# SOME DESCRIPTIVE TITLE. # Copyright (C) 2018-2024, Slavi Pantaleev, Aine Etke, MDAD community # members # This file is distributed under the same license as the # matrix-docker-ansible-deploy package. # FIRST AUTHOR , 2024. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: matrix-docker-ansible-deploy \n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2024-12-16 12:05+0900\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language: jp\n" "Language-Team: jp \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" "Generated-By: Babel 2.16.0\n" #: ../../../docs/configuring-playbook-bot-draupnir.md:1 msgid "Setting up Draupnir (optional)" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:3 msgid "" "The playbook can install and configure the [Draupnir](https://github.com" "/the-draupnir-project/Draupnir) moderation bot for you." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:5 msgid "" "See the project's [documentation](https://github.com/the-draupnir-" "project/Draupnir) to learn what it does and why it might be useful to " "you." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:7 msgid "" "This documentation page is about installing Draupnir in bot mode. As an " "alternative, you can run a multi-instance Draupnir deployment by " "installing [Draupnir in appservice mode](./configuring-playbook-" "appservice-draupnir-for-all.md) (called Draupnir-for-all) instead." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:9 msgid "If your migrating from Mjolnir skip to step 5b." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:11 msgid "Register the bot account" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:13 msgid "" "The playbook does not automatically create users for you. The bot " "requires an access token to be able to connect to your homeserver." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:15 msgid "You **need to register the bot user manually** before setting up the bot." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:17 msgid "" "Choose a strong password for the bot. You can generate a good password " "with a command like this: `pwgen -s 64 1`." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:19 msgid "You can use the playbook to [register a new user](registering-users.md):" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:25 msgid "" "If you would like Draupnir to be able to deactivate users, move aliases, " "shutdown rooms, show abuse reports ([see below](#abuse-reports)), etc " "then it must be a server admin so you need to change `admin=no` to " "`admin=yes` in the command above." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:27 msgid "Get an access token" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:29 msgid "" "Refer to the documentation on [how to obtain an access token](obtaining-" "access-tokens.md)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:31 msgid "Make sure the account is free from rate limiting" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:33 msgid "" "You will need to prevent Synapse from rate limiting the bot's account. " "This is not an optional step. If you do not do this step Draupnir will " "crash. This can be done using Synapse's [admin API](https://matrix-" "org.github.io/synapse/latest/admin_api/user_admin_api.html#override-" "ratelimiting-for-users). Please ask for help if you are uncomfortable " "with these steps or run into issues." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:35 msgid "" "If your Synapse Admin API is exposed to the internet for some reason like" " running the Synapse Admin Role [Link](configuring-playbook-synapse-" "admin.md) or running " "`matrix_synapse_container_labels_public_client_synapse_admin_api_enabled:" " true` in your playbook config. If your API is not externally exposed you" " should still be able to on the local host for your synapse run these " "commands." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:37 msgid "" "The following command works on semi up to date Windows 10 installs and " "All Windows 11 installations and other systems that ship curl. `curl " "--header \"Authorization: Bearer \" -X POST " "https://matrix.example.com/_synapse/admin/v1/users/@bot.draupnir:example.com/override_ratelimit`" " Replace `@bot.draupnir:example.com` with the MXID of your Draupnir and " "example.com with your homeserver domain. You can easily obtain an access " "token for a homeserver admin account the same way you can obtain an " "access token for Draupnir itself. If you made Draupnir Admin you can just" " use the Draupnir token." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:39 msgid "Create a management room" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:41 msgid "" "Using your own account, create a new invite only room that you will use " "to manage the bot. This is the room where you will see the status of the " "bot and where you will send commands to the bot, such as the command to " "ban a user from another room. Anyone in this room can control the bot so " "it is important that you only invite trusted users to this room." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:43 msgid "" "If you make the management room encrypted (E2EE), then you MUST enable " "and use Pantalaimon (see below)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:45 msgid "" "Once you have created the room you need to copy the room ID so you can " "tell the bot to use that room. In Element Web you can do this by going to" " the room's settings, clicking Advanced, and then copying the internal " "room ID. The room ID will look something like `!qporfwt:example.com`." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:47 msgid "" "Finally invite the `@bot.draupnir:example.com` account you created " "earlier into the room." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:49 msgid "Adjusting the playbook configuration" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:51 msgid "" "Decide whether you want Draupnir to be capable of operating in end-to-end" " encrypted (E2EE) rooms. This includes the management room and the " "moderated rooms. To support E2EE, Draupnir needs to [use Pantalaimon" "](configuring-playbook-pantalaimon.md)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:53 msgid "a. Configuration with E2EE support" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:55 msgid "" "When using Pantalaimon, Draupnir will log in to its bot account itself " "through Pantalaimon, so configure its username and password." