# SPDX-FileCopyrightText: 2024 MDAD Team and contributors # # SPDX-License-Identifier: AGPL-3.0-or-later --- # Conduit is a simple, fast and reliable chat server powered by Matrix # Project source code URL: https://gitlab.com/famedly/conduit # See: https://conduit.rs matrix_conduit_enabled: true matrix_conduit_hostname: '' matrix_conduit_docker_image: "{{ matrix_conduit_docker_image_name_prefix }}matrixconduit/matrix-conduit:{{ matrix_conduit_docker_image_tag }}" matrix_conduit_docker_image_name_prefix: "docker.io/" # renovate: datasource=docker depName=matrixconduit/matrix-conduit matrix_conduit_docker_image_tag: "v0.9.0" matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith(':latest') }}" matrix_conduit_base_path: "{{ matrix_base_data_path }}/conduit" matrix_conduit_config_path: "{{ matrix_conduit_base_path }}/config" matrix_conduit_data_path: "{{ matrix_conduit_base_path }}/data" matrix_conduit_port_number: 6167 matrix_conduit_tmp_directory_size_mb: 500 # List of systemd services that matrix-conduit.service depends on matrix_conduit_systemd_required_services_list: "{{ matrix_conduit_systemd_required_services_list_default + matrix_conduit_systemd_required_services_list_auto + matrix_conduit_systemd_required_services_list_custom }}" matrix_conduit_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_conduit_systemd_required_services_list_auto: [] matrix_conduit_systemd_required_services_list_custom: [] # List of systemd services that matrix-conduit.service wants matrix_conduit_systemd_wanted_services_list: [] # Controls how long to sleep for after starting the matrix-synapse container. # # Delaying, so that the homeserver can manage to fully start and various services # that depend on it (`matrix_conduit_systemd_required_services_list` and `matrix_conduit_systemd_wanted_services_list`) # may only start after the homeserver is up and running. # # This can be set to 0 to remove the delay. matrix_conduit_systemd_service_post_start_delay_seconds: 3 # The base container network. It will be auto-created by this role if it doesn't exist already. matrix_conduit_container_network: "" # A list of additional container networks that the container would be connected to. # The role does not create these networks, so make sure they already exist. # Use this to expose this container to another reverse proxy, which runs in a different container network. matrix_conduit_container_additional_networks: "{{ matrix_conduit_container_additional_networks_auto + matrix_conduit_container_additional_networks_custom }}" matrix_conduit_container_additional_networks_auto: [] matrix_conduit_container_additional_networks_custom: [] # matrix_conduit_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container. # See `../templates/labels.j2` for details. # # To inject your own other container labels, see `matrix_conduit_container_labels_additional_labels`. matrix_conduit_container_labels_traefik_enabled: true matrix_conduit_container_labels_traefik_docker_network: "{{ matrix_conduit_container_network }}" matrix_conduit_container_labels_traefik_entrypoints: web-secure matrix_conduit_container_labels_traefik_tls_certResolver: default # noqa var-naming # Controls whether labels will be added for handling the root (/) path on a public Traefik entrypoint. matrix_conduit_container_labels_public_client_root_enabled: true matrix_conduit_container_labels_public_client_root_traefik_hostname: "{{ matrix_conduit_hostname }}" matrix_conduit_container_labels_public_client_root_traefik_rule: "Host(`{{ matrix_conduit_container_labels_public_client_root_traefik_hostname }}`) && Path(`/`)" matrix_conduit_container_labels_public_client_root_traefik_priority: 0 matrix_conduit_container_labels_public_client_root_traefik_entrypoints: "{{ matrix_conduit_container_labels_traefik_entrypoints }}" matrix_conduit_container_labels_public_client_root_traefik_tls: "{{ matrix_conduit_container_labels_public_client_root_traefik_entrypoints != 'web' }}" matrix_conduit_container_labels_public_client_root_traefik_tls_certResolver: "{{ matrix_conduit_container_labels_traefik_tls_certResolver }}" # noqa var-naming matrix_conduit_container_labels_public_client_root_redirection_enabled: false matrix_conduit_container_labels_public_client_root_redirection_url: "" # Controls whether labels will be added that expose the Client-Server API on a public Traefik entrypoint. matrix_conduit_container_labels_public_client_api_enabled: true matrix_conduit_container_labels_public_client_api_traefik_hostname: "{{ matrix_conduit_hostname }}" matrix_conduit_container_labels_public_client_api_traefik_path_prefix: /_matrix