mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-10 13:23:50 +00:00
42e4e50f5b
This extends the collection with support for seamless authentication at the Jitsi server using Matrix OpenID. 1. New role for installing the [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service) 2. Changes to Jitsi role: Installing Jitsi Prosody Mods and configuring Jitsi Auth 3. Changes to Jitsi and nginx-proxy roles: Serving .well-known/element/jitsi from jitsi.DOMAIN 4. We updated the Jitsi documentation on authentication and added documentation for the user verification service.
83 lines
6.7 KiB
YAML
83 lines
6.7 KiB
YAML
---
|
|
|
|
- name: Fail if on an unsupported architecture
|
|
ansible.builtin.fail:
|
|
msg: "Jitsi only supports the amd64 architecture right now. See https://github.com/jitsi/docker-jitsi-meet/issues/1069 and https://github.com/jitsi/docker-jitsi-meet/issues/1214"
|
|
when: matrix_jitsi_enabled | bool and matrix_architecture not in ['amd64', 'arm64']
|
|
|
|
- name: Fail if required Jitsi settings not defined
|
|
ansible.builtin.fail:
|
|
msg: >-
|
|
You need to define a required configuration setting (`{{ item }}`) to properly configure Jitsi.
|
|
|
|
If you're setting up Jitsi for the first time, you may have missed a step.
|
|
Refer to our setup instructions (docs/configuring-playbook-jitsi.md).
|
|
|
|
If you had previously setup Jitsi successfully and are only now facing this error,
|
|
it means that your installation is most likely using default passwords previously defined by the playbook.
|
|
These defaults are insecure. Jitsi should be rebuilt with secure values.
|
|
Refer to the "Rebuilding your Jitsi installation" section in our setup instructions (docs/configuring-playbook-jitsi.md).
|
|
when: "vars[item] == ''"
|
|
with_items:
|
|
- "matrix_jitsi_jibri_xmpp_password"
|
|
- "matrix_jitsi_jibri_recorder_password"
|
|
- "matrix_jitsi_jicofo_auth_password"
|
|
- "matrix_jitsi_jvb_auth_password"
|
|
|
|
|
|
- name: Fail if authentication is enabled, but not properly configured.
|
|
ansible.builtin.fail:
|
|
msg: >-
|
|
You have enabled authentication, but the configured auth type is missing required configuration.
|
|
|
|
Auth type 'internal':
|
|
At least one Jitsi user needs to be defined in `matrix_jitsi_prosody_auth_internal_accounts` when using internal authentication.
|
|
If you're setting up Jitsi for the first time, you may have missed a step.
|
|
Refer to our setup instructions (docs/configuring-playbook-jitsi.md).
|
|
|
|
Auth type 'matrix':
|
|
If you want to enable matrix_user_verification in jitsi,
|
|
please provide an auth token for the user verification service (uvs) using `matrix_jitsi_prosody_auth_matrix_uvs_auth_token`.
|
|
If the user-verfication-service is also managed by this playbook the token is derived from `matrix_homeserver_generic_secret_key` in the group vars.
|
|
when:
|
|
- matrix_jitsi_enable_auth | bool
|
|
- ((matrix_jitsi_auth_type == 'internal' and matrix_jitsi_prosody_auth_internal_accounts|length == 0)
|
|
or (matrix_jitsi_auth_type == 'matrix' and matrix_jitsi_prosody_auth_matrix_uvs_auth_token|length == 0))
|
|
|
|
|
|
|
|
- name: (Deprecation) Catch and report renamed settings
|
|
ansible.builtin.fail:
|
|
msg: >-
|
|
Your configuration contains a variable, which now has a different name.
|
|
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
|
when: "item.old in vars"
|
|
with_items:
|
|
- {'old': 'matrix_jitsi_web_config_constraints_enabled', 'new': '<Now unnecessary. Constraints are always applied automatically>'}
|
|
- {'old': 'matrix_jitsi_web_config_constraints_video_aspectRatio', 'new': '<Not applicable anymore>'}
|
|
- {'old': 'matrix_jitsi_web_config_constraints_video_height_ideal', 'new': 'matrix_jitsi_web_config_resolution_height_ideal_and_max'}
|
|
- {'old': 'matrix_jitsi_web_config_constraints_video_height_max', 'new': 'matrix_jitsi_web_config_resolution_height_ideal_and_max'}
|
|
- {'old': 'matrix_jitsi_web_config_constraints_video_height_min', 'new': 'matrix_jitsi_web_config_resolution_height_min'}
|
|
- {'old': 'matrix_jitsi_web_config_disableAudioLevels', 'new': '<Can be set by using matrix_jitsi_web_custom_config_extension. Example in docs/configuring-playbook-jitsi.md>'}
|
|
- {'old': 'matrix_jitsi_web_config_enableLayerSuspension', 'new': '<Can be set by using matrix_jitsi_web_custom_config_extension. Example in docs/configuring-playbook-jitsi.md>'}
|
|
- {'old': 'matrix_jitsi_web_config_channelLastN', 'new': '<Can be set by using matrix_jitsi_web_custom_config_extension. Example in docs/configuring-playbook-jitsi.md>'}
|
|
- {'old': 'matrix_jitsi_web_config_testing_p2pTestMode', 'new': '<Can be set by using matrix_jitsi_web_custom_config_extension>'}
|
|
- {'old': 'matrix_jitsi_web_config_start_with_audio_muted', 'new': '<Superseded by matrix_jitsi_web_config_start_audio_muted_after_nth_participant>'}
|
|
- {'old': 'matrix_jitsi_web_config_start_with_video_muted', 'new': '<Superseded by matrix_jitsi_web_config_start_video_muted_after_nth_participant>'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_show_watermark_for_guests', 'new': '<Not applicable anymore>'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_invitation_powered_by', 'new': '<Not applicable anymore>'}
|
|
- {'old': 'matrix_jisti_web_interface_config_show_deep_linking_image', 'new': 'matrix_jitsi_web_interface_config_show_deep_linking_image'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_lang_detection', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_show_jitsi_watermark', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_jitsi_watermark_link', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_show_brand_watermark', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_brand_watermark_link', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_generate_room_names_on_welcome_page', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_display_welcome_page_content', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_app_name', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_native_app_name', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_provider_name', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_show_powered_by', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_disable_transcription_subtitles', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
- {'old': 'matrix_jitsi_web_interface_config_show_deep_linking_image', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|