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:57 #: ../../../docs/configuring-playbook-bot-draupnir.md:92 msgid "" "Add the following configuration to your " "`inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your " "needs):" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:76 msgid "" "The playbook's `group_vars` will configure other required settings. If " "using this role separately without the playbook, you also need to " "configure the two URLs that Draupnir uses to reach the homeserver, one " "through Pantalaimon and one \"raw\". This example is taken from the " "playbook's `group_vars`:" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:88 msgid "b. Configuration without E2EE support" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:90 msgid "" "When NOT using Pantalaimon, Draupnir does not log in by itself and you " "must give it an access token for its bot account." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:94 msgid "" "You must replace `ACCESS_TOKEN_FROM_STEP_2_GOES_HERE` and " "`ROOM_ID_FROM_STEP_4_GOES_HERE` with your own values." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:104 msgid "c. Migrating from Mjolnir (Only required if migrating.)" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:106 msgid "" "Replace your `matrix_bot_mjolnir` config with `matrix_bot_draupnir` " "config. Also disable Mjolnir if you're doing migration." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:108 msgid "" "That is all you need to do due to that Draupnir can complete migration on" " its own." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:110 msgid "Installing" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:112 msgid "" "After configuring the playbook, run it with [playbook tags](playbook-" "tags.md) as below:" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:119 msgid "**Notes**:" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:121 msgid "" "The `ensure-matrix-users-created` playbook tag makes the playbook " "automatically create the bot's user account." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:123 msgid "" "The shortcut commands with the [`just` program](just.md) are also " "available: `just install-all` or `just setup-all`" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:125 msgid "" "`just install-all` is useful for maintaining your setup quickly ([2x-5x " "faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-" "runtime) than `just setup-all`) when its components remain unchanged. If " "you adjust your `vars.yml` to remove other components, you'd need to run " "`just setup-all`, or these components will still remain installed." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:127 msgid "" "If you change the Pantalaimon's password " "(`matrix_bot_draupnir_pantalaimon_password` in your `vars.yml` file) " "subsequently, its credentials on the homeserver won't be updated " "automatically. If you'd like to change the password, use a tool like " "[synapse-admin](configuring-playbook-synapse-admin.md) to change it, and " "then update `matrix_bot_draupnir_pantalaimon_password` to let Pantalaimon" " know its new password." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:129 msgid "Usage" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:131 msgid "" "You can refer to the upstream [documentation](https://the-draupnir-" "project.github.io/draupnir-documentation/) for additional ways to use and" " configure Draupnir and for a more detailed usage guide." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:133 msgid "Below is a **non-exhaustive quick-start guide** for the impatient." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:135 msgid "Making Draupnir join and protect a room" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:137 msgid "" "Draupnir can be told to self-join public rooms, but it's better to follow" " this flow which works well for all kinds of rooms:" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:139 msgid "" "Invite the bot to the room manually ([inviting Draupnir to rooms](https" "://the-draupnir-project.github.io/draupnir-documentation/moderator" "/managing-protected-rooms#inviting-draupnir-to-rooms)). Before joining, " "the bot *may* ask for confirmation in the Management Room" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:141 msgid "" "[Give the bot permissions to do its job](#giving-draupnir-permissions-to-" "do-its-job)" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:143 msgid "" "Tell it to protect the room (using the [rooms command](https://the-" "draupnir-project.github.io/draupnir-documentation/moderator/managing-" "protected-rooms#using-the-draupnir-rooms-command)) by sending the " "following command to the Management Room: `!draupnir rooms add " "!qporfwt:example.com`" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:145 msgid "" "To have Draupnir provide useful room protection, you need do to a bit " "more work (at least the first time around). You may wish to [Subscribe to" " a public policy list](#subscribing-to-a-public-policy-list), [Create " "your own own policy and rules](#creating-your-own-policy-lists-and-rules)" " and [Enabling built-in protections](#enabling-built-in-protections)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:147 msgid "Giving Draupnir permissions to do its job" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:149 msgid "" "For Draupnir to do its job, you need to [give it permissions](https" "://the-draupnir-project.github.io/draupnir-documentation/moderator" "/managing-protected-rooms#giving-draupnir-permissions) in rooms it's " "protecting. This involves **giving it an Administrator power level**." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:151 msgid "" "**We recommend setting this power level as soon as the bot joins your " "room** (and before you create new rules), so that it can apply rules as " "soon as they are available. If the bot is under-privileged, it may fail " "to apply protections and may not retry for a while (or until your restart" " it)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:153 msgid "Subscribing to a public policy list" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:155 msgid "" "We recommend **subscribing to a public [policy list](https://the-" "draupnir-project.github.io/draupnir-documentation/concepts/policy-" "lists)** using the [watch command](https://the-draupnir-project.github.io" "/draupnir-documentation/moderator/managing-policy-lists#using-draupnirs-" "watch-command-to-subscribe-to-policy-rooms)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:157 msgid "" "Polcy lists are maintained in Matrix rooms. A popular policy list is " "maintained in the public `#community-moderation-effort-bl:neko.dev` room." