ansol/matrix-docker-ansible-deploy
7
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2025-01-22 02:39:36 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #3980 from FSG-Cat/FSG-Cat/Unifi-Warning-Formating

Browse Source 
Replace old warnings with Github Markdown Warnings
This commit is contained in:
Slavi Pantaleev 2025-01-21 08:10:57 +02:00 committed by GitHub
commit c7eb713efe
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
19 changed files with 48 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/configuring-playbook-alertmanager-receiver.md
View File

@ -26,7 +26,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.alertma
The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
> [!WARNING]
> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
### Join to rooms as the bot manually

3
docs/configuring-playbook-appservice-draupnir-for-all.md
View File

@ -28,7 +28,8 @@ The management room has to be given an alias, and your bot has to be invited to
This management room is used to control who has access to your D4A deployment. The room stores this data inside of the control room state so your bot must have sufficient powerlevel to send custom state events. This is default 50 or moderator as Element clients call this powerlevel.
⚠️ **Warning**: anyone in this room can control the bot so it is important that you only invite trusted users to this room.
> [!WARNING]
> Anyone in this room can control the bot so it is important that you only invite trusted users to this room.
## Adjusting the playbook configuration

3
docs/configuring-playbook-bot-chatgpt.md
View File

@ -28,7 +28,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.chatgpt
The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
> [!WARNING]
> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
To make sure the bot can read encrypted messages, it will need an encryption key, just like any other new user. While obtaining the access token, follow the prompts to setup a backup key. More information can be found in the [Element documentation](https://element.io/help#encryption6).

3
docs/configuring-playbook-bot-go-neb.md
View File

@ -26,7 +26,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.go-neb
The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
> [!WARNING]
> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
## Adjusting DNS records

3
docs/configuring-playbook-bot-maubot.md
View File

@ -100,4 +100,5 @@ This can be done via `mbc login` then `mbc auth` (see the [maubot documentation]
Alternatively, you can refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). Be aware that you'd better use the **Obtain an access token via curl** method (not **Obtain an access token via Element Web**) as the latter will causes issues to your bot in encrypted rooms. Read [more](https://docs.mau.fi/maubot/usage/basic.html#creating-clients).
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
> [!WARNING]
> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.

6
docs/configuring-playbook-bot-mjolnir.md
View File

@ -24,7 +24,8 @@ If you would like Mjolnir to be able to deactivate users, move aliases, shutdown
The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
> [!WARNING]
> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
### Make sure the account is free from rate limiting
@ -54,7 +55,8 @@ You can obtain an access token for a homeserver admin account in the same way as
Using your own account, create a new invite only room that you will use to manage the bot. This is the room where you will see the status of the bot and where you will send commands to the bot, such as the command to ban a user from another room.
⚠️ **Warning**: anyone in this room can control the bot so it is important that you only invite trusted users to this room.
> [!WARNING]
> Anyone in this room can control the bot so it is important that you only invite trusted users to this room.
It is possible to make the management room encrypted (E2EE). If doing so, then you MUST enable and use Pantalaimon (see [below](#configuration-with-e2ee-support)).

3
docs/configuring-playbook-bridge-appservice-kakaotalk.md
View File

@ -4,7 +4,8 @@ The playbook can install and configure [matrix-appservice-kakaotalk](https://src
See the project's [documentation](https://src.miscworks.net/fair/matrix-appservice-kakaotalk/src/branch/master/README.md) to learn what it does and why it might be useful to you.
⚠️ **Warning**: there have been recent reports (~2022-09-16) that **using this bridge may get your account banned**.
> [!WARNING]
> There have been recent reports (~2022-09-16) that **using this bridge may get your account banned**.
## Prerequisite (optional)

3
docs/configuring-playbook-dimension.md
View File

@ -34,7 +34,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=dimension p
Dimension requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
> [!WARNING]
> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
## Adjusting DNS records

3
docs/configuring-playbook-email.md
View File

@ -6,7 +6,8 @@ The email server would attempt to deliver emails directly to their final destina
By default, emails are sent from `matrix@matrix.example.com`, as specified by the `exim_relay_sender_address` playbook variable.
⚠️ **Warning**: On some cloud providers (Google Cloud, etc.), [port 25 is always blocked](https://cloud.google.com/compute/docs/tutorials/sending-mail/), so sending email directly from your server is not possible. You will need to [relay email through another SMTP server](#relaying-email-through-another-smtp-server).
> [!WARNING]
> On some cloud providers (Google Cloud, etc.), [port 25 is always blocked](https://cloud.google.com/compute/docs/tutorials/sending-mail/), so sending email directly from your server is not possible. You will need to [relay email through another SMTP server](#relaying-email-through-another-smtp-server).
💡 To improve deliverability, we recommend [relaying email through another SMTP server](#relaying-email-through-another-smtp-server) anyway.

