tags "stop-all" extra_args)
|
||||
|
||||
# Stops a specific service group
|
||||
stop-group group *extra_args:
|
||||
@just --justfile {{ justfile() }} run-tags stop-group --extra-vars="group={{ group }}" {{ extra_args }}
|
@ -4,7 +4,7 @@
|
||||
become: true
|
||||
|
||||
roles:
|
||||
# Most of the roles below are not distributed with the playbook, but downloaded separately using `ansible-galaxy` via the `make roles` command (see `Makefile`).
|
||||
# Most of the roles below are not distributed with the playbook, but downloaded separately using `ansible-galaxy` via the `just roles` command (see `justfile`).
|
||||
- role: galaxy/com.devture.ansible.role.playbook_help
|
||||
|
||||
- role: galaxy/com.devture.ansible.role.systemd_docker_base
|
||||
@ -61,6 +61,7 @@
|
||||
- custom/matrix-bridge-mautrix-telegram
|
||||
- custom/matrix-bridge-mautrix-whatsapp
|
||||
- custom/matrix-bridge-mautrix-discord
|
||||
- custom/matrix-bridge-mautrix-slack
|
||||
- custom/matrix-bridge-mx-puppet-discord
|
||||
- custom/matrix-bridge-mx-puppet-groupme
|
||||
- custom/matrix-bridge-mx-puppet-steam
|
||||
@ -78,17 +79,20 @@
|
||||
- custom/matrix-bot-postmoogle
|
||||
- custom/matrix-bot-go-neb
|
||||
- custom/matrix-bot-mjolnir
|
||||
- custom/matrix-bot-draupnir
|
||||
- custom/matrix-bot-chatgpt
|
||||
- custom/matrix-cactus-comments
|
||||
- custom/matrix-synapse
|
||||
- custom/matrix-synapse-reverse-proxy-companion
|
||||
- custom/matrix-dendrite
|
||||
- custom/matrix-conduit
|
||||
- custom/matrix-synapse-admin
|
||||
- custom/matrix-prometheus-node-exporter
|
||||
- custom/matrix-prometheus-postgres-exporter
|
||||
- galaxy/prometheus_node_exporter
|
||||
- galaxy/prometheus_postgres_exporter
|
||||
- custom/matrix-prometheus-nginxlog-exporter
|
||||
- custom/matrix-prometheus
|
||||
- custom/matrix-grafana
|
||||
- custom/matrix-prometheus-services-proxy-connect
|
||||
- custom/matrix-registration
|
||||
- custom/matrix-client-element
|
||||
- custom/matrix-client-hydrogen
|
||||
|
@ -13,13 +13,13 @@
|
||||
version: 327d2e17f5189ac2480d6012f58cf64a2b46efba
|
||||
|
||||
- src: git+https://github.com/devture/com.devture.ansible.role.timesync.git
|
||||
version: 660f384f176a9ea3b5cc702bde39e7dc10bf6186
|
||||
version: 3d5bb2976815958cdce3f368fa34fb51554f899b
|
||||
|
||||
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git
|
||||
version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16
|
||||
|
||||
- src: git+https://github.com/devture/com.devture.ansible.role.postgres.git
|
||||
version: e75973e3a4edc12dfc3e880e43b12ebecbf82c61
|
||||
version: a1bb78d194434b38005f3a9e623bfa4b2c06c7bc
|
||||
|
||||
- src: git+https://github.com/devture/com.devture.ansible.role.postgres_backup.git
|
||||
version: 77b1f9ae1aafa31c9078178c1036bf744c99d08b
|
||||
@ -29,3 +29,9 @@
|
||||
|
||||
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages.git
|
||||
version: 9b4b088c62b528b73a9a7c93d3109b091dd42ec6
|
||||
|
||||
- src: git+https://gitlab.com/etke.cc/roles/prometheus_node_exporter.git
|
||||
version: v1.5.0-2
|
||||
|
||||
- src: git+https://gitlab.com/etke.cc/roles/prometheus_postgres_exporter.git
|
||||
version: v0.11.1-2
|
||||
|
@ -11,8 +11,11 @@ matrix_backup_borg_docker_repo: "https://gitlab.com/etke.cc/borgmatic"
|
||||
matrix_backup_borg_docker_repo_version: main
|
||||
matrix_backup_borg_docker_src_files_path: "{{ matrix_backup_borg_base_path }}/docker-src"
|
||||
|
||||
# version determined automatically, based on postgres server version (if enabled), otherwise latest is used
|
||||
# image and postgres version determined automatically, based on detected postgres server version (if enabled), otherwise latest is used
|
||||
matrix_backup_borg_version: ""
|
||||
matrix_backup_borg_postgres_version: ""
|
||||
matrix_backup_borg_borg_version: 1.2.3
|
||||
matrix_backup_borg_borgmatic_version: 1.7.6
|
||||
matrix_backup_borg_docker_image: "{{ matrix_backup_borg_docker_image_name_prefix }}etke.cc/borgmatic:{{ matrix_backup_borg_version }}"
|
||||
matrix_backup_borg_docker_image_name_prefix: "{{ 'localhost/' if matrix_backup_borg_container_image_self_build else 'registry.gitlab.com/' }}"
|
||||
matrix_backup_borg_docker_image_force_pull: "{{ matrix_backup_borg_docker_image.endswith(':latest') or matrix_backup_borg_version | default('') == '' }}"
|
||||
|
@ -2,25 +2,25 @@
|
||||
|
||||
- when: matrix_backup_borg_postgresql_enabled | bool and matrix_backup_borg_version == ''
|
||||
block:
|
||||
- name: Fail with matrix_backup_borg_version advice if Postgres not enabled
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You are not running a built-in Postgres server (`devture_postgres_enabled: false`), so auto-detecting its version and setting `matrix_backup_borg_version` automatically based on that cannot happen.
