matrix-docker-ansible-deploy/docs/configuring-playbook-bridge-mautrix-meta-messenger.md
Suguru Hirahara 543f2a5c76
Update documentation of setting up double puppeting with bridges (#3837)
* Update docs/configuring-playbook-bridge-appservice-kakaotalk.md: fix the header for adjusting the playbook configuration

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Move sections "Set up Double Puppeting" under "Usage" as subsections for mautrix bridges and appservice kakaotalk

The changes in this commit reflect double puppeting configuration flow. Since the docs claim that double puppeting can be set up after enabling bridges by chatting with the bridge's bot, the explanation about double puppeting may well be placed under "Usage" as subsection.

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Remove notes about setting up double puppeting manually

Since this method is explained after configuring bridges, those notes are no longer necessary.

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Update docs for mautrix and kakaotalk bridges: add prerequisite(s) section for instructing to install Appservice Double Puppet and/or Shared Secret Auth service

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Replace "Enabling Appservice Double Puppet" with "This"

Enabling Appservice Double Puppet is contrasted with "Enabling double puppeting by enabling the Shared Secret Auth service", therefore it can be just called as "this" if Shared Secret Auth service is not mentioned below.

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Update docs/configuring-playbook-bridge-beeper-linkedin.md: follow other instances

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Add 💡 (Light Bulb: U+1F4A1) to the headings

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

---------

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
Co-authored-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2024-11-29 11:15:30 +02:00

7.0 KiB

Setting up Messenger bridging via Mautrix Meta (optional)

The playbook can install and configure the mautrix-meta Messenger/Instagram bridge for you.

Since this bridge component can bridge to both Messenger and Instagram and you may wish to do both at the same time, the playbook makes it available via 2 different Ansible roles (matrix-bridge-mautrix-meta-messenger and matrix-bridge-mautrix-meta-instagram). The latter is a reconfigured copy of the first one (created by just rebuild-mautrix-meta-instagram and bin/rebuild-mautrix-meta-instagram.sh).

This documentation page only deals with the bridge's ability to bridge to Facebook Messenger. For bridging to Instagram, see Setting up Instagram bridging via Mautrix Meta.

Prerequisites

Migrating from the old mautrix-facebook bridge

If you've been using the mautrix-facebook bridge, it's possible to migrate the database using instructions from the bridge documentation (advanced).

Then you may wish to get rid of the Facebook bridge. To do so, send a clean-rooms command to the management room with the old bridge bot (@facebookbot:example.com). It gives you a list of portals and groups of portals you may purge. Proceed with sending commands like clean recommended, etc.

Then, consider disabling the old bridge in your configuration, so it won't recreate the portals when you receive new messages.

Note: the user ID of the new bridge bot is @messengerbot:example.com, not @facebookbot:example.com. After disabling the old bridge, its bot user will stop responding to a command.

Enable Appservice Double Puppet (optional)

If you want to set up Double Puppeting (hint: you most likely do) for this bridge automatically, you need to have enabled Appservice Double Puppet service for this playbook.

For details about configuring Double Puppeting for this bridge, see the section below: Set up Double Puppeting

Adjusting the playbook configuration

To enable the bridge, add the following configuration to your inventory/host_vars/matrix.example.com/vars.yml file:

matrix_mautrix_meta_messenger_enabled: true

Before proceeding to re-running the playbook, you may wish to adjust the configuration further. See below.

Bridge mode

As mentioned above, the mautrix-meta bridge supports multiple modes of operation.

The bridge can pull your Messenger messages via 3 different methods:

  • (facebook) Facebook via facebook.com
  • (facebook-tor) Facebook via facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion (Tor) - does not currently proxy media downloads
  • (default) (messenger) Messenger via messenger.com - usable even without a Facebook account

You may switch the mode via the matrix_mautrix_meta_messenger_meta_mode variable. The playbook defaults to the messenger mode, because it's most universal (every Facebook user has a Messenger account, but the opposite is not true).

Note that switching the mode (especially between facebook* and messenger) will intentionally make the bridge use another database (matrix_mautrix_meta_facebook or matrix_mautrix_meta_messenger) to isolate the 2 instances. Switching between Tor and non-Tor may be possible without dataloss, but your mileage may vary. Before switching to a new mode, you may wish to de-configure the old one (send help to the bridge bot and unbridge your portals, etc.).

Bridge permissions

By default, any user on your homeserver will be able to use the bridge.

Different levels of permission can be granted to users:

  • relay - Allowed to be relayed through the bridge, no access to commands
  • user - Use the bridge with puppeting
  • admin - Use and administer the bridge

The permissions are following the sequence: nothing < relay < user < admin.

The default permissions are set via matrix_mautrix_meta_messenger_bridge_permissions_default and are somewhat like this:

matrix_mautrix_meta_messenger_bridge_permissions_default:
  '*': relay
  example.com: user
  '{{ matrix_admin }}': admin

If you don't define the matrix_admin in your configuration (e.g. matrix_admin: @user:example.com), then there's no admin by default.

You may redefine matrix_mautrix_meta_messenger_bridge_permissions_default any way you see fit, or add extra permissions using matrix_mautrix_meta_messenger_bridge_permissions_custom like this:

matrix_mautrix_meta_messenger_bridge_permissions_custom:
  '@YOUR_USERNAME:example.com': admin

You may wish to look at roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 to find more information on the permissions settings and other options you would like to configure.

Installing

After configuring the playbook, run the installation command: just install-all or just setup-all

Usage

You then need to start a chat with @messengerbot:example.com (where example.com is your base domain, not the matrix. domain). Note that the user ID of the bridge's bot is not @facebookbot:example.com.

You then need to send a login command and follow the bridge bot's instructions.

Given that the bot is configured in messenger bridge mode by default, you will need to log in to messenger.com (not facebook.com!) and obtain the cookies from there as per the bridge's authentication instructions.

💡 Set up Double Puppeting

After successfully enabling bridging, you may wish to set up Double Puppeting (hint: you most likely do).

To set it up, you have 2 ways of going about it.

Method 1: automatically, by enabling Appservice Double Puppet

The bridge automatically performs Double Puppeting if Appservice Double Puppet service is configured and enabled on the server for this playbook.

This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.

Method 2: manually, by asking each user to provide a working access token

When using this method, each user that wishes to enable Double Puppeting needs to follow the following steps:

  • retrieve a Matrix access token for yourself. Refer to the documentation on how to do that.

  • send the access token to the bot. Example: login-matrix MATRIX_ACCESS_TOKEN_HERE

  • make sure you don't log out the session for which you obtained an access token some time in the future, as that would break the Double Puppeting feature