tobias/infrastructure
1
0
Fork 0
Code Issues 5 Pull Requests Projects Activity

Synapse Config

Browse Source
This commit is contained in:
Tobias Manske 2022-12-02 04:05:41 +01:00
parent 09ffb3a584
commit fdb568a63c
Signed by: tobias
GPG Key ID: E83C743C1FC2F79A
12 changed files with 1534 additions and 272 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

569
coreos-config/group_vars/all/vault.yaml
View File

@ -1,261 +1,310 @@
$ANSIBLE_VAULT;1.2;AES256;secrets
62363165313966616662613430333139383139313534373334303965633335376361333230363966
6533343037343336386261333335626535613232363662360a626266663633633565623936316638
63393365373530323933316131616662366562346339666366393236333461353438653137393630
6335313136623630620a316666646266646333656137316462623664643634353939333665396161
30303131363637383230346236613433613238643737636164396237386665343032323738326162
66353265343732373265336431663538383130386133653064333063653733623439383664646365
38653335336265653535396166316237613830623832643636353261623664316164373563373563
64663739663032353966643165316135653835343337616539393336323261326437613037356263
63333636363631393234623739653165336434306339633232623164323662646538373266316664
39393537316639386162313137653466383763306363663066313835383264333532306331366233
63623738343733626266323962346266356665656338333837333235373363306562396536333566
30336666643763336537353234363564326437623462313064353662663964343834323039613334
38663839366136633830366165323734666337663362643638646464306164333462386161623630
31623764323039383132643163323462616262353064646635326239666232653162353066653664
66396335383762376132653735306665626666343332396662383839376138663466363431646566
32373465326136353465393263626138353933653734366337353831303261633231623335656565
33303039393530333463313965643932636133666636353564363965343835313635656338303563
39383939343362643331643964616130323138633934636664336237343136383264373232386265
65643230353962653031663561326431313136383761636664636363353137306366396366613133
39356235323330653934366461633733336138393932616530386563356162313939303766313439
37623161323764396465613665353036306464313137356665626439643838386665633433663935
35396435363137373665386466313163333130356361633632306236383530353635633639323364
61373931643462343031346237303135373030666232333761666238343135653738363964356434
36653533366131316164326631363835653363643463643430663731313632303331616431343937
37373761316636316365633164383764616336366361393736386430393662326162653065316536
63386334636463643639656364663331656132643461343064336362376537343063653464313336
39626139383937323332313533663637623261633461313962353334356537613136623936633563
35373566343561373839656261306539383839363661633064663836653836636464306439303932
37643261306339343961313032613962623338666133396436306231316263346135313364363030
30653838653265306365356161376662346266636264643865353139613439356232316662393961
35663432383636663832346266633037333264383035356261323631323433313237366334663839
38393536386466636265616239383037336631623831656335626266623865613434613837613335
65346532343262363263333037623639636530623434383331613139336432373730366662396433
38663162353438363037626664326436373232656164356337313336346363633732396136653364
63373861343234656635643263666562633435323462353162643336323433346534386330646263
62303364663861616130363465336431373836613336643466336264346433663930363836363533
35393937383536393233383963613664306665363435326238386364666431663930636131333735
64303762666234366661376330323730643038313134323031613261386435323139633637326133
63613138303230373438626131633465306463616633383863356535353134383937653938343162
66306633326466353832306461653132363262343335373862373866383833393331303535666432
61313530313938333639386566313266636165306561383463383765303363363466366134623531
66356639306638643165306539346539653436643931373861386237653163646337356131653062
35393239663234356633343435306237636138653435346362643131373430663365343362653832
62323665313865346135356562383663666563333166343263353633336338326135383134393835
66333365326639656632653562323165616333663231616639323166613634393137386639383039
32333663313363333235663461653437623630636633373563393935366434633362306236326263
31353530393766626634666266336632356134376337343930316265356466393133626262653137
38323635623832386635356133636638613631373939396637316338316236343663656335346262
64663961383734306562303936653561333030323236363165666339626530653761633632376331
61393334343538613835636261396232323061643431323963323963613263393266613165363564
34646563396366613631653634316633666466316565613161376263623163353966613465336161
31373333386262623864656336393063363166356133336336306438363666636432626531333166
37613233346434386465376266386362636232373130653532653830326230346661316666373034
34616631353563636463336633623062316461323464343965356365636561663630656162633237
61356135643165373039393636313065326562396439623563303738363765393566366264386639
30313930646332336234653863396661396363313331633339323333656662353238656462613161
31623136326163643530306635363962383335306164383635613031306431363636396565306666
64623437633535663332386365376237633336373036316239356635333165326235323163636537
64376639356336363233643762653564636336653530636434646664313535303565663938376366
36623039663632633561333432623437633838303961336663323336393236316433616363666664
39666530653030646136346136383039366464376535313537366632373434363666653266306531
61336336383037323638663564383534363531353234356332353236343834313039366433343032
63623065333335663132333566376238383931653730626439663630363766373665393339616232
64613263663431346235313065636664386164393234653136393332646463636537373465346133
61623436373230636333656164373865646561356365626437356236656430313663396538323862
34356565316231663261646233393265623966353232666631383836383537613664353238316165
36396236363531363031316436313338613836666631333565646430356638373939366231396132
65396136326666323931363037306665323033323966623865373261343834383839376630636331
33653432333366396236623034313836633834373233303237356534343536663036643461313166
61336335323161613136646266383137336630646664393566663339633262336336613534313361
37376331623534323538373235633564643366616465323862326433313033656232626137663635
30323032366461346662303032373938316239613839386132336336343935323233376634343366
31353261346638393330633036636362373430613333653566326664323230373733396230316563
61326462306362633330656134383764656164616261643561326161326233323236356536303332
65636136613861613064663531353465656662366162343265333662656532663239643937313261
31663864316266386532623436313339636134376564626339343365653461363839653239616235
37633534316536373337643538376638373839633462626463323035323933376633633732393437
38323931343339633839363566346234623238653834353739366538656630376266316339393465
34626464343635323736376634653263313762326430353164323963633963646465386632323631
37643938643462383637613431393532633137326336393166636330643065653834663065333731
33303063326436323135356232396234336561633638633364303938623662373232633937656533
37373039613738333632626262626561386565626330393038356533303964643831643139613465
37386531663330393062383933653463643164336362353262353430663933313832623762633232
33646430653163633833616234326663333861313630316535626362393539616330306161343032
32313834633563313464643137363362636562313032393034303364313234636231663766383239
66316633383131623332306161643234393238373735636565323634366336366638666532363130
36373539643935333736613532303337653763643139396138306466323336386638346435626364
61306665336332663433343434346365616431386366616236313633373733323733316238373636
31643631316237356236613662363462326434323337306334306164653537366362633737353530
39313738643963353534623562383161633431653833306533303464393530363433316535646331
66373737383731396532666562323062313630636539646466623664626337353835356439646438
61616661643361646135383364373534313531353166316430646264646637333564613937636565
30363331366334613630643039616239653135323337383437393466623861643733643737383138
38333732373564363562626638666262303231303561613665633562333338343430353533306336
64303634373137306637643031376663623963376638353566363735323733393163383438333466
36613262376133383034636639376434643362636330313134366466303435393563623139616434
36653237656234666634383064396661323263666465643330623964346366643339636661663735
32653234396637373866663534363866663037613430303534616662353231383837303166643537
34346431316363373033646130313932353337643664643537396235376630363136303131616466
33306532643063363366366535393865663665336465663431643038636530383336393439393565
34663131383235656131303235663535383036353437663737306233613536646136616464663638
39323936323737653732666561636634343264653434636661346331653235326638376162353264
39353230313433666338656333373736373362636662376661313733386535323135376239653438
37316331303336346335656534643735663935636139633439633738363839333766373037306464
37303439623838643432356564326562383664343963386632333430623762323833333132643938
66313231393633666237303532313462326561353431613539353261303836396662383930633932
32653730376461633733363139336532306231656332613236616361316634373536623437353032
65636639616531333165313864306132656535336566313438343833663665306232356436346637
31626166386165336132313662343533343330303833316538643264303665343731373063633630
65643264396433353239666164636635363861646235656533363533663064333833613463306361
35396633323063376137336539663832346539396431363066613862623532313137346639303839
32666235656465386162616437643763366463383866363235303136636432316230303036323538
32626132396637633833633930653563656438313736613262383633653233656565633264346661
37316633326465633165353263393561326164313463343662383866343166323239666439306463
35656266656135313533633464643064666532653466643334303137303365636434643637393235
65396266623562656437656336343035633737376534393136366230343731646135663863396530
32666462653138363036633532636234623939393963613862623330343263313633336136636262
30666564316265333131313663333035653164383237386334386139646231383638373765393738
32633738356165613334656133656236643138303736306133303535643964663333633333333661
31396663643261643031316432393465363133613933393136626435656661363038653166646438
64663232393131343635643762366463623063653263626164363265356133303337636162653461
38663838386331306131383234386435613430333334393166623935346666356533653463656334
32643532303631353265366437633331666532353261313832353337356439626337613932616331
63333939646635353634393134393963353462313039373239313937663836323138666364386262
65626435393532343631313030303837666163613736333034373136653130346335623135383230
38323534326561663562356161353263336263353636333163393137346366313232613531313035
37316238326332623532666266373236383834643335646539353263396461663761326530386133
38646134396636323230653132363937353634646162663165633330633632663337663166633763
33633938373134613436633264356134323136366263336433306562316436313133636265363136
66313565393965373038653730373233326264323633326230313738363634613636396566386338
39323062373865646262666565613064626231643261346463653731386563633830663432393434
61323631316465323964393439373337653064373663306164663064643566316235303132323663
37353663393539393834346231306265353764366435646665306161346132663862663631623237
35376637336230383239643931383662333837396634383465383766383739333961613865323761
33353837343963663265393837366336636561336336376465383330366131366137616433636132
33623431626463383031313335336332656539626132643634366664636637653331613035663039
32636134376333326430343338333539626332633130383161643835613363343162613834306462
35623835633330316365353165623466663764333661633864386539393639343463623939646334
32323035323762613935663133333632316464303836613039393863613361373031353730393566
30386562346330313365646534363464653730646161373036356465666433626334316633396538
37303263316563626332313735353363623436666235363535323730666563366539363266313661
64336639343438616338386338386363323934333631633838663436303137326334323634633138
34643966663564663761306538346336633862613539616336366139623035656330626466373030
36396532373932613365323462376235346138663433363535383335306230636137616531343437
64376632653732383063346662323439343963386434383734626563313330343364343164623662
31373365653730376465356438393739616430363562303838306466646630636362376661653139
62373466386166656530346637303138396163316632313235643262383466643130323061393166
33306564313661373164336435646430313538333162653536623439373866383033386135643862
64376662643036326464336466363838653833353137333164663131343834383636653165383935
64363665383461393030616133396465613132653530346433313065663338623434323466633436
63636135313037396638336638316664616466626562363330666139393265356135653830386464
66646137343763333339356535633264333532356235333630303837316639303239383764643761
33376539616239643765356436336661313462333536633939326162666465633633376530383166
63656436643963633137383864306463633338373837663366313865663562383331306633363132
35316565653837643230333931376331643634346332376339353264393166623162366630373539
33303830303437633765613362363662316364373335396137303332366665383964333961303934
64396166393663613436386530363663643236306232396532613265333161353034306266363734
30336363373435623534303537616436373063396465613536306535346263313062323136643737
65613061653130336131336138306631383062356537623630626563616361636537666137633636
37623263653932303966313865616266383830356361653136316561623139346232313832356233
38373330643764663761643233366463396362303033306537336634346266633630383831366638
31313438393237333864346464663830656162306664643165626565636530636361303265343036
32653836353432656133633237633062333966343762643735326563626133346331303339316532
32303866333932653266303036356465626237626232303862313235623463623337363764653335
39616235353631363139613932643932316264653163333364616330373130363661343833663965
33313634653666626235316130666534623066623936613261316364383131313065396636333863
34306665633361653763386136333965383766346330383664656630616434393232393966303032
36396261653365616438613465353763653763376334303439663532633962643934386331656434
32313565306665633461393737333866376431376634313336353233633333383235326464646138
62336436353333646333633932383139636631616537353839643836333663663338333836383963
36323434646232393230383938643162633866313839623964636634373335653564376337383663
62373231613931663832633235633538353936373062646537626263386462643662353230333266
32613561373235646531333363303133636665353934653331333339326164633635643462656462
66633364373438326666393133366133383765653634393139376238383037626636323032306164
39353436346531376337363537633131653237333133636235623531613431376539616263656133
33316562326232623437646333636230636662653531313836353566616263393935383536343933
36323932633832626530306234343033623362353733373932663062346338363732363835613531
66663364303133366639396137383235626530653332383032623762306332626164363936373838
31633036656138623439373733636331366633333637303737333565383665646365396136323536
33623032393036636663636137633464343438303664313866396132313435626565343535633331
34663362346366646331643931376438343363626662353035623039666561373335363234636634
61643131616563303965613262313466386264393764663361633938323166383462326362393731
39356633363564636361373861343439386637613461313334346466303134363732326561353638
63356134313535373037336134393235616638653536313430306332393339626532343137623863
30623965613235373331376436326263376231323135363062356166623862663038333961623737