matrix_conduit_container_labels_public_client_api_traefik_rule: "Host(`{{ matrix_conduit_container_labels_public_client_api_traefik_hostname }}`) && PathPrefix(`{{ matrix_conduit_container_labels_public_client_api_traefik_path_prefix }}`)" matrix_conduit_container_labels_public_client_api_traefik_priority: 0 matrix_conduit_container_labels_public_client_api_traefik_entrypoints: "{{ matrix_conduit_container_labels_traefik_entrypoints }}" matrix_conduit_container_labels_public_client_api_traefik_tls: "{{ matrix_conduit_container_labels_public_client_api_traefik_entrypoints != 'web' }}" matrix_conduit_container_labels_public_client_api_traefik_tls_certResolver: "{{ matrix_conduit_container_labels_traefik_tls_certResolver }}" # noqa var-naming # Controls whether labels will be added that expose the Client-Server API on the internal Traefik entrypoint. # This is similar to `matrix_conduit_container_labels_public_client_api_enabled`, but the entrypoint and intent is different. matrix_conduit_container_labels_internal_client_api_enabled: false matrix_conduit_container_labels_internal_client_api_traefik_path_prefix: "{{ matrix_conduit_container_labels_public_client_api_traefik_path_prefix }}" matrix_conduit_container_labels_internal_client_api_traefik_rule: "PathPrefix(`{{ matrix_conduit_container_labels_internal_client_api_traefik_path_prefix }}`)" matrix_conduit_container_labels_internal_client_api_traefik_priority: "{{ matrix_conduit_container_labels_public_client_api_traefik_priority }}" matrix_conduit_container_labels_internal_client_api_traefik_entrypoints: "" # Controls whether labels will be added that expose the Server-Server API (Federation API) on a public Traefik entrypoint. matrix_conduit_container_labels_public_federation_api_enabled: "{{ matrix_conduit_allow_federation }}" matrix_conduit_container_labels_public_federation_api_traefik_hostname: "{{ matrix_conduit_hostname }}" matrix_conduit_container_labels_public_federation_api_traefik_path_prefix: /_matrix matrix_conduit_container_labels_public_federation_api_traefik_rule: "Host(`{{ matrix_conduit_container_labels_public_federation_api_traefik_hostname }}`) && PathPrefix(`{{ matrix_conduit_container_labels_public_federation_api_traefik_path_prefix }}`)" matrix_conduit_container_labels_public_federation_api_traefik_priority: 0 matrix_conduit_container_labels_public_federation_api_traefik_entrypoints: '' # TLS is force-enabled here, because the spec (https://spec.matrix.org/v1.9/server-server-api/#tls) says that the federation API must use HTTPS. matrix_conduit_container_labels_public_federation_api_traefik_tls: true matrix_conduit_container_labels_public_federation_api_traefik_tls_certResolver: "{{ matrix_conduit_container_labels_traefik_tls_certResolver }}" # noqa var-naming # matrix_conduit_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file. # See `../templates/labels.j2` for details. # # Example: # matrix_conduit_container_labels_additional_labels: | # my.label=1 # another.label="here" matrix_conduit_container_labels_additional_labels: '' # Extra arguments for the Docker container matrix_conduit_container_extra_arguments: [] # Specifies which template files to use when configuring Conduit. # If you'd like to have your own different configuration, feel free to copy and paste # the original files into your inventory (e.g. in `inventory/host_vars/matrix.example.com/`) # and then change the specific host's `vars.yaml` file like this: # matrix_conduit_template_conduit_config: "{{ playbook_dir }}/inventory/host_vars/matrix.example.com/conduit.toml.j2" matrix_conduit_template_conduit_config: "{{ role_path }}/templates/conduit.toml.j2" # Max size for uploads, in bytes matrix_conduit_max_request_size: 20_000_000 # Maximum number of open files for Conduit's embedded RocksDB database # See https://github.com/facebook/rocksdb/wiki/RocksDB-Tuning-Guide#tuning-other-options # By default, Conduit uses a relatively low value of 20. matrix_conduit_rocksdb_max_open_files: 64 # Enables registration. If set to false, no users can register on this server. matrix_conduit_allow_registration: false matrix_conduit_allow_federation: true # Enable the display name lightning bolt on registration. matrix_conduit_enable_lightning_bolt: true matrix_conduit_trusted_servers: - "matrix.org" # How many requests Conduit sends to other servers at the same time matrix_conduit_max_concurrent_requests: 100 # TURN integration. # See: https://gitlab.com/famedly/conduit/-/blob/next/TURN.md matrix_conduit_turn_uris: [] matrix_conduit_turn_secret: '' matrix_conduit_turn_username: '' matrix_conduit_turn_password: ''