|
||||
Consider setting `matrix_backup_borg_version` to your Postgres version manually.
|
||||
when: not devture_postgres_enabled
|
||||
- name: Fail with matrix_backup_borg_version advice if Postgres not enabled
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You are not running a built-in Postgres server (`devture_postgres_enabled: false`), so auto-detecting its version and setting `matrix_backup_borg_version` automatically based on that cannot happen.
|
||||
Consider setting `matrix_backup_borg_version` to your Postgres version manually.
|
||||
when: not devture_postgres_enabled
|
||||
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: detect_existing_postgres_version
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: detect_existing_postgres_version
|
||||
|
||||
- name: Fail if detected Postgres version is unsupported
|
||||
ansible.builtin.fail:
|
||||
msg: "You cannot use borg backup with such an old version ({{ devture_postgres_detected_version }}) of Postgres. Consider upgrading - link to docs for upgrading Postgres: docs/maintenance-postgres.md#upgrading-postgresql"
|
||||
when: "devture_postgres_detected_version not in matrix_backup_borg_supported_postgres_versions"
|
||||
- name: Fail if detected Postgres version is unsupported
|
||||
ansible.builtin.fail:
|
||||
msg: "You cannot use borg backup with such an old version ({{ devture_postgres_detected_version }}) of Postgres. Consider upgrading - link to docs for upgrading Postgres: docs/maintenance-postgres.md#upgrading-postgresql"
|
||||
when: "devture_postgres_detected_version not in matrix_backup_borg_supported_postgres_versions"
|
||||
|
||||
- name: Set the correct borg backup version to use
|
||||
ansible.builtin.set_fact:
|
||||
matrix_backup_borg_version: "{{ devture_postgres_detected_version }}"
|
||||
- name: Set the correct borg backup version to use
|
||||
ansible.builtin.set_fact:
|
||||
matrix_backup_borg_version: "{{ devture_postgres_detected_version }}-{{ matrix_backup_borg_borg_version }}-{{ matrix_backup_borg_borgmatic_version }}"
|
||||
|
||||
- name: Ensure borg paths exist
|
||||
ansible.builtin.file:
|
||||
|
@ -9,9 +9,9 @@ matrix_bot_buscarron_docker_repo: "https://gitlab.com/etke.cc/buscarron.git"
|
||||
matrix_bot_buscarron_docker_repo_version: "{{ matrix_bot_buscarron_version }}"
|
||||
matrix_bot_buscarron_docker_src_files_path: "{{ matrix_base_data_path }}/buscarron/docker-src"
|
||||
|
||||
matrix_bot_buscarron_version: v1.3.0
|
||||
matrix_bot_buscarron_docker_image: "{{ matrix_bot_buscarron_docker_image_name_prefix }}buscarron:{{ matrix_bot_buscarron_version }}"
|
||||
matrix_bot_buscarron_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_buscarron_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}"
|
||||
matrix_bot_buscarron_version: v1.3.1
|
||||
matrix_bot_buscarron_docker_image: "{{ matrix_bot_buscarron_docker_image_name_prefix }}etke.cc/buscarron:{{ matrix_bot_buscarron_version }}"
|
||||
matrix_bot_buscarron_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_buscarron_container_image_self_build else 'registry.gitlab.com/' }}"
|
||||
matrix_bot_buscarron_docker_image_force_pull: "{{ matrix_bot_buscarron_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_bot_buscarron_base_path: "{{ matrix_base_data_path }}/buscarron"
|
||||
|
83
roles/custom/matrix-bot-chatgpt/defaults/main.yml
Normal file
83
roles/custom/matrix-bot-chatgpt/defaults/main.yml
Normal file
@ -0,0 +1,83 @@
|
||||
---
|
||||
# chatgpt is a bot for chatting to openAI chatgpt matrix bot
|
||||
# Project source code URL: https://github.com/matrixgpt/matrix-chatgpt-bot
|
||||
|
