mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-18 09:07:10 +00:00
Make bridge permissions more easily configurable
Not doing {% if matrix_admin %} checks in the YAML also fixes some issues with indentation being incorrect sometimes. This should be backward compatible, except for mautrix-signal's case where `matrix_mautrix_signal_bridge_permissions` previously existed as a string, not a dictionary. `tasks/validate_config.yml` will catch the problem an even provide a quick fix.
This commit is contained in:
parent
b2f47fcfcd
commit
ac72879bf5
@ -29,6 +29,12 @@ matrix_beeper_linkedin_bridge_presence: true
|
||||
|
||||
matrix_beeper_linkedin_command_prefix: "!li"
|
||||
|
||||
matrix_beeper_linkedin_bridge_permissions: |
|
||||
{{
|
||||
{matrix_beeper_linkedin_homeserver_domain: 'user'}
|
||||
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
||||
}}
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_beeper_linkedin_container_extra_arguments: []
|
||||
|
||||
|
@ -236,11 +236,7 @@ bridge:
|
||||
# * - All Matrix users
|
||||
# domain - All users on that homeserver
|
||||
# mxid - Specific user
|
||||
permissions:
|
||||
"{{ matrix_beeper_linkedin_homeserver_domain }}": user
|
||||
{% if matrix_admin %}
|
||||
"{{ matrix_admin }}": admin
|
||||
{% endif %}
|
||||
permissions: {{ matrix_beeper_linkedin_bridge_permissions|to_json }}
|
||||
|
||||
|
||||
|
||||
|
@ -85,6 +85,20 @@ matrix_go_skype_bridge_bridge_login_shared_secret_map:
|
||||
matrix_go_skype_bridge_bridge_double_puppet_server_map:
|
||||
"{{ matrix_go_skype_bridge_homeserver_domain : matrix_go_skype_bridge_homeserver_address }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_go_skype_bridge_bridge_encryption_allow: false
|
||||
matrix_go_skype_bridge_bridge_encryption_default: "{{ matrix_go_skype_bridge_bridge_encryption_allow }}"
|
||||
|
||||
# Minimum severity of journal log messages.
|
||||
# Options: debug, info, warn, error, fatal
|
||||
matrix_go_skype_bridge_log_level: 'warn'
|
||||
|
||||
matrix_go_skype_bridge_bridge_permissions: |
|
||||
{{
|
||||
{matrix_go_skype_bridge_homeserver_domain: 'user'}
|
||||
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
||||
}}
|
||||
|
||||
# Default go-skype-bridge configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
@ -124,11 +138,3 @@ matrix_go_skype_bridge_registration_yaml: |
|
||||
de.sorunome.msc2409.push_ephemeral: true
|
||||
|
||||
matrix_go_skype_bridge_registration: "{{ matrix_go_skype_bridge_registration_yaml | from_yaml }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_go_skype_bridge_bridge_encryption_allow: false
|
||||
matrix_go_skype_bridge_bridge_encryption_default: "{{ matrix_go_skype_bridge_bridge_encryption_allow }}"
|
||||
|
||||
# Minimum severity of journal log messages.
|
||||
# Options: debug, info, warn, error, fatal
|
||||
matrix_go_skype_bridge_log_level: 'warn'
|
||||
|
@ -197,11 +197,7 @@ bridge:
|
||||
# * - All Matrix users
|
||||
# domain - All users on that homeserver
|
||||
# mxid - Specific user
|
||||
permissions:
|
||||
"{{ matrix_go_skype_bridge_homeserver_domain }}": user
|
||||
{% if matrix_admin %}
|
||||
"{{ matrix_admin }}": admin
|
||||
{% endif %}
|
||||
permissions: {{ matrix_go_skype_bridge_bridge_permissions|to_json }}
|
||||
|
||||
relaybot:
|
||||
# Whether or not relaybot support is enabled.
|
||||
|
@ -46,6 +46,12 @@ matrix_mautrix_facebook_homeserver_token: ''
|
||||
# If false, created portal rooms will never be federated.
|
||||
matrix_mautrix_facebook_federate_rooms: true
|
||||
|
||||
matrix_mautrix_facebook_bridge_permissions: |
|
||||
{{
|
||||
{matrix_mautrix_facebook_homeserver_domain: 'user'}
|
||||
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
||||
}}
|
||||
|
||||
# Controls whether the matrix-mautrix-facebook container exposes its HTTP port.
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9008"), or empty string to not expose.