65396330643735386536643930353264303231643734653532626166666364343632353535343232
35306133333631376435666666653837333264323338643635316334366166346537363436633037
65656439333338336438326537313262643463653165663264383261323961656538343837356464
33666664663265396566373032633831336139353965303938373930643138343130346461626334
63316465306561353530316166393765313839383038643065653332393562316134656263633264
65646136383038326531613762333061616665353031633563616538613164613039653538623965
32613435346661393234373534646362663361333637383436646338663862326663323066613531
66643566323931366430343139396234303335626537663534363962366133343937643930623366
62623163656335373761333762636637393835376565613832383739643433313462326630343134
65303539336134643963633832396366383362333361386565383535333464656565343830633437
37353732623436353962396362623336353633383366323537333839636536656639643435303165
35656134353535666339643861316562336437366532356463623965613961356132333662343335
38663165663036353865316564336532636232353765643263666266656161646565613162633263
34663931376661383665616133613038363832303837653232373339363535616234366135343738
37316465636132393164373530393137613961353138353732643032316537353638653436633831
37626139636632303533666233376262653030613936346130636130326663356334656530373266
36373062303532336434343735303836313930363233333637353131343761303933313233656131
33393435323230636366306463346335386634366661356464326561376263306666363832636136
66353332373038636636333830663233346362623562613438633035356238653430636230336564
62656337396363623465376362653161376439376166306166343365363834613965646233303233
66326565663631346534653861393561333866363937396335393639626139303361393935303161
34303337356261646235306135646362356535356463366335306637616466633036303838343061
61323439653537353438326364613630313836303333626361626339303766353234396135616330
39613166333566623839383462336138316462303562666235386232353665613063353337353863
39326366353436306664646265636466303838363166346437323561623437616238396665623038
63366538623038383736343365383166303364623531656331323239393761633435353632336238
65373030653030383866326466666631303663336565386362623566323938623832356335616662
30373663363165626231343735303965633135383962366366373561663862333934363439363739
34663837366331646462336664333937623563663931333734656162653333633166393938393762
38383735663831343561643938363131303034303632333932663838306561386331393936646435
33393930666161333838333766313532616362623837653966383635396238346234663335613738
63393464333235303666646664383133303064656133316333666636386431396366346261363262
37383363313434346262336163663135653465343238356264313633303130633361653065653134
66356235353937346534313433383863393633326638383537353436386237656631323231333439
34616431643561646532636666396432306264326136333332626234653938643766326661313265
39636135616631393963616236633933653766383032666439366533306333383133336438376138
38613635383137376362326665316564636464663735326161376336383530633730386532363033
31626533383539396362346436646164393238356263386364613964336266633536636638656631
65316538393164333363636166313036323433376564633834353430616134396434376166356137
31633963613362656438356466396632386236393832333539646434353766346433376634306363
35373833376135613337643936326239363330383539306439353562346262363264663439356463
32633737303231316231376666663761393563356465333963643534383865636436363139316531
37333538653230376131623937626336626165313733616463643038653866623830333137343833
34613864366237313034323765393336346337613830313138393764613737633235653337323966
36393361386439333238393665616431396432313538373435626463626431373336396663613931
33356363346465616630626537343531343231336336373133643232383036646437393933646562
33353630613530663033333539646565303533346561363066353566323130363864323233353631
37373232633661666230343661653431313762353730323636633530333763613434656565326237
38633433343431643262633164643632623532353765323266636137343132323265333962363937
34393565386431623833353234646464316633646136333034626564383365373662653737666332
30313831363833316333323964363336326264333034306437643938343233656261316137363466
63326363613037643437653466653233626539333166336631333365633730336265656632656131
63303639303665623737383535366164363763663266373361346434636361356437303332303332
33333166373935643861303862336636613736346339336664393262626336363564613639316231
63663531393737656332376265623533653366323936623330346433383039383330343566313532
35653233323737393637316163626336313132326465386464626265316662643063626533383265
61646362333634353436343139343032363462306566363431633432303264306461633439373564
39616535393031333761336136396431353035323432313132303436626466366366613637613530
61633465343138646463663162313565656535316236376565356661636265343562343462333633
30316262346238616238323938333036313733633132656133633561383439373931393238376535
31613264363863663432653733313437323539383532353166636137313662353333366166613862
38383366306337333564333066636562306634326136306636383739363739326433626634626665
35643534646232383838663231613833313261366439303362316231626631313964303836633834
36303932623530626432306265616437303038653933356666656364623365626434393064363763
34393734356266633362643638396135323631616562313161366433393633356535303537616564
61353436353334613830353035313733613538336330663339393766333063653135373532666632
39393663383231616632376331333535343563663363363463613836626137376266363739366138
35623136643431323362383762353833333233316535643037613838396363633334656438343938
39396634396232393935323165353563663362303934633863316566333439643130356631393039
34663762353132393638663963356432363835643065633366336464363539653236373439303461
31626234346365656337633964303161623533333838656662653036313766333064313839336233
37633739323131643630323133353536626334366563303031333964356338316363333236613662
31383630663536306262363761343164396661383630653638636638623734336262336339313264
66653461626164316636656561653763366133373762313638343363383632393238333030643531
30336466653963663739
36363630663965616332643735633962316565343233376635656330393138623432663164336233
3735346164626130313138393664383662326463393862620a303135323531383236376635313230
61376530383363623136616462656562393365653137366333313439616561313035313130616134
3764633636303862330a343033383763666462376130616263323632306264376633666536323565
32366633633730343336313236336636323536363538386666396531373362613162653439343932
31653331306633353866346232633362313064363439353662663033363635336362376262653839
32633739663334343466613134343463323162343865353636646630666339666637633163626632
39613130336530393934356639653331363934323366386234353230366437616433663538336562
61643338333837323861313438666564386434363931393631393437383438643966323963323831
33303938623235346337643765313131653432626631303630393831353066333232326364383865
36333762653937646436306364616633643064653964316634613139383639323466393336323665
33333134353433666563623661393761326265323238313562316436393633373630376564613230
35383566663765613264633838396134323961316233646639353133383466343962373334646163
32316336633033613563316238636263393537303136376337366463393537313130373132366433
63353965356263623666656366376561373561316331623261386661656561346363366432323365
65653564633834363762303161613437636531326163346235393937346637633433623534373138
65383832393666323237613930326164626435633139326432383337316536383230636333613934
35383638336165303839303764626235383163616262373935666563343333633235623464373130
61326136626662643262633030356362303539643432346438343366386630373635643935373434
32386233663066623930616564393938343239326334353134393038306337646138653931353138
37616363623533336165653663323463393936626130333238376438623036616236656361313730
35396335643239646266323238323138396430393466666366333136333062373639653966386261
37363064313132333463333639666662623531656533353338623333616464383066333238656466
33386132383530356135363132343330623933336436393463363265383863313633323930626362
65623833386162353834613064353538653932333434373063373738373037373332666161663662
66383136393334346237336435373762323231376234643637373332336461346438353161313937
35386330393337386539623538303738653234303936343236336133373135353131346333373836
35396330323630313030666432393066373966663433623462653039666665656531396534646461
62303038373330306665313265613366333265313463353661623138616663393634623066643563
65613237363839613262666138313534373835313636646434626433633962643733343533346238
64633536666162633464623036353865336538336365353232333532646665313966393630616466
63323863336431613065356663303638353430643830313863353335396531653439356538623066
64316139643163613736343637323131303533396335366339343238613730393832653735383333
39393461663665386464656634303563313762316164386337313365316237303532343736643530
65323532333834666366623236653432323664356434633330636465636633626434633266396634
63336365396161313835626164663064623330646438396636633938333133306162313563663730
33373862666364643966636131393162303837616338396462356134373238633937633230336337
32333733623966383365316434373637353164353234653437623732663233313062643034623837
64653531373731343231333832653865663932353530303837366430383330353839303038316338
39373964366362383661646338323665393639336235653466313732333264663230313365623839
30373239303631663963623865306661616362373036306466356239383666383939336563643465
37616639346533633630316237663232363561623234363261653562393139653330396361353131
33393434373437386461356366363061663338356439333832616432626337396639313536326566
66363537623733336339353332393233313264646534353166333533643737653631366436616636
63323965313337363761336663643839373562613936323063383832613239383561393033363531
64383636306364303737653938333832353337393535346434633835303232643338333930353036
35353464366361313737303038316330333861613930343038303062353737303335383263393334
30613037353765356463653064396266323162633837366133656438376661353033376336333032
62663238373531313836323139333261353662333637343835636666346430646664613264396462
33636262333463323665313335623838663530373866656266386232663235326666333237616330
39653937666336633835386531646331346563616466353266653738356232343064633135346361
33313236363936626261663964613139336163383761306536353465396236323836376135653233
31653961363832383632353437643934616266646537303035313035326238313134623933353733
38363737323466313734393232383532306136653731656261316134653962323937666134646664
30663734663838393537663038643462303132616136626561643661306333366366306432626163
35313463326232396637383432326362656362616630346461626438363935393137396636353831
65343932326536626164316334353562373437626663303464306634353939316338376566653237
30643539623161323166623464346563393431326362323432613734663535343638363336323633
36663766343733386162303839326534656535376364333530313261343561623831373038613535
65373339393666343638646536643665313338313831313663373831636636366164363366326235
63643961356636343064646438353363643636613436363631643433373437643539393330363732
62653639643930303366346631353137383131326465393333613539646130303966306439383366
33333639656263323564613339616536383836313036396132643731353162313334346462323438
32653662613963613536333532666132333432346430316434636161643736316564636565633935
36393065636431646366346135373239356638623236616666396232643164653033376666623436
65393938323965616532356430336131633666386634626233363739336637636262313764313665
36633835333735626531386631656665323661626234383737396339656337363965353135646565
33316530646336666534353964366663366164336365356435336534653535643864376266306439
39633335623064343866646466613239313438313363366233336663386638343639643030653830
62376132626132393266653136633066316334633133613734306133326666303439373664356539
62636534393434366664323530306566333530396133323431393965666538316439336636623731
61313361653564316533383462343031633666663730636139656662646165336363396531626436
65646630666430306563646436656561653438396430653836396434363339626535343136653264
62313337363931346662313936363631396633363331656236316163613663363533636262646538
33326434326662643665313264353263383130633136313166353362666331393235343937343731
65666133346232616432343438346663313037356165636338353361373438663466303763316464
63316333333865646131346365336331323937663461656139613730663862613935653532393061
66386663333763646364653333316230353862306432646336323439333537613539363762353838
62653839633463616638646530653963626532633864636339343830393266366334623766356465
36363638396331613335356465383937333937663931393864663035383561373633373662316434
37613861613637386465626166656366366133623866393132323330623366373962323930663538
32613134363737356633333936373430633461633634366339623735613832346462383361666462
36643266653066396638663839643138323233393936363937333061653134303766343765373032
35316138363534306436643163326439613536386331656139383165623239656336343136663964
36383836623638363639383532303439653663663832666266656631303639373164656462313237
64373135356435643765386663623536346363623338663838666664323766653631386662646136
62323331383332616266636464633836643330663962656234313634373361396135656439656232
37323734643337656363626465356138663437316634343336323232353736396231333530633836
61626336643433386262623539643661356234613861626531346165623761656164333163383735
37663862356263613035633663646535303432663330306339303562343065616539346262663231
63353262646330666261383262663437373431626361373461383838363331303531396366626233
63656538353662636538376635363838353539646138393634643161313365316330313964316463
62633430346136316361323865376664613334663139663834393264363333633239613164616532
65653565363161666139303766353730333935303430393533656461303432653835626232323664
37353634376338366136376239386236336339386231646434343964336461396563353762306539
33663465393134393038653563316561393062336233366166336463366235353438313335633463
30333461383261316534383163353663363833376231363637356165326665623663656439646462
64663534306531333563323931323639393235623661383334616161316238363964646430623332
38326132393264666439656235333363666439613534346435303339363239353436303730353832
66643266623263363431636430346234643361383861303133336463323634643034653166333230
63383463343062643631313631663632396662623435356532626630613138626166376133636632
64616632633162306335616162333164633239653331653162323930386565353563333366373062
38663331356130353765316166333833623363326135356630663632393633616432396638636663
63396234316235383037303964356133363732633533363239373264333061356235626164313137
66343238393838336232373333356530303362343031333666636263356237613564663263383036
34646531383733666231326137633931303364633365643461633032333561373831316335326561
64346363636137373237383661346232353331323431613362306638366431323431303332313661
39656663383032623632303961646462323433363632316338626135326134666533633461643265
32303031323636366138396263363435336165653330373434343434303361386530373166303631
37623936373930363665353936613463613236316164346636393665623436386636333931336532
35633436366235666533363664376133373761373064393239366330343963373865386135373933
34306363656530333364636565353166646562376666643563626437353030343537313830376531
38633162366465306636386231313261363161653536356265343235653765383135343035376564
38326339626661323139663833333239393662663466623632383638313134653234343961353563
31303439363138333964303834363634623337633732633136303535346538383566356565303737
35336266353637646465353337656461356635613066666135373964343766653430343362633734
62343661396533623732666465623031356162306366636535643035313037336533386233316234