||||
matrix_bot_chatgpt_enabled: true
|
||||
|
||||
matrix_bot_chatgpt_container_image_self_build: false
|
||||
matrix_bot_chatgpt_docker_repo: "https://github.com/matrixgpt/matrix-chatgpt-bot"
|
||||
matrix_bot_chatgpt_docker_repo_version: "{{ 'latest' if matrix_bot_chatgpt_version == 'latest' else matrix_bot_chatgpt_version }}"
|
||||
matrix_bot_chatgpt_docker_src_files_path: "{{ matrix_base_data_path }}/chatgpt/docker-src"
|
||||
|
||||
matrix_bot_chatgpt_version: 2.2.1
|
||||
matrix_bot_chatgpt_docker_image: "{{ matrix_bot_chatgpt_docker_image_name_prefix }}matrixgpt/matrix-chatgpt-bot:{{ matrix_bot_chatgpt_version }}"
|
||||
matrix_bot_chatgpt_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_chatgpt_container_image_self_build else 'ghcr.io/' }}"
|
||||
matrix_bot_chatgpt_docker_image_force_pull: "{{ matrix_bot_chatgpt_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_bot_chatgpt_base_path: "{{ matrix_base_data_path }}/chatgpt"
|
||||
matrix_bot_chatgpt_config_path: "{{ matrix_bot_chatgpt_base_path }}/config"
|
||||
matrix_bot_chatgpt_data_path: "{{ matrix_bot_chatgpt_base_path }}/data"
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_bot_chatgpt_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-bot-chatgpt.service depends on
|
||||
matrix_bot_chatgpt_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-bot-chatgpt.service wants
|
||||
matrix_bot_chatgpt_systemd_wanted_services_list: []
|
||||
|
||||
# ChatGPT Settings
|
||||
matrix_bot_chatgpt_openai_api_key: ''
|
||||
matrix_bot_chatgpt_context: 'thread' # CHATGPT_CONTEXT="thread"
|
||||
|
||||
matrix_bot_chatgpt_keyv_backend: 'file'
|
||||
matrix_bot_chatgpt_keyv_url: ''
|
||||
matrix_bot_chatgpt_keyv_bot_encryption: false
|
||||
matrix_bot_chatgpt_keyv_bot_storage: true
|
||||
|
||||
# Matrix Static Settings (required, see notes)
|
||||
# Defaults to "https://matrix.org"
|
||||
matrix_bot_chatgpt_matrix_homeserver_url: "{{ matrix_homeserver_container_url }}" # MATRIX_HOMESERVER_URL=
|
||||
# With the @ and :DOMAIN, ie @SOMETHING:DOMAIN, needs to be set, created manually beforehand.
|
||||
matrix_bot_chatgpt_matrix_bot_username_localpart: 'bot.chatgpt'
|
||||
matrix_bot_chatgpt_matrix_bot_username: "@{{ matrix_bot_chatgpt_matrix_bot_username_localpart }}:{{ matrix_domain }}" # MATRIX_BOT_USERNAME=
|
||||
# Set `MATRIX_BOT_PASSWORD` the bot will print an `MATRIX_ACCESS_TOKEN` to the terminal
|
||||
# or https://webapps.stackexchange.com/questions/131056/how-to-get-an-access-token-for-element-riot-matrix
|
||||
matrix_bot_chatgpt_matrix_access_token: '' # MATRIX_ACCESS_TOKEN=
|
||||
# Once `MATRIX_BOT_ACCESS_TOKEN` is set this is no longer used.
|
||||
matrix_bot_chatgpt_matrix_bot_password: '' # MATRIX_BOT_PASSWORD=
|
||||
|
||||
# Matrix Configurable Settings Defaults (optional)
|
||||
matrix_bot_chatgpt_matrix_default_prefix: "!chatgpt " # MATRIX_DEFAULT_PREFIX= Leave prefix blank to reply to all messages, trailing space matters
|
||||
matrix_bot_chatgpt_matrix_default_prefix_reply: false # MATRIX_DEFAULT_PREFIX_REPLY=
|
||||
|
||||
# Matrix Access Control (optional)
|
||||
matrix_bot_chatgpt_matrix_blacklist: ''
|
||||
matrix_bot_chatgpt_matrix_whitelist: ':{{ matrix_domain }}'
|
||||
|
||||
# Matrix Feature Flags (optional)
|
||||
matrix_bot_chatgpt_matrix_autojoin: true # MATRIX_AUTOJOIN=true
|
||||
matrix_bot_chatgpt_matrix_encryption: true # MATRIX_ENCRYPTION=true
|
||||
matrix_bot_chatgpt_matrix_threads: true # MATRIX_THREADS=true
|
||||
matrix_bot_chatgpt_matrix_rich_text: true # MATRIX_RICH_TEXT=true
|
||||
|
||||
|
||||
# A list of admins
|
||||
# Example set of rules:
|
||||