# SOME DESCRIPTIVE TITLE. # Copyright (C) 2018-2024, Slavi Pantaleev, Aine Etke, MDAD community # members # This file is distributed under the same license as the # matrix-docker-ansible-deploy package. # FIRST AUTHOR , 2024. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: matrix-docker-ansible-deploy \n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2024-12-20 09:53+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language: jp\n" "Language-Team: jp \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" "Generated-By: Babel 2.16.0\n" #: ../../../docs/configuring-playbook-ma1sd.md:1 msgid "Setting up ma1sd Identity Server (optional)" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:3 msgid "" "**⚠️Note**: ma1sd itself has also been unmaintained for years (the latest" " commit and release being from 2021). The role of identity servers in the" " Matrix specification also has an uncertain future. **We recommend not " "bothering with installing it unless it's the only way you can do what you" " need to do**. For example, certain things like LDAP integration can also" " be implemented via [the LDAP provider module for Synapse](./configuring-" "playbook-ldap-auth.md)." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:5 msgid "" "The playbook can configure the [ma1sd](https://github.com/ma1uta/ma1sd) " "Identity Server for you. It is a fork of [mxisd](https://github.com" "/kamax-io/mxisd) which was pronounced end of life 2019-06-21." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:7 msgid "" "ma1sd is used for 3PIDs (3rd party identifiers like E-mail and phone " "numbers) and some [enhanced " "features](https://github.com/ma1uta/ma1sd/#features). It is private by " "default, potentially at the expense of user discoverability." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:9 msgid "" "See the project's " "[documentation](https://github.com/ma1uta/ma1sd/blob/master/README.md) to" " learn what it does and why it might be useful to you." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:11 msgid "" "**Note**: enabling ma1sd, means that the `openid` API endpoints will be " "exposed on the Matrix Federation port (usually `8448`), even if " "[federation](configuring-playbook-federation.md) is disabled. It's " "something to be aware of, especially in terms of firewall whitelisting " "(make sure port `8448` is accessible)." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:13 msgid "Adjusting DNS records" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:15 msgid "" "To make the ma1sd Identity Server enable its federation features, set up " "a SRV record that looks like this:" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:17 msgid "Name: `_matrix-identity._tcp` (use this text as-is)" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:18 msgid "" "Content: `10 0 443 matrix.example.com` (replace `example.com` with your " "own)" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:20 msgid "" "See [ma1sd's documentation](https://github.com/ma1uta/ma1sd/wiki/mxisd-" "and-your-privacy#choices-are-never-easy) for information on the privacy " "implications of setting up this SRV record." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:22 msgid "" "**Note**: This `_matrix-identity._tcp` SRV record for the identity server" " is different from the `_matrix._tcp` that can be used for Synapse " "delegation. See [howto-server-delegation.md](howto-server-delegation.md) " "for more information about delegation." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:24 msgid "Adjusting the playbook configuration" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:26 msgid "" "To enable ma1sd, add the following configuration to your " "`inventory/host_vars/matrix.example.com/vars.yml` file:" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:32 msgid "Matrix.org lookup forwarding" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:34 msgid "" "To ensure maximum discovery, you can make your identity server also " "forward lookups to the central matrix.org Identity server (at the cost of" " potentially leaking all your contacts information)." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:36 msgid "" "Enabling this is discouraged and you'd better [learn " "more](https://github.com/ma1uta/ma1sd/blob/master/docs/features/identity.md#lookups)" " before proceeding." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:38 msgid "" "To enable matrix.org forwarding, add the following configuration to your " "`inventory/host_vars/matrix.example.com/vars.yml` file:" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:44 msgid "Additional features" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:46 msgid "" "What this playbook configures for your is some bare minimum Identity " "Server functionality, so that you won't need to rely on external 3rd " "party services." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:48 msgid "" "A few variables can be toggled in this playbook to alter the ma1sd " "configuration that gets generated." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:50 msgid "" "Still, ma1sd can do much more. You can refer to the [ma1sd " "website](https://github.com/ma1uta/ma1sd) for more details and " "configuration options." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:52 msgid "" "To use a more custom configuration, you can define a " "`matrix_ma1sd_configuration_extension_yaml` string variable and put your " "configuration in it. To learn more about how to do this, refer to the " "information about `matrix_ma1sd_configuration_extension_yaml` in the " "[default variables file](../roles/custom/matrix-ma1sd/defaults/main.yml) " "of the ma1sd component." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:54 msgid "Customizing email templates" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:56 msgid "" "If you'd like to change the default email templates used by ma1sd, take a" " look at the `matrix_ma1sd_threepid_medium_email_custom_` variables (in " "the `roles/custom/matrix-ma1sd/defaults/main.yml` file." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:58 msgid "ma1sd-controlled Registration" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:60 msgid "" "To use the " "[Registration](https://github.com/ma1uta/ma1sd/blob/master/docs/features/registration.md)" " feature of ma1sd, you can make use of the following variables:" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:62 msgid "" "`matrix_synapse_enable_registration` - to enable user-initiated " "registration in Synapse" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:64 msgid "" "`matrix_synapse_enable_registration_captcha` - to validate registering " "users using reCAPTCHA, as described in the [enabling reCAPTCHA" "](configuring-captcha.md) documentation." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:66 msgid "" "`matrix_synapse_registrations_require_3pid` - a list of 3pid types (among" " `'email'`, `'msisdn'`) required by the Synapse server for registering" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:68 msgid "" "variables prefixed with `matrix_ma1sd_container_labels_` (e.g. " "`matrix_ma1sd_container_labels_matrix_client_3pid_registration_enabled`) " "- to configure the Traefik reverse-proxy to capture and send registration" " requests to ma1sd (instead of Synapse), so it can apply its additional " "functionality" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:70 msgid "" "`matrix_ma1sd_configuration_extension_yaml` - to configure ma1sd as " "required. See the [Registration feature's " "docs](https://github.com/ma1uta/ma1sd/blob/master/docs/features/registration.md)" " for inspiration. Also see the [Additional features](#additional-" "features) section below to learn more about how to use " "`matrix_ma1sd_configuration_extension_yaml`." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:72 msgid "" "**Note**: For this to work, either the homeserver needs to [federate" "](configuring-playbook-federation.md) or the `openid` APIs need to " "exposed on the federation port. When federation is disabled and ma1sd is " "enabled, we automatically expose the `openid` APIs (only!) on the " "federation port. Make sure the federation port (usually " "`https://matrix.example.com:8448`) is whitelisted in your firewall (even " "if you don't actually use/need federation)." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:74 msgid "Authentication" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:76 msgid "" "[Authentication](https://github.com/ma1uta/ma1sd/blob/master/docs/features/authentication.md)" " provides the possibility to use your own [Identity " "Stores](https://github.com/ma1uta/ma1sd/blob/master/docs/stores/README.md)" " (for example LDAP) to authenticate users on your Homeserver." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:78 msgid "" "To enable authentication against an LDAP server, add the following " "configuration to your `inventory/host_vars/matrix.example.com/vars.yml` " "file:" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:98 msgid "Example: SMS verification" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:100 msgid "" "If your use case requires mobile verification, it is quite simple to " "integrate ma1sd with [Twilio](https://www.twilio.com/), an online " "telephony services gateway. Their prices are reasonable for low-volume " "projects and integration can be done with the following configuration:" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:114 msgid "Example: Open Registration for every Domain" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:116 msgid "" "If you want to open registration for any domain, you have to setup the " "allowed domains with ma1sd's `blacklist` and `whitelist`. The default " "behavior when neither the `blacklist`, nor the `whitelist` match, is to " "allow registration. Beware: you can't block toplevel domains (aka `.xy`) " "because the internal architecture of ma1sd doesn't allow that." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:130 msgid "Installing" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:132 msgid "" "After configuring the playbook, run it with [playbook tags](playbook-" "tags.md) as below:" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:139 msgid "" "The shortcut commands with the [`just` program](just.md) are also " "available: `just install-all` or `just setup-all`" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:141 msgid "" "`just install-all` is useful for maintaining your setup quickly ([2x-5x " "faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-" "runtime) than `just setup-all`) when its components remain unchanged. If " "you adjust your `vars.yml` to remove other components, you'd need to run " "`just setup-all`, or these components will still remain installed. Note " "these shortcuts run the `ensure-matrix-users-created` tag too." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:143 msgid "Troubleshooting" msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:145 msgid "" "If email address validation emails sent by ma1sd are not reaching you, " "you should look into [Adjusting email-sending settings](configuring-" "playbook-email.md)." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:147 msgid "" "If you'd like additional logging information, temporarily enable verbose " "logging for ma1sd." msgstr "" #: ../../../docs/configuring-playbook-ma1sd.md:149 msgid "" "To enable it, add the following configuration to your " "`inventory/host_vars/matrix.example.com/vars.yml` file:" msgstr "" #~ msgid "" #~ "See the project's " #~ "[documentation](https://github.com/ma1uta/ma1sd) to learn" #~ " what it does and why it might" #~ " be useful to you." #~ msgstr ""