37346238363035363834373031353532666261323731613237343561626638386161633136653433
33623936663466653034376334663565386235396638323962303262313033386637376263363563
63303339623139393865626236393331383065333631346434333336666234306162393038303835
62356538616462646531363238306661623137363863353536636338353135363637373337363939
39323730356234313236333239376535363138303866343935633732323630626532386263376337
31653732653463326432663338653131653439363236316532303830323961393233656536373231
66336434306230373838643835646163633461643534343065333532323935613939626639666532
64336532353766323534376531306462313363316566383465373538636334323331653965653933
37633861373633396432316338303235373230663965353461316331396562653130346539643464
33626133656235336338326339626437383762663464313739623165626138633636633465306130
30623335323461313634376231373339383231366463353566373736633134343239653563626662
30323231313566323136653631333666366433303464346432613164613131626662383262636431
31623239303832366664653239303032636163333664316265356237356136613136313165303162
33613839373133313534386662356165636461653733343731626466303333643235616430343238
63393339326639383934326333356332396130373461666463376339333132346565646138333135
38623065343832646631373939303130643738646231626164356234666139633639363830333931
31353066346163653934313133306232376361343063633230626564313631656133316233323965
63663733326438393663303733326463656230393930663133373335326234646631366238303366
31393237303735366364303537303665383339373230653634353266316137386432343565373033
32393332663433666264323638626561316461316261623333613437356536333530383431636331
36323264323361633664663464353631663265383536616639663836656566343138623539623533
38303635656530323362313230653439373639383235623263616430336265383763653336336364
62333837616132336632623266616539663631306561316337303233623738343130663365623662
66363333646665633532636439386330663136313765353433663461363133303231373431636132
31326366646538666630333534613862306663666537313231353761643966373761643932623761
35646137303361303666363438373362643332373866633637633064633239373364313432313831
37373937363133323965656538333866346565646563616230623438366562353035336162313764
62366466666263393235323834663463363136353338323537323866376634356232323336626633
66383334373534613734343764313565303432353963396539356662363863316665346565326332
34336137326534323531323233373834356639346566386362613963623263393464663765323862
64333036623566306536616635666335316363323635326533343062616634333833666234653164
31383937656537383234396662366538613433323763353336653233656636323962613739313937
64343332616662393535613133316138373863336361333665663131666338316133383434366230
33383762313230626338646135633932613537363136336231633936366662633963323564336136
35643037383135323630346264353662383836326637353462666434383561303464363734646462
65646338653963353333633830636561353537326366636265343037663461643264333365323038
65396335616666396133393835346133326161666461306537343538373235396433666661633861
63316534393134613861323739666135643434333836336539366135393736643236343662303135
34623366643536643765333536373066643662636164613365633232636164383765653735326531
36666631623266323337643432383965393637373636306539663565383533366535643634613430
31343638313739646139396464323630356362356162623137313439383039376438633732376461
36363132333632336566666462646639653530343363616538366662346437336236626566333466
66653362323633393666363565653266356538623133666664626465613938666332333035613266
30633335396364663138626233666163613037616134333266363235306563333363336637363661
66666264323438393038393665623262643663623833376235306631653864343030363161313863
37333133333861623830653738356439336336376661636234386235356563613737636265613033
62333136613236333536663366313863333563636262666533326130623065636438656130323339
66333439303734353431323661353964623134366533616362383163303065386130333238313838
61646436636165616233663431356136383764616434396333646537656234356337636335373866
61396666666433346430343331646665313235336263326136356430643038313734326136653234
33316432323065313465626366656135613439636139623464313862373538626536313830626531
37373637636334623531386638626131376662616465633461366662333539336661343734366130
63316131306634323562363565373636356531363861306630646461356431613766353639323235
61393030626537346235616132623764363365663930373361656666373737356139353330393031
61656139343166623033383137653466383330356164633532623861626663373139363734383664
61393631326532373030323838316435643963396630623935383331336531373432313962663633
35666562396161623930393961613137306137656362333036313365303031636364663539326432
39643133353133373932656636663364646232306436346430356261343939376539363666343639
33656238626636613763353666653337323435366139343435643430643134623966343366383162
31623565326134646565313634353538643632343162626130303831306233393738343330636263
30336266373639353237306639356466356161636132633666336638323632313261346338663537
39356439656661396132663934616161663765393131323036363234376335303065376433393738
63326463303736353034306236336666356134363761393732636236626631666331666465653564
35376166643731633630373063623031626266656132613264326238633834303064353631323738
38353964333039623538336165636539393961633632303265346637306636653765646264336537
35316662386663643333333039373433353732363739656561383961346532346362343136393932
30333735336335333131663161393730633937393564366433396562663335616437373230613434
66666534373631346162383764666330613063336638323832346434373363356166656664373432
61313231316438623531363934386435613533326566376662623533643036373462636130303063
35396136306535656630663834646561333765633034333234353665613837663864636637376565
37323966376138333062336162363265663632653963333065356665613365326563643362316432
38646630323061356430646466353065323263373231336663336433336565303862336564316237
32393032363531386639333034636131653433386634363030373165383131343763616131343536
66396361633238326232643532633834636333343433626132396335656563343866626263313239
64323366366162353466656263383263313365383639643462386439666531396261336231643033
38653133646330343836303332303932386266313465663538646533313062356661363335333536
65353465326531643739336235373961613938353035663838316133633966343265336261623561
61636265333036653432336165646134333436363461386430353732653032366433316566643835
37393935326232323561346434376533356330383031643635383036623964336136333063386436
37666364363566646362353030363264613431383134383534343630306465306332326130333532
39343761336266323231386665373130633434386136316235616138303137623739336232336535
37336333666132633633666331396463323234356231373230326133333431666430633936356135
37616431626464376666636239393462643464316363303334633339303036316561333861303232
63613030656332303364383138376237636231356637343434643136323932626233363961343265
30373961376561626266343630623265623134636637373764373836336139356132663964626136
38626536396234393436326265333033313830653635396436393365653562343437366236346633
66373136326438346535343632373865303638383939613437343361626231326266333462336263
63386538316438353464633262623064643961653236343935616161363239663066303961646362
30666231346431663831306264366435396266333337376363643937643363613665613139633338
65613761613631376636653831323030353037633566663136303533366332346264646335366539
31626364333661666330343535626632623061346635383261306332396438653639363638383665
38326330383962343736393836366330643566663965626333646636653030613233313935653161
33633266666339653839616462363863313461343065366431656234663235643530366333616437
30613337326139613762656539313831393035323962316634643834666637373435333635613030
33386136346661626435383365393737643062383633393464323963636366363432303533356364
36383931383165646432616562376664383863366265363039303538303239353433613938343963
31306266646133346663353033633566396530653162393432396139643839396564353934373339
35366137646432306339336463636161613831636264343064623833353834353061326562313932
62343838333332666233336264336139623931636564653632396665623162653337316532333631
30303233653533623135323335633136333736363261306331336439383165626539663733356636
65633838656236663932316664393562303332393561383837303064366231393537396331623332
34353438373962613033316332313932313439623636613733373833363039316234623663313338
31633666613136336237396264333232303538613863326164636137653230383534643139373033
62313065313334383539643234376230353131626639306561623263663332376462353930363839
63636365373838313262343230653864396131306536613832323361623037376261633564663337
36373462623963396366613637343866316464633362666336366637376535343334616361393936
37396533356230313030333138353838323962306331663834326236353662303034623930653466
37656464663035313565346130663361366161386433343365386364366230636131623730383931
34653139646531313931623635653537323261373334396137656336323337626364326365313134
64343235623738343630613436353862373831386530623061666337346566363130653231366337
61346137326363363361643966646564303664666137323865383466613930363230353730373466
62303666643863663033336133653164373563373863323161323936376436333661613165623036
39356662323131656539653931643363356264623739363662626634376435336332373836343239
36383238623231343339646231303465343565383432653436663363616136323833616563633563
35616261376562626137613330323436393261313963626661326161643739346531323739663461
30626361383335386332336466333236386236646435623837646631356537623632633963393036
30666261653139376463313163386364373963323261663935366566366231353637303561336363
31343065323036396639636534303934363330646462396633383465633663376631366564383131
32343862356233383336656664363562363266353166386166616235633533366635663965343561
65343132343263313330613163383431623537353666396637316631373361656332313134393034
36333663353862353162373535643330356630323061613634363133316533383035643166633837
39616263663866353864303964323130323432636661356363303861626264613535326437316537
64313263386366666266646134663661626534636463626236373033613936656630343064323763
38353638353031396631366338656636376661333766343431383462396437303739363039363531
39353664353939353033656537643964383536303962306162386133326232613939383265353161
33323030333162393136633835303032363938633938643430343966323534376338383339393561
61366439306434316431343937383362633931616432386665353632636433383937356461383137
31346132663636366164346437656337656630343431333937633738623064643564643763343162
30373537636562623861326331343134303339663933333766353938303261366266653532633134
36376533356664653065633362383835353837383939616633376362623236313264366165346434
35653963653030653233316134393037383433613363373863626633313362636238393432316432
30323338346439363264646230346636646665303333363762633462333662336330336237623164
65396262623230373438353539663138616333383036353832323062313736616338393633323435
64303031333531363830363862343665313763396534653931653930353963623666613433306335
63656331616264666462633663333461646333353362313033636361373036623165383032306164
62313330356665303765363931346635643166316263386531313137323737383334343238363162
65336333353766636466666630326233613166626538646238393337663138383864373339313265
39326339333932346364663737623430363031393733323338396533316165643334626535626338
61376664363163316261633366663238356439373036633866623337326138393531386631643732
66353731623362663565303039623234373938346632663732353161613838373935303062666333
35623732386330303335633065383539326435313234396463653434396462616665376130633332
61303864343763383531623565383836366435373261616134623335343034343562363866663439
62353335306565346331353431333837373931333631636663613963653035383061383066623765
36376639373664303961613462383464393764313234663530383236333262306164653566303832
63356234333534393264613163303732613264333962613864353664636338656163633333613432
66313039653936643936633161366135346432623238356438316539343031333765643039646131
62326361386132646439633666336433393162383231653030393531666439303862333364623139
31633538343431333565626235626564626663663432326336643365656630626266306238666266
39393239613866383966386364353364386533306334373361363763393639663465373863353635
30383736646633313765613935363864306665376131633734326237656637353363316165373765
64353138646566376532323036306238616637643435386535653237356365386633303435313038
62313036326631303231626535373837613861623133623763333030616562356633636562383530
38386530626530323832623636313363343734393865363830613661343431323935313862356531
32623064663164356662613736643562663434306339373836343331663266366664646264373465
36656162316662663030663161373632346263326265393830633064346333646139656330663332
64333033393834336265373763353236666536353466643331376531383461636362373632646661
31663739396239383538303338336133663237336439326565316466383538306632663034613238
31333930613963323031383933333962663066306664313365386531643666666232343165346332
32616566323538663031653338623062353031343239303265313161626361646630346630306634
61636133343636303463663966373839393164653135363236366666343330363632643466653632
34333431663039376531663733653138336136663466363861313664383563303031323764613437
62656261643634336664323563316130343036623466386335396561383361306337333231666133
36326130643132633030626263633766616266643237613438373137653763653764366334386365
64643636326263366533623565383136326339636331386162626661666539626465343038626539
35623536623736303930313738623631306563373366616665303565386133613339343062623335
66613030333838306265383138653761643763323064663937653461616564646637666263613635
38396664636139333037633965643730646538633565343862363763323530616563643439616463
65363436656533663630643938633466386565363761373239386337323434386337636235346562
65613731396265363239653632386566633863663735366339646438666536633930323031376565
62323663663138373633666539306333323535376638346566326463343135663339643831383232
35356164323932633937373064316332616135343339613238373330666535313965336433346565
37343862346530656365363466626434343066663265303330646237316161343733353861633365
30383035306165353365623164363462353964663332316366356162373337613533323533663634
38303631316565343535633631663837623433643362656161316532383165363731653633616531
32653733343439386232663362653332373430633261333566653333383930316161353031613436
63373261333035313461356562366133613034363239363338636337313737326265663931353266
30656264386139363331623630303932393631333238393266326263323437386136613663326637
32373931353733313564343730653135633164353636663564343330623232313934356132643062
62636561346232313766633630636134626362646130303637353136336131333130356537623933
62363633336564313563643938376364336139623261373130656334336565343035343632633035
30373030386432626636316662393766383462666635653464393066303166393133343666666437
30646664343331653362663131306263383937626235346362656262633237303733366364373165
34356334353366626432343038326634323864323762373036393263613533376330366532393735
64323263303964376236343538306166616364663663643062316436373536653533633761363437
31333231326366653531356530333335626537613238396430353430643338333064313131373533
62643164613062353536376337663765636664343365376335666230663339623738623630316433
34393161303166373333613434396439363332383935363038633131356163383833366535373838
38363464323137343565663461383265326432336461326431313964386535303763653636353636
35616561393334353863303435643033623935613836346439663932323466363462393064663135
31623135653732383930666462613465366637333234343530616532643238643766623866396337
30656137666235353235623261653762333330663738633630636138353230383966353330613765
3837