|
||||
|
@ -201,11 +201,7 @@ bridge:
|
||||
# * - All Matrix users
|
||||
# domain - All users on that homeserver
|
||||
# mxid - Specific user
|
||||
permissions:
|
||||
'{{ matrix_mautrix_facebook_homeserver_domain }}': user
|
||||
{% if matrix_admin %}
|
||||
'{{ matrix_admin }}': admin
|
||||
{% endif %}
|
||||
permissions: {{ matrix_mautrix_facebook_bridge_permissions|to_json }}
|
||||
|
||||
relay:
|
||||
# Whether relay mode should be allowed. If allowed, `!fb set-relay` can be used to turn any
|
||||
|
@ -48,6 +48,12 @@ matrix_mautrix_googlechat_homeserver_token: ''
|
||||
# If false, created portal rooms will never be federated.
|
||||
matrix_mautrix_googlechat_federate_rooms: true
|
||||
|
||||
matrix_mautrix_googlechat_bridge_permissions: |
|
||||
{{
|
||||
{matrix_mautrix_googlechat_homeserver_domain: 'user'}
|
||||
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
||||
}}
|
||||
|
||||
# Database-related configuration fields.
|
||||
#
|
||||
# To use SQLite, stick to these defaults.
|
||||
|
@ -117,11 +117,7 @@ bridge:
|
||||
# * - All Matrix users
|
||||
# domain - All users on that homeserver
|
||||
# mxid - Specific user
|
||||
permissions:
|
||||
'{{ matrix_mautrix_googlechat_homeserver_domain }}': user
|
||||
{% if matrix_admin %}
|
||||
'{{ matrix_admin }}': admin
|
||||
{% endif %}
|
||||
permissions: {{ matrix_mautrix_googlechat_bridge_permissions|to_json }}
|
||||
|
||||
# Python logging configuration.
|
||||
#
|
||||
|
@ -27,6 +27,12 @@ matrix_mautrix_hangouts_appservice_address: 'http://matrix-mautrix-hangouts:8080
|
||||
|
||||
matrix_mautrix_hangouts_command_prefix: "!HO"
|
||||
|
||||
matrix_mautrix_hangouts_bridge_permissions: |
|
||||
{{
|
||||
{matrix_mautrix_hangouts_homeserver_domain: 'user'}
|
||||
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
||||
}}
|
||||
|
||||
# Controls whether the matrix-mautrix-hangouts container exposes its HTTP port (tcp/8080 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9007"), or empty string to not expose.
|
||||
|
@ -114,11 +114,7 @@ bridge:
|
||||
# * - All Matrix users
|
||||
# domain - All users on that homeserver
|
||||
# mxid - Specific user
|
||||
permissions:
|
||||
'{{ matrix_mautrix_hangouts_homeserver_domain }}': user
|
||||
{% if matrix_admin %}
|
||||
'{{ matrix_admin }}': admin
|
||||
{% endif %}
|
||||
permissions: {{ matrix_mautrix_hangouts_bridge_permissions|to_json }}
|
||||
|
||||
# Python logging configuration.
|
||||
#
|
||||
|
@ -25,6 +25,12 @@ matrix_mautrix_instagram_appservice_address: 'http://matrix-mautrix-instagram:29
|
||||
|
||||
matrix_mautrix_instagram_command_prefix: "!ig"
|
||||
|
||||
matrix_mautrix_instagram_bridge_permissions: |
|
||||
{{
|
||||
{matrix_mautrix_instagram_homeserver_domain: 'user'}
|
||||
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
||||
}}
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mautrix_instagram_container_extra_arguments: []
|
||||
|
||||
|
@ -185,11 +185,7 @@ bridge:
|
||||
# * - All Matrix users
|
||||
# domain - All users on that homeserver
|
||||
# mxid - Specific user
|
||||
permissions:
|
||||
"{{ matrix_mautrix_instagram_homeserver_domain }}": user
|
||||
{% if matrix_admin %}
|
||||
"{{ matrix_admin }}": admin
|
||||
{% endif %}
|
||||
permissions: {{ matrix_mautrix_instagram_bridge_permissions|to_json }}
|
||||
# Provisioning API part of the web server for automated portal creation and fetching information.
|
||||
# Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
|
||||
provisioning:
|
||||
|
@ -103,12 +103,14 @@ matrix_mautrix_signal_relaybot_enabled: false
|
||||
# * - All Matrix users
|
||||
# domain - All users on that homeserver
|
||||
# mxid - Specific user
|
||||
#
|
||||
# This variable used to contain a YAML string, but now needs to contain a hashmap/dictionary.
|
||||
matrix_mautrix_signal_bridge_permissions: |
|
||||
'*': relay
|
||||
'{{ matrix_mautrix_signal_homeserver_domain }}': user
|
||||
{% if matrix_admin %}
|
||||
"{{ matrix_admin }}": admin
|
||||
{% endif %}
|
||||
{{
|
||||
{'*': 'relay'}
|
||||
| combine({matrix_mautrix_signal_homeserver_domain: 'user'})
|
||||
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
||||
}}
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
|
@ -11,6 +11,15 @@
|
||||
- "matrix_mautrix_signal_homeserver_token"
|
||||
- "matrix_mautrix_signal_appservice_token"
|
||||
|
||||
- name: (Deprecation) Fail if matrix_mautrix_signal_bridge_permissions specified as YAML string, instead of a dictionary
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
The `matrix_mautrix_signal_bridge_permissions` variable in your configuration is specified as a YAML string.
|
||||
The playbook now expects a hashmap/dictionary in this variable.