3
docs/configuring-playbook-email2matrix.md
View File

@ -36,7 +36,8 @@ Take note of the user's ID as it needs to be specified as `MatrixUserId` on your
Email2Matrix requires an access token for the sender user to be able to send messages to the room. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
> [!WARNING]
> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
### Join to rooms as the sender user manually

6
docs/configuring-playbook-jitsi.md
View File

@ -72,7 +72,8 @@ jitsi_prosody_auth_internal_accounts:
#### Authenticate using Matrix OpenID: Auth-Type `matrix`
⚠️ **Warning**: this breaks the Jitsi instance on federated rooms probably and does not allow sharing conference links with guests.
> [!WARNING]
> This breaks the Jitsi instance on federated rooms probably and does not allow sharing conference links with guests.
This authentication method requires [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service), which can be installed using this [playbook](configuring-playbook-user-verification-service.md). It verifies against Matrix openID, and requires a user-verification-service to run.
@ -149,7 +150,8 @@ To enable the Gravatar service, add the following configuration to your `vars.ym
jitsi_disable_gravatar: false
```
⚠️ **Warning**: this will result in third party request leaking data to the Gravatar Service (`gravatar.com`, unless configured otherwise). Besides metadata, the Matrix user_id and possibly the room ID (via `referrer` header) will be also sent to the third party.
> [!WARNING]
> This will result in third party request leaking data to the Gravatar Service (`gravatar.com`, unless configured otherwise). Besides metadata, the Matrix user_id and possibly the room ID (via `referrer` header) will be also sent to the third party.
### Fine tune Jitsi (optional)

3
docs/configuring-playbook-matrix-corporal.md
View File

@ -2,7 +2,8 @@
<hr/>
⚠️ **Warning**: This is an advanced feature! It requires prior experience with Matrix and a specific need for using [Matrix Corporal](https://github.com/devture/matrix-corporal). If you're unsure whether you have such a need, you most likely don't.
> [!WARNING]
> This is an advanced feature! It requires prior experience with Matrix and a specific need for using [Matrix Corporal](https://github.com/devture/matrix-corporal). If you're unsure whether you have such a need, you most likely don't.
<hr/>

3
docs/configuring-playbook-synapse-admin.md
View File

@ -27,7 +27,8 @@ matrix_synapse_admin_enabled: true
By default, synapse-admin installation will be [restricted to only work with one homeserver](https://github.com/etkecc/synapse-admin/blob/e21e44362c879ac41f47c580b04210842b6ff3d7/README.md#restricting-available-homeserver) - the one managed by the playbook. To adjust these restrictions, tweak the `matrix_synapse_admin_config_restrictBaseUrl` variable.
⚠️ **Warning**: If you're using [Matrix Authentication Service](./configuring-playbook-matrix-authentication-service.md) (MAS) for authentication, you will be able to [log into synapse-admin with an access token](https://github.com/etkecc/synapse-admin/pull/58), but certain synapse-admin features (especially those around user management) will be limited or not work at all.
> [!WARNING]
> If you're using [Matrix Authentication Service](./configuring-playbook-matrix-authentication-service.md) (MAS) for authentication, you will be able to [log into synapse-admin with an access token](https://github.com/etkecc/synapse-admin/pull/58), but certain synapse-admin features (especially those around user management) will be limited or not work at all.
### Adjusting the Synapse Admin URL (optional)

6
docs/configuring-playbook-traefik.md
View File

@ -34,7 +34,8 @@ traefik_dashboard_basicauth_user: YOUR_USERNAME_HERE
traefik_dashboard_basicauth_password: YOUR_PASSWORD_HERE
```
⚠️ **Warning**: Enabling the dashboard on a hostname you use for something else (like `matrix_server_fqn_matrix` in the configuration above) may cause conflicts. Enabling the Traefik Dashboard makes Traefik capture all `/dashboard` and `/api` requests and forward them to itself. If any of the services hosted on the same hostname requires any of these 2 URL prefixes, you will experience problems. So far, we're not aware of any playbook services which occupy these endpoints and are likely to cause conflicts.
> [!WARNING]
> Enabling the dashboard on a hostname you use for something else (like `matrix_server_fqn_matrix` in the configuration above) may cause conflicts. Enabling the Traefik Dashboard makes Traefik capture all `/dashboard` and `/api` requests and forward them to itself. If any of the services hosted on the same hostname requires any of these 2 URL prefixes, you will experience problems. So far, we're not aware of any playbook services which occupy these endpoints and are likely to cause conflicts.
## Additional configuration
@ -134,7 +135,8 @@ Changing the `url` to one with an `http://` prefix would allow to connect to the
With these changes, all TCP traffic will be reverse-proxied to the target system.
⚠️ **Warning**: This configuration might lead to problems or need additional steps when a [certbot](https://certbot.eff.org/) behind Traefik also tries to manage [Let's Encrypt](https://letsencrypt.org/) certificates, as Traefik captures all traffic to ```PathPrefix(`/.well-known/acme-challenge/`)```.
> [!WARNING]
> This configuration might lead to problems or need additional steps when a [certbot](https://certbot.eff.org/) behind Traefik also tries to manage [Let's Encrypt](https://letsencrypt.org/) certificates, as Traefik captures all traffic to ```PathPrefix(`/.well-known/acme-challenge/`)```.
## Traefik behind a `proxy_protocol` reverse-proxy