3
coreos-config/playbook.yaml
View File

@ -106,9 +106,11 @@
- { role: compose_project, service: minio }
- { role: compose_project, service: registry }
- { role: compose_project, service: gitea }
- { role: compose_project, service: ba-gitlab-runner }
- { role: compose_project, service: wireguard }
- { role: compose_project, service: hedgedoc }
- { role: compose_project, service: miniflux }
- { role: compose_project, service: matrix }
- { role: compose_project, service: nextcloud }
- { role: compose_project, service: search }
- { role: compose_project, service: syncthing }
@ -118,5 +120,4 @@
- { role: compose_project, service: thelounge }
- { role: compose_project, service: tubearchivist }
- { role: compose_project, service: watchtower }
- { role: compose_project, service: matrix }
...

107
coreos-config/roles/compose_project/templates/matrix/docker-compose.yaml
View File

@ -5,6 +5,7 @@ services:
synapse:
image: matrixdotorg/synapse:latest
user: "1000:1000"
# Since synapse does not retry to connect to the database, restart upon
# failure
restart: unless-stopped
@ -17,16 +18,26 @@ services:
volumes:
- synapse_data:/data
- ./synapse-config:/config:ro,Z
- ./mautrix-telegram/registration.yaml:/data/reg-mautrix-tg.yaml:ro,Z
- ./mautrix-slack/registration.yaml:/data/reg-mautrix-slack.yaml:ro,Z
- ./shared_secret_authenticator.py:/usr/local/lib/python3.9/site-packages/shared_secret_authenticator.py:ro,Z
depends_on:
- db
- redis
networks:
- default
- gateway
- backend
labels:
# FIXME: /_synapse/admin is exposed.
- "traefik.enable=true"
- "traefik.http.routers.http-synapse.rule=Host(`synapse.{{ matrix.baseurl }}`)"
- "traefik.http.routers.http-synapse.entryPoints=websecure"
- "traefik.http.routers.http-synapse.service=matrix-synapse"
- "traefik.http.routers.matrix-synapse.rule=Host(`{{ matrix.baseurl }}`) && PathPrefix(`/_{path:(matrix|synapse/client)}/`)"
- "traefik.http.routers.matrix-synapse.entryPoints=websecure"
- "traefik.http.routers.matrix-synapse.service=matrix-synapse"
- "traefik.http.services.matrix-synapse.loadbalancer.server.port=8008"
db:
@ -37,10 +48,10 @@ services:
- POSTGRES_DB={{ matrix.db.database }}
- POSTGRES_PASSWORD={{ matrix.db.password }}
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
volumes:
- db_data:/var/lib/postgresql/data
networks:
- backend
volumes:
- db_data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready"]
interval: 10s
@ -61,12 +72,98 @@ services:
networks:
- gateway
element:
image: vectorim/element-web:latest
restart: unless-stopped
labels:
- "traefik.enable=true"
- "traefik.http.routers.matrix-element.rule=Host(`element.{{ matrix.baseurl }}`)"
- "traefik.http.routers.matrix-element.entryPoints=websecure"
- "traefik.http.services.matrix-element.loadbalancer.server.port=80"
volumes:
- ./element-config.json:/app/config.json:ro,Z
networks:
- gateway
- default
redis:
image: redis:6.2.1
image: redis:latest
restart: unless-stopped
networks:
- backend
### BRIDGES
mautrix-telegram:
image: dock.mau.dev/mautrix/telegram:latest
user: "1000:1000"
restart: unless-stopped
environment:
- "MAUTRIX_DIRECT_STARTUP=1"
volumes:
- bridge_tg_data:/data
- ./mautrix-telegram/config.yaml:/data/config.yaml:ro,Z
- ./mautrix-telegram/registration.yaml:/data/registration.yaml:ro,Z
networks:
- backend
- default # Needs to contact UFOs in the sky
depends_on:
- db-bridge-tg
- synapse
db-bridge-tg:
image: postgres:15
restart: always
environment:
- POSTGRES_USER={{ matrix.bridge.tg.dbuser }}
- POSTGRES_DB={{ matrix.bridge.tg.dbname }}
- POSTGRES_PASSWORD={{ matrix.bridge.tg.dbpass }}
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
networks:
- backend
volumes:
- bridge_tg_db:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready"]
interval: 10s
timeout: 5s
retries: 5
mautrix-slack:
image: dock.mau.dev/mautrix/slack:latest
environment:
- "UID=1000"
- "GID=1000"
restart: unless-stopped
volumes:
- bridge_slack_data:/data
- ./mautrix-slack/config.yaml:/data/config.yaml:ro,Z
- ./mautrix-slack/registration.yaml:/data/registration.yaml:ro,Z
networks:
- backend
- default # Needs to contact UFOs in the sky
depends_on:
- db-bridge-slack
- synapse
db-bridge-slack:
image: postgres:15
restart: always
environment:
- POSTGRES_USER={{ matrix.bridge.slack.dbuser }}
- POSTGRES_DB={{ matrix.bridge.slack.dbname }}
- POSTGRES_PASSWORD={{ matrix.bridge.slack.dbpass }}
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
networks:
- backend
volumes:
- bridge_slack_db:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready"]
interval: 10s
timeout: 5s
retries: 5
networks:
backend:
internal: true
@ -75,5 +172,9 @@ networks:
volumes:
synapse_data:
bridge_tg_data:
bridge_tg_db:
bridge_slack_data:
bridge_slack_db:
db_data:
...