|
||||
Change your configuration like this:
|
||||
matrix_mautrix_signal_bridge_permissions: {{ matrix_mautrix_signal_bridge_permissions | from_yaml | to_json }}
|
||||
when: "matrix_mautrix_signal_bridge_permissions is string"
|
||||
|
||||
- name: (Deprecation) Catch and report renamed Signal variables
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
|
@ -223,8 +223,7 @@ bridge:
|
||||
# * - All Matrix users
|
||||
# domain - All users on that homeserver
|
||||
# mxid - Specific user
|
||||
permissions:
|
||||
{{ matrix_mautrix_signal_bridge_permissions|from_yaml }}
|
||||
permissions: {{ matrix_mautrix_signal_bridge_permissions|to_json }}
|
||||
|
||||
relay:
|
||||
# Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any
|
||||
|
@ -27,6 +27,12 @@ matrix_mautrix_telegram_data_path: "{{ matrix_mautrix_telegram_base_path }}/data
|
||||
|
||||
matrix_mautrix_telegram_command_prefix: "!tg"
|
||||
|
||||
matrix_mautrix_telegram_bridge_permissions: |
|
||||
{{
|
||||
{matrix_mautrix_telegram_homeserver_domain: 'user'}
|
||||
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
||||
}}
|
||||
|
||||
# Get your own API keys at https://my.telegram.org/apps
|
||||
matrix_mautrix_telegram_api_id: ''
|
||||
matrix_mautrix_telegram_api_hash: ''
|
||||
|
@ -289,11 +289,7 @@ bridge:
|
||||
# * - All Matrix users
|
||||
# domain - All users on that homeserver
|
||||
# mxid - Specific user
|
||||
permissions:
|
||||
'{{ matrix_mautrix_telegram_homeserver_domain }}': full
|
||||
{% if matrix_admin %}
|
||||
'{{ matrix_admin }}': admin
|
||||
{% endif %}
|
||||
permissions: {{ matrix_mautrix_telegram_bridge_permissions|to_json }}
|
||||
|
||||
# Options related to the message relay Telegram bot.
|
||||
relaybot:
|
||||
|
@ -25,6 +25,12 @@ matrix_mautrix_twitter_appservice_address: 'http://matrix-mautrix-twitter:29327'
|
||||
|
||||
matrix_mautrix_twitter_command_prefix: "!tw"
|
||||
|
||||
matrix_mautrix_twitter_bridge_permissions: |
|
||||
{{
|
||||
{matrix_mautrix_twitter_homeserver_domain: 'user'}
|
||||
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
||||
}}
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mautrix_twitter_container_extra_arguments: []
|
||||
|
||||
|
@ -173,11 +173,7 @@ bridge:
|
||||
# * - All Matrix users
|
||||
# domain - All users on that homeserver
|
||||
# mxid - Specific user
|
||||
permissions:
|
||||
'{{ matrix_mautrix_twitter_homeserver_domain }}': user
|
||||
{% if matrix_admin %}
|
||||
'{{ matrix_admin }}': admin
|
||||
{% endif %}
|
||||
permissions: {{ matrix_mautrix_twitter_bridge_permissions|to_json }}
|
||||
|
||||
|
||||
# Python logging configuration.
|
||||
|
@ -90,6 +90,17 @@ matrix_mautrix_whatsapp_bridge_login_shared_secret_map:
|
||||
matrix_mautrix_whatsapp_bridge_double_puppet_server_map:
|
||||
"{{ matrix_mautrix_whatsapp_homeserver_domain : matrix_mautrix_whatsapp_homeserver_address }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_mautrix_whatsapp_bridge_encryption_allow: false
|
||||
matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}"
|
||||
matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}"
|
||||
|
||||
matrix_mautrix_whatsapp_bridge_permissions: |
|
||||
{{
|
||||
{matrix_mautrix_whatsapp_homeserver_domain: 'user'}
|
||||
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
||||
}}
|
||||
|
||||
# Default mautrix-whatsapp configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
@ -130,7 +141,3 @@ matrix_mautrix_whatsapp_registration_yaml: |
|
||||
|
||||
matrix_mautrix_whatsapp_registration: "{{ matrix_mautrix_whatsapp_registration_yaml | from_yaml }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_mautrix_whatsapp_bridge_encryption_allow: false
|
||||
matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}"
|
||||
matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}"
|
||||
|
@ -368,11 +368,7 @@ bridge:
|
||||
# * - All Matrix users
|
||||
# domain - All users on that homeserver
|
||||
# mxid - Specific user
|
||||
permissions:
|
||||
"{{ matrix_mautrix_whatsapp_homeserver_domain }}": user
|
||||
{% if matrix_admin %}
|
||||
"{{ matrix_admin }}": admin
|
||||
{% endif %}
|
||||
permissions: {{ matrix_mautrix_whatsapp_bridge_permissions|to_json }}
|
||||
|
||||
# Settings for relay mode
|
||||
relay:
|
||||
|
Loading…
Reference in New Issue
Block a user