3
docs/configuring-playbook-user-verification-service.md
View File

@ -43,7 +43,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=uvs passwor
UVS requires an access token as an admin user to verify RoomMembership and PowerLevel against `matrix_user_verification_service_uvs_homeserver_url`. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
> [!WARNING]
> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
## Adjusting the playbook configuration

3
docs/installing.md
View File

@ -53,7 +53,8 @@ To do the installation **without** starting services, run `ansible-playbook` wit
ansible-playbook -i inventory/hosts setup.yml --tags=install-all
```
⚠️ **Warning**: do not run the just "recipe" `just install-all` instead, because it automatically starts services at the end of execution. See: [Difference between playbook tags and shortcuts](just.md#difference-between-playbook-tags-and-shortcuts)
> [!WARNING]
> Do not run the just "recipe" `just install-all` instead, because it automatically starts services at the end of execution. See: [Difference between playbook tags and shortcuts](just.md#difference-between-playbook-tags-and-shortcuts)
When this command completes, services won't be running yet.

3
docs/maintenance-synapse.md
View File

@ -18,7 +18,8 @@ You can use the **[Purge History API](https://github.com/element-hq/synapse/blob
To make use of this Synapse Admin API, **you'll need an admin access token** first. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
> [!WARNING]
> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
Synapse's Admin API is not exposed to the internet by default, following [official Synapse reverse-proxying recommendations](https://github.com/element-hq/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints). To expose it you will need to add `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true` to your `vars.yml` file.

3
docs/obtaining-access-tokens.md
View File

@ -2,7 +2,8 @@
When setting up some optional features like bots and bridges you will need to provide an access token for some user. This document provides documentation on how to obtain such an access token.
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
> [!WARNING]
> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
## Prerequisites

9
docs/registering-users.md
View File

@ -42,7 +42,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=USERNAME_HE
Feel free to register as many users (for friends, family, etc.) as you want. Still, perhaps you should grant full administrative access to your user account only (with `admin=yes`), and others should be created with `admin=no`.
⚠️ **Warning**: If you're registering users against Matrix Authentication Service, do note that it [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information.
> [!WARNING]
> If you're registering users against Matrix Authentication Service, do note that it [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information.
### Registering users manually for Synapse
@ -80,13 +81,15 @@ This `register-user` script actually invokes the `mas-cli manage register-user`
/matrix/matrix-authentication-service/bin/mas-cli manage register-user --help
```
⚠️ **Warning**: Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information.
> [!WARNING]
> Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information.
## Managing users via a Web UI
To manage users more easily (via a web user-interace), you can install [Synapse Admin](configuring-playbook-synapse-admin.md).
⚠️ **Warning**: If you're using [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md), note that user management via synapse-admin is not fully working yet. See the [Expectations](configuring-playbook-matrix-authentication-service.md#expectations) section for more information.
> [!WARNING]
> If you're using [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md), note that user management via synapse-admin is not fully working yet. See the [Expectations](configuring-playbook-matrix-authentication-service.md#expectations) section for more information.
## Letting certain users register on your private server