74
coreos-config/roles/compose_project/templates/matrix/element-config.json Normal file
View File

@ -0,0 +1,74 @@
{
"default_server_config": {
"m.homeserver": {
"base_url": "https://synapse.{{ matrix.baseurl }}",
"server_name": "{{ matrix.baseurl }}"
},
"m.identity_server": {
"base_url": "https://vector.im"
}
},
"brand": "Element",
"integrations_ui_url": "https://scalar.vector.im/",
"integrations_rest_url": "https://scalar.vector.im/api",
"integrations_widgets_urls": [
"https://scalar.vector.im/_matrix/integrations/v1",
"https://scalar.vector.im/api",
"https://scalar-staging.vector.im/_matrix/integrations/v1",
"https://scalar-staging.vector.im/api",
"https://scalar-staging.riot.im/scalar/api"
],
"hosting_signup_link": "https://element.io/matrix-services?utm_source=element-web&utm_medium=web",
"bug_report_endpoint_url": "https://element.io/bugreports/submit",
"uisi_autorageshake_app": "element-auto-uisi",
"showLabsSettings": true,
"roomDirectory": {
"servers": [
"{{ matrix.baseurl }}",
"matrix.org",
"entropia.de"
]
},
"enable_presence_by_hs_url": {
"https://matrix.org": false,
"https://matrix-client.matrix.org": false
},
"terms_and_conditions_links": [
{
"url": "https://element.io/privacy",
"text": "Privacy Policy"
},
{
"url": "https://element.io/cookie-policy",
"text": "Cookie Policy"
}
],
"hostSignup": {
"brand": "Element Home",
"cookiePolicyUrl": "https://element.io/cookie-policy",
"domains": [
"matrix.org"
],
"privacyPolicyUrl": "https://element.io/privacy",
"termsOfServiceUrl": "https://element.io/terms-of-service",
"url": "https://ems.element.io/element-home/in-app-loader"
},
"sentry": {
"dsn": "https://029a0eb289f942508ae0fb17935bd8c5@sentry.matrix.org/6",
"environment": "develop"
},
"posthog": {
"projectApiKey": "phc_Jzsm6DTm6V2705zeU5dcNvQDlonOR68XvX2sh1sEOHO",
"apiHost": "https://posthog.element.io"
},
"privacy_policy_url": "https://element.io/cookie-policy",
"features": {
"feature_spotlight": true,
"feature_video_rooms": true
},
"element_call": {
"url": "https://element-call.netlify.app"
},
"map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"
}

231
coreos-config/roles/compose_project/templates/matrix/mautrix-slack/config.yaml Normal file
View File

@ -0,0 +1,231 @@
# Homeserver details.
homeserver:
# The address that this appservice can use to connect to the homeserver.
address: https://synapse.{{ matrix.baseurl }}
# The domain of the homeserver (for MXIDs, etc).
domain: {{ matrix.baseurl }}
# What software is the homeserver running?
# Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
software: standard
# The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's slack connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint: null
# Endpoint for reporting per-message status.
message_send_checkpoint_endpoint: null
# Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
async_media: false
# Application service host/registration related details.
# Changing these values requires regeneration of the registration.
appservice:
# The address that the homeserver can use to connect to this appservice.
address: http://mautrix-slack:29335
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
port: 29335
# Database config.
database:
# The database type. "sqlite3" and "postgres" are supported.
type: postgres
# The database URI.
# SQLite: File name is enough. https://github.com/mattn/go-sqlite3#connection-string
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
uri: postgres://{{ matrix.bridge.slack.dbuser }}:{{ matrix.bridge.slack.dbpass }}@db-bridge-slack/{{ matrix.bridge.slack.dbname }}?sslmode=disable
# Maximum number of connections. Mostly relevant for Postgres.
max_open_conns: 20
max_idle_conns: 2
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
# Parsed with https://pkg.go.dev/time#ParseDuration
max_conn_idle_time: null
max_conn_lifetime: null
# The unique ID of this appservice.
id: slack
# Appservice bot details.
bot:
# Username of the appservice bot.
username: slackbot
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
displayname: Slack bridge bot
avatar: mxc://maunium.net/pVtzLmChZejGxLqmXtQjFxem
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
ephemeral_events: true
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: "{{ matrix.bridge.slack.as_token }}"
hs_token: "{{ matrix.bridge.slack.hs_token }}"
# Bridge config
bridge:
{% raw %}
# Localpart template of MXIDs for Slack users.
# {{.}} is replaced with the internal ID of the Slack user.
username_template: slack_{{.}}
# Displayname template for Slack users.
# TODO: document variables
displayname_template: '{{.RealName}} (Slack)'
bot_displayname_template: '{{.Name}} (bot)'
channel_name_template: '#{{.Name}}'
{% endraw %}
portal_message_buffer: 128
# Should the bridge send a read receipt from the bridge bot when a message has been sent to Slack?
delivery_receipts: true
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
message_status_events: false
# Whether the bridge should send error notices via m.notice events when a message fails to bridge.
message_error_notices: true
# Should the bridge sync with double puppeting to receive EDUs that aren't normally sent to appservices.
sync_with_custom_puppets: false
# Should the bridge update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
# and is therefore prone to race conditions.
sync_direct_chat_list: false
# Servers to always allow double puppeting from
double_puppet_server_map:
{{ matrix.baseurl }}: https://{{ matrix.baseurl }}
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, double puppeting will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
login_shared_secret_map:
{{ matrix.baseurl }}: "{{ matrix.authenticator.shared_secret }}"
message_handling_timeout:
# Send an error message after this timeout, but keep waiting for the response until the deadline.
# This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay.
# If the message is older than this when it reaches the bridge, the message won't be handled at all.
error_after: 10s
# Drop messages after this timeout. They may still go through if the message got sent to the servers.
# This is counted from the time the bridge starts handling the message.
deadline: 60s
# The prefix for commands. Only required in non-management rooms.
command_prefix: '!slack'
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a Slack bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help, or `login-token` or `login-password` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
backfill:
# Allow backfilling at all? Requires MSC2716 support on homeserver.
enable: true
# If a backfilled chat is older than this number of hours, mark it as read even if it's unread on Slack.
# Set to -1 to let any chat be unread.
unread_hours_threshold: 720
# Number of messages to immediately backfill when creating a portal.
immediate_messages: 10
# Settings for incremental backfill of history.
incremental:
# Maximum number of messages to backfill per batch.
messages_per_batch: 100
# The number of seconds to wait after backfilling the batch of messages.
post_batch_delay: 20
# The maximum number of messages to backfill per portal, split by the chat type.
# If set to -1, all messages in the chat will eventually be backfilled.
max_messages:
# Channels
channel: -1
# Group direct messages
group_dm: -1
# 1:1 direct messages
dm: -1
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: true
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
default: true
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
appservice: false
# Require encryption, drop any unencrypted messages.
require: false
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: true
# What level of device verification should be required from users?
#
# Valid levels:
# unverified - Send keys to all device in the room.
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
# Note that creating user signatures from the bridge bot is not currently possible.
# verified - Require manual per-device verification
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
verification_levels:
# Minimum level for which the bridge should send keys to when bridging messages from WhatsApp to Matrix.
receive: unverified
# Minimum level that the bridge should accept for incoming Matrix messages.
send: unverified
# Minimum level that the bridge should require for accepting key requests.
share: cross-signed-tofu
# Options for Megolm room key rotation. These options allow you to
# configure the m.room.encryption event content. See:
# https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
# more information about that event.
rotation:
# Enable custom Megolm room key rotation settings. Note that these
# settings will only apply to rooms created after this option is
# set.
enable_custom: false
# The maximum number of milliseconds a session should be used
# before changing it. The Matrix spec recommends 604800000 (a week)
# as the default.
milliseconds: 604800000
# The maximum number of messages that should be sent with a given a
# session before changing it. The Matrix spec recommends 100 as the
# default.
messages: 100
# Settings for provisioning API
provisioning:
# Prefix for the provisioning API paths.
prefix: /_matrix/provision
# Shared secret for authentication. If set to "generate", a random secret will be generated,
# or if set to "disable", the provisioning API will be disabled.
shared_secret: disable
# Permissions for using the bridge.
# Permitted values:
# relay - Talk through the relaybot (if enabled), no access otherwise
# user - Access to use the bridge to chat with a Slack account.
# admin - User level and some additional administration tools
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions:
"*": relay
"{{ matrix.baseurl }}": user
"@tobi:{{ matrix.baseurl }}": admin
{% raw %}
logging:
directory: ./logs
file_name_format: '{{.Date}}-{{.Index}}.log'
file_date_format: "2006-01-02"
file_mode: 384
timestamp_format: Jan _2, 2006 15:04:05
print_level: debug
print_json: false
file_json: false
{% endraw %}