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:159 msgid "" "You can tell Draupnir to subscribe to it by sending the following command" " to the Management Room: `!draupnir watch #community-moderation-effort-" "bl:neko.dev`" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:161 msgid "Creating your own policy lists and rules" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:163 msgid "" "We also recommend **creating your own policy lists** with the [list " "create](https://the-draupnir-project.github.io/draupnir-" "documentation/moderator/managing-policy-lists#using-draupnirs-list-" "create-command-to-create-a-policy-room) command." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:165 msgid "" "You can do so by sending the following command to the Management Room: " "`!draupnir list create my-bans my-bans-bl`. This will create a policy " "list having a name (shortcode) of `my-bans` and stored in a public `#my-" "bans-bl:example.com` room on your server. As soon as you run this " "command, the bot will invite you to the policy list room." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:167 msgid "" "A policy list does nothing by itself, so the next step is **adding some " "rules to your policy list**. Policies target a so-called `entity` (one " "of: `user`, `room` or `server`). These entities are mentioned on the " "[policy lists](https://the-draupnir-project.github.io/draupnir-" "documentation/concepts/policy-lists) documentation page and in the Matrix" " Spec [here](https://spec.matrix.org/v1.11/client-server-api/#mban-" "recommendation)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:169 msgid "" "The simplest and most useful entity to target is `user`. Below are a few " "examples using the [ban command](https://the-draupnir-project.github.io" "/draupnir-documentation/moderator/managing-users#the-ban-command) and " "targeting users." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:171 msgid "" "To create rules, you run commands in the Management Room (**not** in the " "policy list room)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:173 msgid "" "(ban a single user on a given homeserver): `!draupnir ban " "@charles:example.com my-bans Rude to others`" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:174 msgid "" "(ban all users on a given homeserver by using a [wildcard](https://the-" "draupnir-project.github.io/draupnir-documentation/moderator/managing-" "users#wildcards)): `!draupnir ban @*:example.org my-bans Spam server - " "all users are fake`" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:176 msgid "As a result of running these commands, you may observe:" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:178 msgid "" "Draupnir creating `m.policy.rule.user` state events in the `#my-bans-" "bl:example.com` room on your server" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:179 msgid "" "applying these rules against all rooms that Draupnir is an Administrator " "in" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:181 msgid "" "You can undo bans with the [unban command](https://the-draupnir-" "project.github.io/draupnir-documentation/moderator/managing-users#the-" "unban-command)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:183 msgid "Enabling built-in protections" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:185 msgid "" "You can also **turn on various built-in [protections](https://the-" "draupnir-project.github.io/draupnir-documentation/protections)** like " "`JoinWaveShortCircuit` (\"If X amount of users join in Y time, set the " "room to invite-only\")." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:187 msgid "" "To **see which protections are available and which are enabled**, send a " "`!draupnir protections` command to the Management Room." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:189 msgid "" "To **see the configuration options for a given protection**, send a " "`!draupnir config get PROTECTION_NAME` (e.g. `!draupnir config get " "JoinWaveShortCircuit`)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:191 msgid "" "To **set a specific option for a given protection**, send a command like " "this: `!draupnir config set PROTECTION_NAME.OPTION VALUE` (e.g. " "`!draupnir config set JoinWaveShortCircuit.timescaleMinutes 30`)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:193 msgid "" "To **enable a given protection**, send a command like this: `!draupnir " "enable PROTECTION_NAME` (e.g. `!draupnir enable JoinWaveShortCircuit`)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:195 msgid "" "To **disable a given protection**, send a command like this: `!draupnir " "disable PROTECTION_NAME` (e.g. `!draupnir disable JoinWaveShortCircuit`)." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:197 msgid "Extending the configuration" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:199 msgid "" "You can configure additional options by adding the " "`matrix_bot_draupnir_configuration_extension_yaml` variable to your " "`inventory/host_vars/matrix.example.com/vars.yml` file." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:201 msgid "" "For example to change Draupnir's `recordIgnoredInvites` option to `true` " "you would add the following to your `vars.yml` file." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:215 msgid "Abuse Reports" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:217 msgid "Draupnir supports two methods to receive reports in the management room." msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:219 msgid "" "The first method intercepts the report API endpoint of the client-server " "API, which requires integration with the reverse proxy in front of the " "homeserver. If you are using traefik, this playbook can set this up for " "you:" msgstr "" #: ../../../docs/configuring-playbook-bot-draupnir.md:225 msgid "" "The other method polls an synapse admin API endpoint and is hence only " "available when using synapse and when the Draupnir user is an admin user " "(see step 1). To enable it, set `pollReports: true` in Draupnir's config:" msgstr ""