26
coreos-config/roles/compose_project/templates/matrix/mautrix-slack/registration.yaml Normal file
View File

@ -0,0 +1,26 @@
$ANSIBLE_VAULT;1.2;AES256;secrets
63643764313434366534636536373233613163353932353332353034386638623463323265356366
3033666637643563393537636263366338643736303663620a376138656235653238386131623864
33356331386265613436626337356436373439376434633135626339373931346166313834323938
3833636339306137360a383230386236333632613037363139356230663563333266353030616133
39343037343234386465646433613465646363343237346432373934623431336163303233323263
65356133373264323664663238306266336332353632643533373038653938623939353931613964
33383638653061313961363033343435316130666337393034356664653933626466623734643239
63663864316464343631313533653931376561303830366665333635613666346139623937373663
65393234326533623364626666353763396437386330386563333432306566316161626561363836
62613630623864323163616639396233393031373734373332383064626562623563363266383065
61613738323034313431333333656530346566333165363430333962373930363736396265636663
65646632356265633665633930343231636138366364653038336563333234326139333437643063
39653437303565343739306237653832616265323138643234313731343339353161333363366538
35373864666436306438303037363766373532633533666335303137346337633265613630653637
39356237663665333533363030653735333535653861353866363362343830366562383661666137
37623436336531363230356233656235666238663537616437353636353732643639386534616561
30656264316535636437653032343634643036363838626234303837393935393430323537643231
64363534313033396362326530663430373661613362346364356262386433663731313866363438
30653966343436656430326434646337386230333432383861333635326431346332663332313437
35636162323834616437383563353932333137653639616532363162663365393437386333613439
35343937333034303934623962653132323837643430303230383163393833316233636233643736
33666530653033613762313364653734633765326432613032386535333335633834633430356165
64396132386133326464376163326236373131316266343634306163313235616236383239366639
38373235643763616236356266663534356230643131653130323338393262616337346635633835
39386236643562653738383037376334303138623966316637386464386139613431

593
coreos-config/roles/compose_project/templates/matrix/mautrix-telegram/config.yaml Normal file
View File

@ -0,0 +1,593 @@
# Homeserver details
homeserver:
# The address that this appservice can use to connect to the homeserver.
address: https://synapse.{{ matrix.baseurl }}
# The domain of the homeserver (for MXIDs, etc).
domain: {{ matrix.baseurl }}
# Whether or not to verify the SSL certificate of the homeserver.
# Only applies if address starts with https://
verify_ssl: true
# What software is the homeserver running?
# Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
software: standard
# Number of retries for all HTTP requests if the homeserver isn't reachable.
http_retry_count: 4
# The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's Telegram connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint: null
# Endpoint for reporting per-message status.
message_send_checkpoint_endpoint: null
# Whether asynchronous uploads via MSC2246 should be enabled for media.
# Requires a media repo that supports MSC2246.
async_media: false
# Application service host/registration related details
# Changing these values requires regeneration of the registration.
appservice:
# The address that the homeserver can use to connect to this appservice.
address: http://mautrix-telegram:29317
# When using https:// the TLS certificate and key files for the address.
tls_cert: false
tls_key: false
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
port: 29317
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1
# The full URI to the database. SQLite and Postgres are supported.
# Format examples:
# SQLite: sqlite:///filename.db
# Postgres: postgres://username:password@hostname/dbname
database: postgres://{{ matrix.bridge.tg.dbuser }}:{{ matrix.bridge.tg.dbpass }}@db-bridge-tg/{{ matrix.bridge.tg.dbname }}
# Additional arguments for asyncpg.create_pool() or sqlite3.connect()
# https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
# https://docs.python.org/3/library/sqlite3.html#sqlite3.connect
# For sqlite, min_size is used as the connection thread pool size and max_size is ignored.
# Additionally, SQLite supports init_commands as an array of SQL queries to run on connect (e.g. to set PRAGMAs).
database_opts:
min_size: 1
max_size: 10
# Public part of web server for out-of-Matrix interaction with the bridge.
# Used for things like login if the user wants to make sure the 2FA password isn't stored in
# the HS database.
public:
# Whether or not the public-facing endpoints should be enabled.
enabled: false
# The prefix to use in the public-facing endpoints.
prefix: /public
# The base URL where the public-facing endpoints are available. The prefix is not added
# implicitly.
external: https://example.com/public
# Provisioning API part of the web server for automated portal creation and fetching information.
# Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
provisioning:
# Whether or not the provisioning API should be enabled.
enabled: false
# The prefix to use in the provisioning API endpoints.
prefix: /_matrix/provision
# The shared secret to authorize users of the API.
# Set to "generate" to generate and save a new token.
shared_secret: generate
# The unique ID of this appservice.
id: telegram
# Username of the appservice bot.
bot_username: telegrambot
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
bot_displayname: Telegram bridge bot
bot_avatar: mxc://maunium.net/tJCRmUyJDsgRNgqhOgoiHWbX
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
ephemeral_events: true
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: "{{ matrix.bridge.tg.as_token }}"
hs_token: "{{ matrix.bridge.tg.hs_token }}"
# Prometheus telemetry config. Requires prometheus-client to be installed.
metrics:
enabled: false
listen_port: 8000
# Manhole config.
manhole:
# Whether or not opening the manhole is allowed.
enabled: false
# The path for the unix socket.
path: /var/tmp/mautrix-telegram.manhole
# The list of UIDs who can be added to the whitelist.
# If empty, any UIDs can be specified in the open-manhole command.
whitelist:
- 0
# Bridge config
bridge:
# Localpart template of MXIDs for Telegram users.
# {userid} is replaced with the user ID of the Telegram user.
username_template: "telegram_{userid}"
# Localpart template of room aliases for Telegram portal rooms.
# {groupname} is replaced with the name part of the public channel/group invite link ( https://t.me/{} )
alias_template: "telegram_{groupname}"
# Displayname template for Telegram users.
# {displayname} is replaced with the display name of the Telegram user.
displayname_template: "{displayname} (Telegram)"
# Set the preferred order of user identifiers which to use in the Matrix puppet display name.
# In the (hopefully unlikely) scenario that none of the given keys are found, the numeric user
# ID is used.
#
# If the bridge is working properly, a phone number or an username should always be known, but
# the other one can very well be empty.
#
# Valid keys:
# "full name" (First and/or last name)
# "full name reversed" (Last and/or first name)
# "first name"
# "last name"
# "username"
# "phone number"
displayname_preference:
- full name
- username
- phone number
# Maximum length of displayname
displayname_max_length: 100
# Remove avatars from Telegram ghost users when removed on Telegram. This is disabled by default
# as there's no way to determine whether an avatar is removed or just hidden from some users. If
# you're on a single-user instance, this should be safe to enable.
allow_avatar_remove: false
# Maximum number of members to sync per portal when starting up. Other members will be
# synced when they send messages. The maximum is 10000, after which the Telegram server
# will not send any more members.
# -1 means no limit (which means it's limited to 10000 by the server)
max_initial_member_sync: 100
# Maximum number of participants in chats to bridge. Only applies when the portal is being created.
# If there are more members when trying to create a room, the room creation will be cancelled.
# -1 means no limit (which means all chats can be bridged)
max_member_count: -1
# Whether or not to sync the member list in channels.
# If no channel admins have logged into the bridge, the bridge won't be able to sync the member
# list regardless of this setting.
sync_channel_members: true
# Whether or not to skip deleted members when syncing members.
skip_deleted_members: true
# Whether or not to automatically synchronize contacts and chats of Matrix users logged into
# their Telegram account at startup.
startup_sync: true
# Number of most recently active dialogs to check when syncing chats.
# Set to 0 to remove limit.
sync_update_limit: 0
# Number of most recently active dialogs to create portals for when syncing chats.
# Set to 0 to remove limit.
sync_create_limit: 15
# Should all chats be scheduled to be created later?
# This is best used in combination with MSC2716 infinite backfill.
sync_deferred_create_all: false
# Whether or not to sync and create portals for direct chats at startup.
sync_direct_chats: true
# The maximum number of simultaneous Telegram deletions to handle.
# A large number of simultaneous redactions could put strain on your homeserver.
max_telegram_delete: 10
# Whether or not to automatically sync the Matrix room state (mostly unpuppeted displaynames)
# at startup and when creating a bridge.
sync_matrix_state: true
# Allow logging in within Matrix. If false, users can only log in using login-qr or the
# out-of-Matrix login website (see appservice.public config section)
allow_matrix_login: true
# Whether or not to make portals of publicly joinable channels/supergroups publicly joinable on Matrix.
public_portals: false
# Whether or not to use /sync to get presence, read receipts and typing notifications
# when double puppeting is enabled
sync_with_custom_puppets: false
# Whether or not to update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
# and is therefore prone to race conditions.
sync_direct_chat_list: false
# Servers to always allow double puppeting from
double_puppet_server_map:
{{ matrix.baseurl }}: https://{{ matrix.baseurl }}
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, custom puppets will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
# If using this for other servers than the bridge's server,
# you must also set the URL in the double_puppet_server_map.
login_shared_secret_map:
{{ matrix.baseurl }}: {{ matrix.authenticator.shared_secret }}
# Set to false to disable link previews in messages sent to Telegram.
telegram_link_preview: true
# Whether or not the !tg join command should do a HTTP request
# to resolve redirects in invite links.
invite_link_resolve: false
# Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552.
# This is currently not supported in most clients.
caption_in_message: false
# Maximum size of image in megabytes before sending to Telegram as a document.
image_as_file_size: 10
# Maximum number of pixels in an image before sending to Telegram as a document. Defaults to 4096x4096 = 16777216.
image_as_file_pixels: 16777216
# Enable experimental parallel file transfer, which makes uploads/downloads much faster by
# streaming from/to Matrix and using many connections for Telegram.
# Note that generating HQ thumbnails for videos is not possible with streamed transfers.
# This option uses internal Telethon implementation details and may break with minor updates.
parallel_file_transfer: false
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: false
# Should the bridge send all unicode reactions as custom emoji reactions to Telegram?
# By default, the bridge only uses custom emojis for unicode emojis that aren't allowed in reactions.
always_custom_emoji_reaction: true
# Settings for converting animated stickers.
animated_sticker:
# Format to which animated stickers should be converted.
# disable - No conversion, send as-is (gzipped lottie)
# png - converts to non-animated png (fastest),
# gif - converts to animated gif
# webm - converts to webm video, requires ffmpeg executable with vp9 codec and webm container support
# webp - converts to animated webp, requires ffmpeg executable with webp codec/container support
target: gif
# Should video stickers be converted to the specified format as well?
convert_from_webm: false
# Arguments for converter. All converters take width and height.
args:
width: 256
height: 256
fps: 25 # only for webm, webp and gif (2, 5, 10, 20 or 25 recommended)
# Settings for converting animated emoji.
# Same as animated_sticker, but webm is not supported as the target
# (because inline images can only contain images, not videos).
animated_emoji:
target: webp
args:
width: 64
height: 64
fps: 25
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: true
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
default: true
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
appservice: false
# Require encryption, drop any unencrypted messages.
require: false
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: true
# What level of device verification should be required from users?
#
# Valid levels:
# unverified - Send keys to all device in the room.
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
# Note that creating user signatures from the bridge bot is not currently possible.
# verified - Require manual per-device verification
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
verification_levels:
# Minimum level for which the bridge should send keys to when bridging messages from Telegram to Matrix.
receive: unverified
# Minimum level that the bridge should accept for incoming Matrix messages.
send: unverified
# Minimum level that the bridge should require for accepting key requests.
share: cross-signed-tofu
# Options for Megolm room key rotation. These options allow you to
# configure the m.room.encryption event content. See:
# https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
# more information about that event.
rotation:
# Enable custom Megolm room key rotation settings. Note that these
# settings will only apply to rooms created after this option is
# set.
enable_custom: false
# The maximum number of milliseconds a session should be used
# before changing it. The Matrix spec recommends 604800000 (a week)
# as the default.
milliseconds: 604800000
# The maximum number of messages that should be sent with a given a
# session before changing it. The Matrix spec recommends 100 as the
# default.
messages: 100
# Whether or not to explicitly set the avatar and room name for private
# chat portal rooms. This will be implicitly enabled if encryption.default is true.
private_chat_portal_meta: false
# Whether or not the bridge should send a read receipt from the bridge bot when a message has
# been sent to Telegram.
delivery_receipts: false
# Whether or not delivery errors should be reported as messages in the Matrix room.
delivery_error_reports: true
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
message_status_events: false
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it,
# except if the config file is not writable.
resend_bridge_info: false
# When using double puppeting, should muted chats be muted in Matrix?
mute_bridging: false
# When using double puppeting, should pinned chats be moved to a specific tag in Matrix?
# The favorites tag is `m.favourite`.
pinned_tag: "m.favorite"
# Same as above for archived chats, the low priority tag is `m.lowpriority`.
archive_tag: "m.lowpriority"
# Whether or not mute status and tags should only be bridged when the portal room is created.
tag_only_on_create: true
# Should leaving the room on Matrix make the user leave on Telegram?
bridge_matrix_leave: true
# Should the user be kicked out of all portals when logging out of the bridge?
kick_on_logout: true
# Should the "* user joined Telegram" notice always be marked as read automatically?
always_read_joined_telegram_notice: true
# Should the bridge auto-create a group chat on Telegram when a ghost is invited to a room?
# Requires the user to have sufficient power level and double puppeting enabled.
create_group_on_invite: true
# Settings for backfilling messages from Telegram.
backfill:
# Allow backfilling at all?
enable: true
# Use MSC2716 for backfilling?
#
# This requires a server with MSC2716 support, which is currently an experimental feature in Synapse.
# It can be enabled by setting experimental_features -> msc2716_enabled to true in homeserver.yaml.
msc2716: false
# Use double puppets for backfilling?
#
# If using MSC2716, the double puppets must be in the appservice's user ID namespace
# (because the bridge can't use the double puppet access token with batch sending).
#
# Even without MSC2716, bridging old messages with correct timestamps requires the double
# puppets to be in an appservice namespace, or the server to be modified to allow
# overriding timestamps anyway.
double_puppet_backfill: false
# Whether or not to enable backfilling in normal groups.
# Normal groups have numerous technical problems in Telegram, and backfilling normal groups
# will likely cause problems if there are multiple Matrix users in the group.
normal_groups: false
# If a backfilled chat is older than this number of hours, mark it as read even if it's unread on Telegram.
# Set to -1 to let any chat be unread.
unread_hours_threshold: 720
# Forward backfilling limits. These apply to both MSC2716 and legacy backfill.
#
# Using a negative initial limit is not recommended, as it would try to backfill everything in a single batch.
# MSC2716 and the incremental settings are meant for backfilling everything incrementally rather than at once.
forward:
# Number of messages to backfill immediately after creating a portal.
initial_limit: 10
# Number of messages to backfill when syncing chats.
sync_limit: 100
# Settings for incremental backfill of history. These only apply when using MSC2716.
incremental:
# Maximum number of messages to backfill per batch.
messages_per_batch: 100
# The number of seconds to wait after backfilling the batch of messages.
post_batch_delay: 20
# The maximum number of batches to backfill per portal, split by the chat type.
# If set to -1, all messages in the chat will eventually be backfilled.
max_batches:
# Direct chats
user: -1
# Normal groups. Note that the normal_groups option above must be enabled
# for these to be backfilled.
normal_group: -1
# Supergroups
supergroup: 10
# Broadcast channels
channel: -1
# Overrides for base power levels.
initial_power_level_overrides:
user: {}
group: {}
# Whether to bridge Telegram bot messages as m.notices or m.texts.
bot_messages_as_notices: true
bridge_notices:
# Whether or not Matrix bot messages (type m.notice) should be bridged.
default: false
# List of user IDs for whom the previous flag is flipped.
# e.g. if bridge_notices.default is false, notices from other users will not be bridged, but
# notices from users listed here will be bridged.
exceptions: []
# An array of possible values for the $distinguisher variable in message formats.
# Each user gets one of the values here, based on a hash of their user ID.
# If the array is empty, the $distinguisher variable will also be empty.
relay_user_distinguishers: ["\U0001F7E6", "\U0001F7E3", "\U0001F7E9", "⭕️", "\U0001F536", "⬛️", "\U0001F535", "\U0001F7E2"]
# The formats to use when sending messages to Telegram via the relay bot.
# Text msgtypes (m.text, m.notice and m.emote) support HTML, media msgtypes don't.
#
# Available variables:
# $sender_displayname - The display name of the sender (e.g. Example User)
# $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser)
# $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com)
# $distinguisher - A random string from the options in the relay_user_distinguishers array.
# $message - The message content
message_formats:
m.text: "$distinguisher <b>$sender_displayname</b>: $message"
m.notice: "$distinguisher <b>$sender_displayname</b>: $message"
m.emote: "* $distinguisher <b>$sender_displayname</b> $message"
m.file: "$distinguisher <b>$sender_displayname</b> sent a file: $message"
m.image: "$distinguisher <b>$sender_displayname</b> sent an image: $message"
m.audio: "$distinguisher <b>$sender_displayname</b> sent an audio file: $message"
m.video: "$distinguisher <b>$sender_displayname</b> sent a video: $message"
m.location: "$distinguisher <b>$sender_displayname</b> sent a location: $message"
# Telegram doesn't have built-in emotes, this field specifies how m.emote's from authenticated
# users are sent to telegram. All fields in message_formats are supported. Additionally, the
# Telegram user info is available in the following variables:
# $displayname - Telegram displayname
# $username - Telegram username (may not exist)
# $mention - Telegram @username or displayname mention (depending on which exists)
emote_format: "* $mention $formatted_body"
# The formats to use when sending state events to Telegram via the relay bot.
#
# Variables from `message_formats` that have the `sender_` prefix are available without the prefix.
# In name_change events, `$prev_displayname` is the previous displayname.
#
# Set format to an empty string to disable the messages for that event.
state_event_formats:
join: "$distinguisher <b>$displayname</b> joined the room."
leave: "$distinguisher <b>$displayname</b> left the room."
name_change: "$distinguisher <b>$prev_displayname</b> changed their name to $distinguisher <b>$displayname</b>"
# Filter rooms that can/can't be bridged. Can also be managed using the `filter` and
# `filter-mode` management commands.
#
# Filters do not affect direct chats.
# An empty blacklist will essentially disable the filter.
filter:
# Filter mode to use. Either "blacklist" or "whitelist".
# If the mode is "blacklist", the listed chats will never be bridged.
# If the mode is "whitelist", only the listed chats can be bridged.
mode: blacklist
# The list of group/channel IDs to filter.
list: []
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!tg"
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a Telegram bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `login` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# Send each message separately (for readability in some clients)
management_room_multiple_messages: false
# Permissions for using the bridge.
# Permitted values:
# relaybot - Only use the bridge via the relaybot, no access to commands.
# user - Relaybot level + access to commands to create bridges.
# puppeting - User level + logging in with a Telegram account.
# full - Full access to use the bridge, i.e. previous levels + Matrix login.
# admin - Full access to use the bridge and some extra administration commands.
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions:
"*": "relaybot"
"{{ matrix.baseurl }}": "full"
"@tobi:{{ matrix.baseurl }}": "admin"
# Options related to the message relay Telegram bot.
relaybot:
private_chat:
# List of users to invite to the portal when someone starts a private chat with the bot.
# If empty, private chats with the bot won't create a portal.
invite: []
# Whether or not to bridge state change messages in relaybot private chats.
state_changes: true
# When private_chat_invite is empty, this message is sent to users /starting the
# relaybot. Telegram's "markdown" is supported.
message: This is a Matrix bridge relaybot and does not support direct chats
# List of users to invite to all group chat portals created by the bridge.
group_chat_invite: []
# Whether or not the relaybot should not bridge events in unbridged group chats.
# If false, portals will be created when the relaybot receives messages, just like normal
# users. This behavior is usually not desirable, as it interferes with manually bridging
# the chat to another room.
ignore_unbridged_group_chat: true
# Whether or not to allow creating portals from Telegram.
authless_portals: true
# Whether or not to allow Telegram group admins to use the bot commands.
whitelist_group_admins: true
# Whether or not to ignore incoming events sent by the relay bot.
ignore_own_incoming_events: true
# List of usernames/user IDs who are also allowed to use the bot commands.
whitelist:
- myusername
- 12345678
# Telegram config
telegram:
# Get your own API keys at https://my.telegram.org/apps
api_id: {{ matrix.bridge.tg.api_id }}
api_hash: {{ matrix.bridge.tg.api_hash }}
# (Optional) Create your own bot at https://t.me/BotFather
bot_token: disabled
# Should the bridge request missed updates from Telegram when restarting?
catch_up: true
# Should incoming updates be handled sequentially to make sure order is preserved on Matrix?
sequential_updates: true
exit_on_update_error: false
# Telethon connection options.
connection:
# The timeout in seconds to be used when connecting.
timeout: 120
# How many times the reconnection should retry, either on the initial connection or when
# Telegram disconnects us. May be set to a negative or null value for infinite retries, but
# this is not recommended, since the program can get stuck in an infinite loop.
retries: 5
# The delay in seconds to sleep between automatic reconnections.
retry_delay: 1
# The threshold below which the library should automatically sleep on flood wait errors
# (inclusive). For instance, if a FloodWaitError for 17s occurs and flood_sleep_threshold
# is 20s, the library will sleep automatically. If the error was for 21s, it would raise
# the error instead. Values larger than a day (86400) will be changed to a day.
flood_sleep_threshold: 60
# How many times a request should be retried. Request are retried when Telegram is having
# internal issues, when there is a FloodWaitError less than flood_sleep_threshold, or when
# there's a migrate error. May take a negative or null value for infinite retries, but this
# is not recommended, since some requests can always trigger a call fail (such as searching
# for messages).
request_retries: 5
# Device info sent to Telegram.
device_info:
# "auto" = OS name+version.
device_model: mautrix-telegram
# "auto" = Telethon version.
system_version: auto
# "auto" = mautrix-telegram version.
app_version: auto
lang_code: en
system_lang_code: en
# Custom server to connect to.
server:
# Set to true to use these server settings. If false, will automatically
# use production server assigned by Telegram. Set to false in production.
enabled: false
# The DC ID to connect to.
dc: 2
# The IP to connect to.
ip: 149.154.167.40
# The port to connect to. 443 may not work, 80 is better and both are equally secure.
port: 80
# Telethon proxy configuration.
# You must install PySocks from pip for proxies to work.
proxy:
# Allowed types: disabled, socks4, socks5, http, mtproxy
type: disabled
# Proxy IP address and port.
address: 127.0.0.1
port: 1080
# Whether or not to perform DNS resolving remotely. Only for socks/http proxies.
rdns: true
# Proxy authentication (optional). Put MTProxy secret in password field.
username: ""
password: ""
# Python logging configuration.
#
# See section 16.7.2 of the Python documentation for more info:
# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
logging:
version: 1
formatters:
colored:
(): mautrix_telegram.util.ColorFormatter
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
normal:
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
handlers:
console:
class: logging.StreamHandler
formatter: colored
loggers:
mau:
level: DEBUG
telethon:
level: INFO
aiohttp:
level: INFO
root:
level: DEBUG
handlers: [console]

31
coreos-config/roles/compose_project/templates/matrix/mautrix-telegram/registration.yaml Normal file
View File

@ -0,0 +1,31 @@
$ANSIBLE_VAULT;1.2;AES256;secrets
31303639303562306630323132376333316332636534613834326662396237396634313233646364
6335353833616135373439633136356339333737363437660a316634366334376339656466646437
39323131363163393931356331306434613035626239356631303032646664303838386635613930
6232663031663765370a653936623761313937383233313739313166353335346465363265613762
35643335646637343534373966626632336363646231353732643831346563356464386133393166
32613134656431656561316335656463653462656166373433386633666338633132663032633461
66376265633233323662313930323737316166613262383434626264353462386236636139383835
33613830316361373434623435376162653930616631323764653539306235363530326165353037
32303432356630376363613839313831363537363735613833306163616130336631386337366234
33373633306161653163333635366637313266346634656633376237346566663461353962376239
34386237373565313362383532363931333337366336316363663734343333386663653466396139
36633735356561346531376337346635383666376635346361333162376339333839306632666562
63363761623136643031653030666437306361396232383738366533396561373932323563363566
38306333393662333634613139643930626664666139363039333735363538396339373634356365
66633637316432323762353964313237396338613834336532636164333564363839353061336636
63316163626334353231386463313535313866336431613234353533636533343662653933393132
37353065333431366662363530333863646131313737336538396332396238656239366531366337
63633563636531616664313930626266323266613466656636636361653731623666636333666164
39356535363939653232326633383837666262643834326137646363393935613132366663396364
30666266366163316563613665356535633766626335343762333765643837373034646633336432
64373366313962333563336535346436346536386633343366336535363236306338343832373763
36663663353533383939323234333535316162303033313833616533373237613335303662393032
66316163343938383330663133613333346535393264636264366533343938653730316163366363
66373866316264656361613935383334323133636164366630333264343931663461333138656131
31353631393336323166663765613461356437306234653263393030316564363431353566316531
35336665633133386134656361323063303531336263643764353666636364343537363136666632
66333033373766336230393131343434666536653061353032663264636565636361336138653931
34303233613637633165303431626361623132363530666238386336383463656136383965343563
63616131376239356163353464333864363164363666646435353038323565386536326639366565
3134646366666134646665366533396466366233343666613761

2
coreos-config/roles/compose_project/templates/matrix/nginx-well-known.conf
View File

@ -2,7 +2,7 @@ server {
listen 80;
server_name {{ matrix.baseurl }};
location /.well-known/matrix/client {
return 200 '{"m.homeserver": {"base_url": "https://{{ matrix.baseurl }}"} }';
return 200 '{"m.homeserver": {"base_url": "https://synapse.{{ matrix.baseurl }}"} }';
default_type application/json;
add_header Access-Control-Allow-Origin *;
}

123
coreos-config/roles/compose_project/templates/matrix/shared_secret_authenticator.py Normal file
View File

@ -0,0 +1,123 @@
# -*- coding: utf-8 -*-
#
# Shared Secret Authenticator module for Matrix Synapse
# Copyright (C) 2018 Slavi Pantaleev
#
# https://devture.com/
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
from typing import Awaitable, Callable, Optional, Tuple
import hashlib
import hmac
import logging
import synapse
from synapse import module_api
logger = logging.getLogger(__name__)
class SharedSecretAuthProvider:
def __init__(self, config: dict, api: module_api):
for k in ('shared_secret',):
if k not in config:
raise KeyError('Required `{0}` configuration key not found'.format(k))
m_login_password_support_enabled = bool(config['m_login_password_support_enabled']) if 'm_login_password_support_enabled' in config else False
com_devture_shared_secret_auth_support_enabled = bool(config['com_devture_shared_secret_auth_support_enabled']) if 'com_devture_shared_secret_auth_support_enabled' in config else True
self.api = api
self.shared_secret = config['shared_secret']
auth_checkers: Optional[Dict[Tuple[str, Tuple], CHECK_AUTH_CALLBACK]] = {}
if com_devture_shared_secret_auth_support_enabled:
auth_checkers[("com.devture.shared_secret_auth", ("token",))] = self.check_com_devture_shared_secret_auth
if m_login_password_support_enabled:
auth_checkers[("m.login.password", ("password",))] = self.check_m_login_password
enabled_login_types = [k[0] for k in auth_checkers]
if len(enabled_login_types) == 0:
raise RuntimeError('At least one login type must be enabled')
logger.info('Enabled login types: %s', enabled_login_types)
api.register_password_auth_provider_callbacks(
auth_checkers=auth_checkers,
)
async def check_com_devture_shared_secret_auth(
self,
username: str,
login_type: str,
login_dict: "synapse.module_api.JsonDict",
) -> Optional[
Tuple[
str,
Optional[Callable[["synapse.module_api.LoginResponse"], Awaitable[None]]],
]
]:
if login_type != "com.devture.shared_secret_auth":
return None
return await self._log_in_username_with_token("com.devture.shared_secret_auth", username, login_dict.get("token"))
async def check_m_login_password(
self,
username: str,
login_type: str,
login_dict: "synapse.module_api.JsonDict",
) -> Optional[
Tuple[
str,
Optional[Callable[["synapse.module_api.LoginResponse"], Awaitable[None]]],
]
]:
if login_type != "m.login.password":
return None
return await self._log_in_username_with_token("m.login.password", username, login_dict.get("password"))
async def _log_in_username_with_token(
self,
login_type: str,
username: str,
token: str,
) -> Optional[
Tuple[
str,
Optional[Callable[["synapse.module_api.LoginResponse"], Awaitable[None]]],
]
]:
logger.info('Authenticating user `%s` with login type `%s`', username, login_type)
full_user_id = self.api.get_qualified_user_id(username)
# The password (token) is supposed to be an HMAC of the full user id, keyed with the shared secret.
given_hmac = token.encode('utf-8')
h = hmac.new(self.shared_secret.encode('utf-8'), full_user_id.encode('utf-8'), hashlib.sha512)
computed_hmac = h.hexdigest().encode('utf-8')
if not hmac.compare_digest(computed_hmac, given_hmac):
logger.info('Bad hmac value for user: %s', full_user_id)
return None
user_info = await self.api.get_userinfo_by_id(full_user_id)
if user_info is None:
logger.info('Refusing to authenticate missing user: %s', full_user_id)
return None
logger.info('Authenticated user: %s', full_user_id)
return full_user_id, None

39
coreos-config/roles/compose_project/templates/matrix/synapse-config/homeserver.yaml
View File

@ -9,7 +9,7 @@
# For more information on how to configure Synapse, including a complete accounting of
# each option, go to docs/usage/configuration/config_documentation.md or
# https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html
server_name: "tobiasmanske.de"
server_name: "{{ matrix.baseurl }}"
pid_file: /data/homeserver.pid
listeners:
- port: 8008
@ -47,19 +47,52 @@ oidc_providers:
user_mapping_provider:
config:
{% raw %}
localpart_template: "{{ user.preferred_username }}"
localpart_template: "{{ user.mx_localpart }}"
display_name_template: "{{ user.name }}"
{% endraw %}
backchannel_logout_enabled: true # Optional
enable_registration: false
password_config:
enabled: false
enabled: true
redis:
enabled: true
host: redis
port: 6379
app_service_config_files:
- /data/reg-mautrix-tg.yaml
- /data/reg-mautrix-slack.yaml
rc_message:
per_second: 100
burst_count: 100
rc_joins:
local:
per_second: 100
burst_count: 100
modules:
- module: shared_secret_authenticator.SharedSecretAuthProvider
config:
shared_secret: "{{ matrix.authenticator.shared_secret }}"
# By default, only login requests of type `com.devture.shared_secret_auth` are supported.
# Below, we explicitly enable support for the old `m.login.password` login type,
# which was used in v1 of matrix-synapse-shared-secret-auth and still widely supported by external software.
# If you don't need such legacy support, consider setting this to `false` or omitting it entirely.
m_login_password_support_enabled: true
# By default, only login requests of type `com.devture.shared_secret_auth` are supported.
# Advertising support for such an authentication type causes a problem with Element, however.
# See: https://github.com/vector-im/element-web/issues/19605
#
# Uncomment the line below to disable `com.devture.shared_secret_auth` support.
# You will then need to:
# - have `m_login_password_support_enabled: true` to enable the `m.login.password` login type
# - authenticate using `m.login.password` requests, instead of ``com.devture.shared_secret_auth` requests
# com_devture_shared_secret_auth_support_enabled: false
# vim:ft=yaml

8
coreos-config/roles/compose_project/templates/matrix/synapse-config/tobiasmanske.de.log.config
View File

@ -2,9 +2,9 @@ version: 1
formatters:
precise:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
handlers:
@ -23,10 +23,10 @@ loggers:
root:
level: INFO
level: WARNING
handlers: [console]
disable_existing_loggers: false
disable_existing_loggers: false